Description Usage Format Details Source See Also Examples
Since October 2009 organizations in the U.S. that store data
on human health are required to report any incident that
compromises the confidentiality of 500 or more patients
/ human subjects (45 C.F.R. 164.408) These reports are publicly available. HHSCyberSecurityBreaches
was downloaded from the Office for Civil Rights of the U.S. Department of Health and Human Services, 2015-02-26
1 |
A dataframe containing 1151 observations of 9 variables:
A character
vector identifying the
organization involved in the breach.
A factor
giving the two-letter abbreviation of
the US state or territory where the breach occurred.
This has 52 levels for the 50 states plus the District
of Columbia (DC) and Puerto Rico (PR).
A factor
giving the organization type of the
covered entity with levels "Business Associate",
"Health Plan", "Healthcare Clearing House", and
"Healthcare Provider"
An integer
giving the number of humans whose
records were compromised in the breach. This is 500
or greater; U.S. law requires reports of breaches
involving 500 or more records but not of breaches
involving fewer.
Date when the breach was reported.
A factor
giving one of 29 different
combinations of 7 different breach types,
separated by ", ": "Hacking/IT Incident",
"Improper Disposal", "Loss", "Other", "Theft",
"Unauthorized Access/Disclosure", and "Unknown"
A factor
giving one of 47 different
combinations of 8 different location categories:
"Desktop Computer", "Electronic Medical Record",
"Email", "Laptop", "Network Server", "Other",
"Other Portable Electronic Device", "Paper/Films"
Logical
= (Covered.Entity.Type ==
"Business Associate")
A character vector giving a narrative description of the incident.
This contains the breach report data downloaded 2015-02-26 from the US Health and Human Services. This catalogues reports starting 2009-10-21. Earlier downloads included a few breaches prior to 2009 when the law was enacted (inconsistently reported), and a date for breach occurrence in addition to the date of the report.
The following corrections were made to the file: * UCLA Health System, breach date 11/4/2011, had cover entity added as "Healthcare Provider" * Wyoming Department of Health, breach date 3/2/2010 had breach type changed to "Unauthorized Access / Disclosure" * Computer Program and Systems, Inc. (CPSI), breach date 3/30/2010 had breach type changed to "Unauthorized Access / Disclosure" * Aetna, breach date 7/27/2010 had breach type changed to "Improper Disposal' (see explanation below), breach date 5/24/2010 name changed to City of Charlotte, NC (Health Plan) and state changed to NC * Mercer, breach date 7/30/2010 state changed to MI * Not applicable, breach date 11/2/2011 name changed to Northridge Hospital Medical Center and state changed to CA * na, breach date 4/4/2011 name changed to Brian J Daniels DDS, Paul R Daniels DDS and state changed to AZ * NA, breach date 5/27/2011 name changed to and Spartanburg Regional Healthcare System state changed to SC * NA, breach date 7/4/2011 name changed to Yanz Dental Corporation and state changed to CA
breaches
for an earlier download of these
data. The exact reporting requirements and even the number
and definitions of variables included in the
data.frame
have changed.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 | ##
## 1. mean(Individuals.Affected)
##
mean(HHSCyberSecurityBreaches$Individuals.Affected)
##
## 2. Basic Breach Types
##
tb <- as.character(HHSCyberSecurityBreaches$Type.of.Breach)
tb. <- strsplit(tb, ', ')
table(unlist(tb.))
# 8 levels, but two are the same apart from
# a trailing blank.
##
## 3. Location.of.Breached.Information
##
lb <- as.character(HHSCyberSecurityBreaches[[
'Location.of.Breached.Information']])
table(lb)
lb. <- strsplit(lb, ', ')
table(unlist(lb.))
# 8 levels
table(sapply(lb., length))
# 1 2 3 4 5 6 7 8
#1007 119 13 8 1 1 1 1
# all 8 levels together observed once
# There are 256 = 2^8 possible combinations
# of which 47 actually occur in these data.
|
Loading required package: Ecfun
Attaching package: 'Ecfun'
The following object is masked from 'package:base':
sign
Attaching package: 'Ecdat'
The following object is masked from 'package:datasets':
Orange
[1] 35778.58
Hacking/IT Incident Improper Disposal
94 51
Loss Other
111 111
Theft Unauthorized Access/Disclosure
633 240
Unauthorized Access/Disclosure Unknown
1 16
lb
Desktop Computer
108
Desktop Computer, Electronic Medical Record
2
Desktop Computer, Electronic Medical Record, Email, Laptop, Network Server, Other, Other Portable Electronic Device
1
Desktop Computer, Electronic Medical Record, Email, Laptop, Network Server, Other, Other Portable Electronic Device, Paper/Films
1
Desktop Computer, Electronic Medical Record, Email, Network Server, Paper/Films
1
Desktop Computer, Electronic Medical Record, Network Server
1
Desktop Computer, Email
1
Desktop Computer, Email, Laptop, Network Server
6
Desktop Computer, Email, Laptop, Network Server, Other, Other Portable Electronic Device
1
Desktop Computer, Laptop
10
Desktop Computer, Laptop, Network Server
1
Desktop Computer, Laptop, Other Portable Electronic Device
4
Desktop Computer, Laptop, Other, Other Portable Electronic Device
1
Desktop Computer, Network Server
8
Desktop Computer, Network Server, Other, Other Portable Electronic Device
1
Desktop Computer, Network Server, Paper/Films
1
Desktop Computer, Other
1
Desktop Computer, Other Portable Electronic Device
2
Desktop Computer, Other, Other Portable Electronic Device
1
Desktop Computer, Paper/Films
5
Electronic Medical Record
30
Electronic Medical Record, Laptop
2
Electronic Medical Record, Network Server
1
Electronic Medical Record, Other
4
Electronic Medical Record, Other, Other Portable Electronic Device
2
Electronic Medical Record, Paper/Films
4
Email
66
Email, Laptop
1
Email, Laptop, Network Server
1
Email, Laptop, Other Portable Electronic Device
1
Email, Network Server
4
Email, Other
2
Email, Other Portable Electronic Device
2
Laptop
222
Laptop, Network Server
2
Laptop, Other
1
Laptop, Other Portable Electronic Device
11
Laptop, Other Portable Electronic Device, Paper/Films
1
Laptop, Paper/Films
6
Network Server
127
Network Server, Other
1
Other
132
Other Portable Electronic Device
68
Other Portable Electronic Device, Paper/Films
1
Other, Other Portable Electronic Device
44
Other, Paper/Films
4
Paper/Films
254
Desktop Computer Electronic Medical Record
157 49
Email Laptop
88 273
Network Server Other
158 197
Other Portable Electronic Device Paper/Films
142 278
1 2 3 4 5 6 7 8
1007 119 13 8 1 1 1 1
Add the following code to your website.
For more information on customizing the embed code, read Embedding Snippets.