A New Perspective on the Swiss Cheese Model Applied to Understanding the Anatomy of Healthcare Data Breaches

Abstract

The healthcare industry has been lagging behind other industries in protecting its vital data. Over the past few years, researchers and practitioners have been trying to gain a better understanding of the anatomy of healthcare data breaches. In this chapter, the authors show how Reason's swiss cheese model (SCM) provides a powerful analytic model to explain the human, technical, and organizational factors of healthcare data breaches. They also show how the SCM brings forwards the latent conditions of healthcare data breach incidents that have often been overlooked in previous studies. Based on an extensive literature review and an analysis of reported breaches from credible sources, the authors provide an explanation of the cheese layers and the associated holes. Since the SCM endorses the “defenses in depth” approach, it can assist healthcare organizations and business associates in developing a comprehensive and systematic approach to prevent and mitigate data breach incidents.