Table 3.
Regression models display the effect of the health care breach type on individuals affecteda.
| Dependent variable=ln(Individuals affected) | Model 1 | Model 2 | Model 3 | |||
|
|
β | P value | β | P value | β | P value |
| Hacking or IT incident | Included | —b | Included | — | Included | — |
| Improper disposal | –1.162c | <.001 | –1.176c | <.001 | –1.176c | <.001 |
| Loss | –1.342c | <.001 | –1.339c | <.001 | –1.339c | <.001 |
| Other | –1.014c | <.001 | –1.085c | <.001 | –1.085c | <.001 |
| Theft | –1.168c | <.001 | –1.218c | <.001 | –1.218c | <.001 |
| Unauthorized access or disclosure | –1.336c | <.001 | –1.362c | <.001 | –1.362c | <.001 |
| Unknown | –1.249d | .02 | –1.291d | .02 | –1.291d | .02 |
| Business associate | Included | — | Included | — | Included | — |
| Health plan | — | — | –0.382c | <.001 | –0.382c | <.001 |
| Health care clearing house | — | — | –0.393 | .49 | –0.393 | .49 |
| Health care provider | — | — | –0.411c | <.001 | –0.411c | <.001 |
| Stagewise fixed effect | Included | — | Included | — | Included | — |
| StHIPAAe | — | — |
|
— | 1.271d | .03 |
| Constant | 9.144c | <.001 | 8.743c | <.001 | 8.743c | <.001 |
| Observations | 5158 | — | 5140 | — | 5140 | — |
| R 2 | 0.12 | — | 0.14 | — | 0.14 | — |
aBreach report is present in Multimedia Appendix 2.
bNot applicable.
cP<.001.
dP<.05.
eStHIPAA: stronger than Health Insurance Portability and Accountability Act.