Band-aids and firewalls: A resource-based view of ransomware attack vulnerability in health care organizations

BACKGROUND: In the advance of the digital health technology, health care organizations (HCOs) are tasked with balancing technological advances with rising incidence of cyber threats. Despite the importance of robust Information Technology (IT) infrastructure, HCOs may be underinvesting in cybersecurity, prioritizing system integration and other operational needs. PURPOSES: This study examines the threat of health information breaches and ransomware attacks via resource-based view of the firm by examining the role of HCO resources in breaches. METHODOLOGY/APPROACH: A multivariate logistic regression analysis of a nationally representative sample of HCOs ( N = 2,262) was executed on data provided by the Office for Civil Rights (2019-2024) and the American Hospital Association (2019). RESULTS: The study finds mixed evidence that resource availability influences the likelihood of a breach and ransomware attack. HCO centralization and teaching status were more likely to report both breach and ransomware attack, whereas HCO size relates to a significant reduction. The study finds no support for the effectiveness of IT risk mitigation capacity. CONCLUSION: The findings show that the incidence of breaches and ransomware attacks relates to HCO resource availability. Although the study finds no evidence that IT risk-mitigation capacity (IT staffing and expenditures) reduced the likelihood of breach or ransomware, this may be driven by the infrequency of these events. PRACTICAL IMPLICATIONS: HCOs' understanding of their risk profile is limited, and there is a need for greater transparency in the incidence of ransomware attacks, in particular. There is a need for further examination of IT strategy and operations in an increasingly digital health care environment.