Bridging the Gap Between Cybersecurity Governance and Regulatory Compliance: A Data-Driven Analysis of U.S. Healthcare Breaches

Abstract

Healthcare institutions frequently encounter serious cyberthreats, and data breaches persist despite regulatory frameworks such as the NIST Cybersecurity Framework and the Health Insurance Portability and Accountability Act (HIPAA). The issue highlights the discrepancy between the criteria for compliance and their implementation in the day-to-day operations of health institutions, making protected health information (PHI) susceptible. A qualitative examination of data breaches from January 2023 to August 2025 from the US Department of Health and Human Services' (HHS) Office for Civil Rights (OCR) Breach Portal is used in this study. The dataset was examined to determine the kind of breach, where it occurred, and how many people were impacted. With network servers as the most frequent point of exposure, the results demonstrate that hacking and IT incidents are both numerous and large enough to dominate healthcare breaches. As a result, the severity of the breach has grown over time, with a huge incident being held accountable for the most impacted individuals. According to the study's conclusion, proactive governance of the healthcare sector requires compliance with paperwork. Enhancing healthcare cybersecurity resilience can be measured using a suggested methodology that includes automation, ongoing monitoring, and employee training.