An Analysis Of The Relationship Between Recent Electronic Data Breaches And Enacted Data Security And Privacy Legislation In The United States

ASU Author/Contributor (non-ASU co-authors, if there are any, appear on document)
Christian M. Wilson (Creator)
Appalachian State University (ASU )
Web Site:
Dawn Medlin

Abstract: The widescale adoption of electronic records in businesses and organizations has been a boon to entities throughout the world by simplifying the process of collecting, retrieving, and analyzing data. As some of the most prevalent industries in the United States, the industries of healthcare, finance, government, and education in particular make frequent use of electronic data system to increase operational efficiency. The impacts of this digitalization of organizations are not all beneficial, however, as data breaches represent a major threat to information security. Incidents of cyberattacks targeting healthcare, financial, governmental, and educational data are well- documented, and it is clear that the danger remains. Indeed, state and federal agencies regularly enact laws and legislation seeking to combat the rise of data breaches. Research was conducted in order to compare the occurrences of data breaches with the enactment of state data security and privacy legislation. The methodology used to perform the research largely consisted of collecting press releases and news reports ranging from 2010 to 2019 that announced a data breach incident. All relevant records were then categorized by industry. Likewise, state bills from the same time period were consulted to analyze enacted legislation that pertain to electronic data privacy and security. The findings of this study indicate that the healthcare industry has been the largest target of data breaches of the past decade, followed by the financial, governmental, and educational industries, respectively. Interestingly, the number of cyberattack trends impacting healthcare and government is shown to have decreased over time while those affecting finance and education has no clear pattern. A comprehensive view of data breaches across the four industries, however, suggest an inverse relationship with the enactment of relevant legislation. Indeed, with some variation, as the number of passed legislation increased over the decade, the number of breaches decreased.

Additional Information

Honors Project
Wilson, C. (2020). An Analysis Of The Relationship Between Recent Electronic Data Breaches And Enacted Data Security And Privacy Legislation In The United States. Unpublished Honors Thesis. Appalachian State University, Boone, NC.
Language: English
Date: 2020
Cyberattack, data, data breach, education industry, finance industry, government industry, healthcare industry, legislation, personal information

Email this document to