ArticleManaging Security Risk Modeling the Root Causes of Data BreachesDolezel, Diane EdD; McLeod, Alexander PhD Author Information Author Affiliation: Health Information Management Department, College of Health Professions, Texas State University (Drs Dolezel and Mcleod), San Marcos. The authors have no funding or conflicts of interest to disclose. Correspondence: Diane Dolezel, EdD, Health Information Management Department, College of Health Professions, 601 University Dr, Texas State University, San Marcos, TX 78163 ([email protected]). The Health Care Manager: 10/12 2019 - Volume 38 - Issue 4 - p 322-330 doi: 10.1097/HCM.0000000000000282 Buy Metrics Abstract Health care data breaches are occurring at unprecedented rates, but breach causes are challenging to identify. The purpose of this exploratory study was to identify potential root causes associated with health care data breaches and to create a model of potential data breach factors to inform risk assessment and future predictive analysis. We considered organizational factors, business processes, and technological tools that may be associated with health care data breach occurrences. Using legal requirements, security industry frameworks, and health care standards, we developed a testable health care data breach model. This security model can inform managers who are working to conduct risk assessments, allocate resources, and minimize security risks. Copyright © 2019 Wolters Kluwer Health, Inc. All rights reserved.