Mitigating Data Breach Risks in Health Information Technology: Investigating and Proposing Strategies for a Recently Publicized Breach

ASSIGNMENT INSTRUCTIONS:

Assignment Content
Competency
Examine regulatory and ethical issues related to the use and management of health information technology.
Student Success Criteria
View the grading rubric for this deliverable by selecting the “This item is graded with a rubric” link, which is located in the Details & Information pane.
Scenario
The HIT Innovation Steering Committee within an organization is proactively looking at data breaches of other organizations to assist them with minimizing the risk to their data security and privacy. As an intern at this organization, you are to investigate and select a recently publicized data breach. Use information from the module readings, lectures, and your research. Create a Proposal for this Committee describing the identified data breach and strategies the organization can use to minimize security and privacy risks.
Instructions
Create a written Proposal that includes:

Description of the data breach, including outcomes for the affected organization (e.g., regulatory and financial)
Discussion of the security, privacy, confidentiality, and ethical issues resulting from this breach
A final proposal discussion that describes methods that can be implemented in an organization to minimize risk for a data and security breach
Reference page of resources utilized

HOW TO WORK ON THIS ASSIGNMENT (EXAMPLE ESSAY / DRAFT)

Introduction:
Data breaches are now more likely as a result of the growing reliance on health information technology (HIT). The HIT Innovation Steering Committee entrusted me with analyzing a recently reported data breach and recommending tactics the company might employ to reduce security and privacy issues while I was an intern there.

Data Breach Description:
The ransomware assault that occurred at Allscripts in January 2018 is the data breach under investigation. About 1,500 Allscripts clients, including medical facilities, hospitals, and healthcare organizations, were impacted by the incident. The attack severely disrupted Allscripts’ systems, forcing a temporary suspension of their apps and causing their client’s great inconvenience. Due to the breach, Allscripts suffered large financial losses from regulatory inquiries, lawsuits, and a loss of consumer confidence.

Issues with Security, Privacy, Confidentiality, and Ethics: The Allscripts data breach gave rise to serious security, privacy, confidentiality, and ethical problems. The incident served as a reminder of the value of data security and the necessity for enterprises to protect patient data with strong security measures. The hack also sparked worries about the safety of cloud-based systems and the necessity for healthcare organizations to routinely review their security procedures and policies. Concerns about the use of ransomware and the morality of paying hackers ransom were also brought up by the intrusion.

The firm should put the following measures in place to reduce the risk of data and security breaches:

Regular Security Assessments: To find vulnerabilities and make sure that their security practices and policies are current, the company should undertake regular security assessments.

Employee Training: To ensure that staff members are knowledgeable about security policies and procedures and can recognize potential security threats, the business should conduct regular employee training.

Multi-Factor Authentication: To make sure that only authorized personnel can access patient data, the company should implement multi-factor authentication.

Disaster Recovery Plan: In the case of a breach or system failure, the organization should have a disaster recovery plan in place to make sure that patient data can be recovered.

The company should use encryption to safeguard patient data and make sure that it cannot be accessed in the event of a breach.

The Allscripts data breach emphasizes the need for enterprises to have strong security policies and procedures in place to reduce the risk of data and security breaches. Regular security audits, employee training, multi-factor authentication, disaster recovery plans, and encryption are some of the suggested techniques that can assist the firm in reducing the risk of data breaches and safeguarding patient data. The company may create a strong security architecture that safeguards patient data and guarantees regulatory compliance by putting these tactics into practice.

Allscripts (2018) is cited. Allscripts offers an update in response to a ransomware incident. Retrieved from “Allscripts provides update following ransomware incident.pdf” at https://www.allscripts.com/-/media/assets/allscripts-dot-com-files.

(2018) HIPAA Journal. Attack with ransomware targets Allscripts. Retrieved from “Allscripts Hit by Ransomware Attack” at https://www.hipaajournal.com.

Health and Human Services Department of the United States, n.d. Privacy of Health Information. from https://www.hhs.gov/hipaa/index.html.

 

ORDER A SIMILAR PAPER NOW