E-Mail Security Breach? Why Did Research Paper

Total Length: 894 words ( 3 double-spaced pages)

Total Sources: 4

Page 1 of 3

The next thing is to immediately contact the FOIP Coordinator, Privacy Officer, Responsible Affiliate as well as any other person who is responsible for the organization's it security.

Evaluation of the Risks Associated with the Breach

There is a need to evaluate the risks associated with the privacy breach. This should be done with a consideration of personal as well as health information (Social Insurance Number, financial information or any other sensitive information) that are involved, the cause as well as extent of the privacy breach, the individuals who have been affected by the breach as well as the operations that have been affected by the breach.

Notification

In this stage, the team must decide whether or not to notify the people who have been affected by the privacy breach.

Prevention

At this stage, all the necessary steps are taken to prevent the system from any further privacy breaches. The cause of the breach is mended and the system is restored after thorough testing.

3. How likely do you think future security breaches would be if Kaiser Permanente did not take steps to resolve the underlying group and organizational issues? Why?

Future security breaches would be worse if the Permanente did not take steps to resolve the underlying group and organizational issues. This is because the same structures, processes (organizational culture) and techniques (compartmentalization) would yield the same or more serious security breaches.
4. What role should the administrative leadership of Kaiser Permanente take to ensure that KP Online is secure?.Apart from security and HIPAA training for all personnel, what steps should be taken to at the organizational level to improve the security of KP Online.

The administrative leadership of Kaiser Permanente should ensure that there are constant security checks of the KP Online system before they get deployed at the application level. The organizational culture should also encourage a centralized testing of all the system modules. Apart from security and HIPAA training for all personnel, the steps that taken to at the organizational level to improve the security of KP Online include relying on a single and uniform organizational structure that does not encourage compartmentalization.

References

Clifford, RA (2006). Employees Can be Liable for Violating Patient Confidentiality.Available online at http://www.cliffordlaw.com/news/attorneys-articles/archive/employees-can-be-liable-for-violating-patient-confidentiality

Office of the Information and Privacy Commissioner (2010). Key Steps in Responding to Privacy Breaches.Available online at http://www.oipc.ab.ca/Content_Files/Files/Publications/Key_Steps_in_Responding_to_a_Privacy_Breach.pdf

See Bagent v. Illini Community Hospital, and Misty Young, No. 4-05-0495 (4th District, decided March 3. 2006)......

Need Help Writing Your Essay?