Security Breaches in Healthcare

Question: 1. Write a critical essay summarizing the two cases. Using what you have learned from this course, identify the principal threats in each of these cases and what could have been done to minimize these threats? 2. Critique the plan you have written, identifying its strengths, elements that were not covered in the text, and any additional omissions or weaknesses of the plan? Answer: 1. Security breaches are becoming a vital issue in healthcare system of the increasing population of the existing world. Peoples should be more aware about the medical related issues in healthcare industries, as the industries plagued by information security breaches (Biegelman, 2009). According to the survey, Anthem healthcare states that approximately 80 million customer and member of staff records are stolen or altered. These are a very vital threat to the healthcare system of the world. The healthcare system is a valuable target of the cyber criminals as because of the possessions of exploitable data of the medical record. The health insurance companies fetched 80 million records of the Americans; these records includes information about personal information, identification numbers, social security numbers ,address , job description an income details. These causes in criminals use the stolen information for financial achievement. The records are helpful in getting services at hos pitals; attain doctor, emergency rooms and pharmacies. This may lead to a negative impact on the healthcare system. The healthcare organisation has reported that 1100 security breaches happened, over 120 million patient records from 2009 onwards. The South Carolina Department of Health faced a great threat when an employee arrested for compiling of data on more than 228,000 people and sent it to his own email account (Hoyt, Yoshihashi Bailey, 2012). Howard University Hospital also faced such kind of problems. St. Joseph Health System, in California introduced 31,800 patients of a probable security breach at three of their organizations of the state. There are many more examples of the organisations facing the threat of Security breaches. The most recent attack on Beacon Health System, the cyber forensic team discovered a unauthorised access to the employee email account. The most affected by the breach are Memorial Hospital of South Bend or Elkhart General Hospitals (Klosek, 2011). In healthcare system, the use of health and related information is a important aspect. The exploit of health information technology in this process is a reason of health breaches in healthcare. However, the use of these new technologies is very helpful for the customer in different respects. To eliminate the risk to customer privacy , the Health Insurance Portability and Accountability Act (HIPAA) and the Health Information Technology for Economic and Clinical Health Act (HITECH) introduced national standards for the safety of the customer privacy. Office for Civil Rights (OCR) enforces the rules and established audit program to assess the pedals ('Major breaches and flaws hit gamblers, airline, bank and healthcare organisations', 2015). 2. In order to eliminate these kinds of issues related to the public healthcare system, the organisation should give priority to the security of the in formations of the patient. The security professional should be more active for impenetrable devices and software against the criminals. According to the report of 2014, Data Breach Investigation states that 46% of all breaches were, done via theft or loss, 15 % from insider abuse incident and 9% generated from the aspect of point-of-sale intrusion (Shoniregun, Dube Mtenzi, 2010). According to the question asked in the part of the project, how security system of a medium sized organisation should planned in order to avoid these kinds of issues. Therefore, through following ways a organisation should respond to avoid security breaches (Trinckes, 2013). The organisation should immediately contact IT professional, if there is any suspicion of attack on the data system. The organisation should be always in contact with the communication experts, IT security forensic teams and the breach support team. The organisation must have a department for the quick response for the threat before the specialist. The breach response team should be active and prepared for the worst scenarios. In order to eliminate the issue, the team should work closely with the IT professionals to disconnect the breach system from the database and servers. By doing this, the controller can restrict the criminal within the boundaries. The goal is limit the damage at the certain level for further data breaches in the organisation. The organisation should arrange training programmes to train the working staff in order to avoid information breaching in the organisation. This will help the organisation to do necessary step before the special came to work. The organisation must ensure that the effected parties should be, notified and parallel investigation system should be, implemented in order to meet the needs of the affected parties. References Biegelman, M. (2009).Identity theft handbook. Hoboken, N.J.: Wiley. Hoyt, R., Yoshihashi, A., Bailey, N. (2012).Health informatics. [Raleigh, N.C.]: Lulu.com. Klosek, J. (2011).Protecting your health privacy. Santa Barbara, Calif.: Praeger. Major breaches and flaws hit gamblers, airline, bank and healthcare organisations. (2015).Computer Fraud Security,2015(5), 1-3. doi:10.1016/s1361-3723(15)30031-2 Shoniregun, C., Dube, K., Mtenzi, F. (2010).Electronic healthcare information security. New York: Springer. Trinckes, J. (2013).The definitive guide to complying with the HIPAA/HITECH privacy and security rules. Boca Raton, Fla.: CRC Press.