The financial sector has responding swiftly on breaches on their data and that of their customers. However, the healthcare sector is still developing ways of dealing with this menace (Etzioni, 2000). In recent years, cases of security breaches on protected electronic data in the healthcare industry have been increasing significantly. It is good to note that many cases of these breaches have been involving the employees working in these health facilities. Some of these breaches are very familiar to everybody, for example stealing of hospital equipment. However, the healthcare industry has been a causality of cybercrime activities like malware and hacking (Etzioni, 2000). These means that the healthcare records are more prone to manipulation or even being lost due these breaches. One of such cases is the Blue Shield of California PHI Data Breach (Hiller, 1982). This breach has been extensively discussed below. The threat which was posed by this threat will be discussed in detail. Other things like the fine accompanied by the breach, the impact of the breach to the shareholders, and how to prevent such an occurrence in future are also discussed.
Case presentation.
Details of this breach were presented to the attorney general’s office. According to the blue print shield of California, unauthorized insurance worker was able to accesses the PHI data on the patient’s information (Hiller, 1982). The breach took place in November 2018. However, the privacy office got the confirmation that the breach had occurred on 23rd march 2018. It came into their notice that one of their employees had emailed a certain insurance broker a document containing PHI which was against their laid down regulations (Etzioni, 2000). The PHI contained basic information of the patients. However, the said health insurer offered the affected individuals with free identity repair and credit monitoring services (Miller, 2009).
If HHS OCR was to pursue the fines, the outcomes would be dire to this organization. The California’s medical privacy laws are very clear. Such breaches attract a fine of up to $25,000 per patient or $250,000 per reportable incident (Hiller, 1982). The health facilities are required to notify their patients about this breach about five days after it has initially occurred, failure to which the health facility will be a attracting a fine of $100 after the expiry of the five day grace period. The health facility did not meet all the above which means it can face all the listed penalties if action was taken by the HHS OCR.
The impact of this breach was obvious. Information of than 21,000 customers was exposed to unauthorized persons (Hiller, 1982). The personal data of these customers could be used wrongly without their knowledge. Customers also lost trust on this organization. This means that the organization could face a hard time when trying to incorporate new customers into their organization.
Management and outcomes.
The organization has taken various measures to ensure such an incident does not occur again. The organization updates customer records regularly (Hiller, 1982). It also ensures that its systems are well protected from cyber-attacks. In case of a breach the organization also is required to notify its customers within five days after the breach. The incident is also to be reported to the relevant authorities on time. These measures are all aimed at ensuring that the information of their customers is well protected.
Conclusion.
As seen, the health industry is also a causality of breach of its data. Therefore, various health facilities should take precautions of preventing this problem. As seen, breech on patient’s data is accompanied by hefty fines from the relevant authorities (Miller, 2009). Therefore, health institutions should do what it takes to avoid such breach as the one discussed above. This will ensure that the customers data is well protected.
References
Etzioni, A. (2000). The New Enemy of Privacy.
Hiller, M. (1982). Patients Care Management Systems, Medical Record, and Privacy.
Miller, A. (2009). Privacy protection and Technology Diffusion: The Case of Electronic Medical Records.
Delivering a high-quality product at a reasonable price is not enough anymore.
That’s why we have developed 5 beneficial guarantees that will make your experience with our service enjoyable, easy, and safe.
You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.
Read moreEach paper is composed from scratch, according to your instructions. It is then checked by our plagiarism-detection software. There is no gap where plagiarism could squeeze in.
Read moreThanks to our free revisions, there is no way for you to be unsatisfied. We will work on your paper until you are completely happy with the result.
Read moreYour email is safe, as we store it according to international data protection rules. Your bank details are secure, as we use only reliable payment systems.
Read moreBy sending us your money, you buy the service we provide. Check out our terms and conditions if you prefer business talks to be laid out in official language.
Read more