This website uses cookies to ensure you have the best experience. Learn more

Security Breach Action Plan Essay

1918 words - 8 pages

Security Breach Action Plan
Lisa Moran
University of Phoenix
February 2, 2015
Dr. Chong Daleiden

Security Breach Action Plan
Guarding patient’s confidentiality is most vital when working in any health care arena. There are individuals who are looking to take information which does not belong to them for their gain. When individuals are able to obtain this information for personal gain it is known as identity theft. This paper will look at the occurrence at St. John’s Hospital and discuss what should have been done with the patient documents, what actions, if any, should these personnel take toward the actions of the cleaning staff. Also this paper will discuss ...view middle of the document...

Theoretically the house keeping employee was reading trash which is considered public information. With that being said, the house keeping employee should be reminded that their job is to clean the offices and not to sit around reading items from the trash.
Actions taken by IS Administration
The IS administrative office needs to set up a meeting to discuss the incident that has happened it their department. The employees need to be reminded of their obligations to keep patient information secure and private. They should also be reminded that what they have done is a breach of the HIPAA laws and a breach of the patient’s confidential records. Each one of the people need to take a refresher course on the HIPAA laws and also remind them that this not happen again and if it does then there will be consequences to follow.

Detailed Management Plan
Over the years the administration at St. Johns Hospital has taken pride in keeping patient’s health information secure and private. This hospital will continue to do just that from here on out. There will be no more discarded printouts of any kind just thrown into the trash for anyone to read. The goal of this hospital will be to protect the patient’s information of those who have put their trust in us. This plan will take effect immediately and each employee will read and follow the plan, or management will be forced to take action on a disciplinary basis. What this organization is trying to accomplish is to keep our patient information private and secure. Every new employee hired at St. Johns Hospital will take training on the HIPAA laws along with their regular training for their position. All other existing employees will have training on the HIPAA laws every six months. This will help to keep the privacy laws fresh in their memory of how to keep patient records secure and private. This training will consist of completing computer based HIPAA training modules, and reading Patient Privacy: A Guide for Providers, HIPAA and You: Building a Culture of Compliance, and Examining Compliance with the HIPAA Privacy Rule. A test will follow to make sure that what each employee read, they understood what is expected from them with HIPAA compliance and the security of patient information (U.S. Department of Health and Human Services, 2014). All computer printouts or other papers that may contain patient information will not be thrown into the trash unless they have been shredded first. It is very important to this hospital that we take every opportunity to keep patient information private. All department heads will take responsibility for making sure that this is being done correctly, and if these rules are violated by anyone then a report of who, when, why, and how they violated the privacy rule will be turned into the department head and a meeting will be held with the one responsible for violating these rules of privacy. Weekly for the first month there will be a meeting with the department...

Other Papers Like Security Breach Action Plan

Cyber Security: Physical and Digital Security Measures

3505 words - 15 pages secure their digitized data and must have the ability to apply that knowledge within the constructs of their systems in order to ensure that a breach does not occur. In order to achieve good cyber security a mix of technical tools coupled with a superb training program and top level talent is necessary, but it is important to remember that no matter how good the system put in place, no system is ever 100% fully secure. Through an understanding of

PCI Compliance Essay

1436 words - 6 pages other costs associated with the discovery of this major breach of security such as hiring a security consulting agency in order to overhaul the internal network and align the company’s internal policies and practices to conform to PCI standards; civil lawsuits, and punitive damages. According to an article on, “The Arkansas Carpenters Pension Fund, one of the largest shareholders, filed suit” claimed that “TJX ‘wrongfully denied (them

Case Study 3

1028 words - 5 pages be confined from other outside entities. It is the duty of Flayton Electronics to ensure the client records are kept safe. An envisioned security breach might have been looked into to prevent the firm from losing their profits. Illegal use of any client information is considered an offense committed against them without their consent. To offset this problem, authentication of credit card transaction needs to be given to the bank during the

A Risk Analysis for Information Security and Infrastrucure Protection

1322 words - 6 pages be balanced in order to manage risk. Cost- effective security Cost-effective security identifies cost-effective actions to mitigate or reduce the risk of outlandish expense to the organization. These actions can include implementing new organizational policies and procedures as well as technical or physical controls. It is important to document the results and develop an action plan. Recommendation After identifying the threats involved in

Global Crime

2133 words - 9 pages doing to Fight Human Trafficking?. Retrieved from The Department of Homeland Security. (2015). Blue Campaign. Retrieved from United Nations News Centre. (2013). UN Member States appraise Global Action Plan to combat human trafficking. Retrieved from United

Ipad Security Breach

1876 words - 8 pages our consumers, they would be expecting something concrete from this email. The unease would be the assurance to them that we will not trouble them and concern them and will work day and night to close the breach and issue. Create an email script to be sent to AT&T customers informing them of the security breach and a plan to resolve the issue. Explain your rationale. Dear Valued Customers, We have always worked our best towards empowerment of

Data Breach Research Papaer

1475 words - 6 pages database, it becomes the business's responsibility to protect this information. With the amount of sensitive data being stored in databases, current cyber security measures and laws are not up to par. Infamous Data Breaches In 2015, there were 781 data breaches according to the Identity Theft Resource Center (ITRC). One of these infamous breaches being with Anthem, otherwise known as BlueCross BlueShield insurance company. In this breach

It Failure

848 words - 4 pages made an enormous error by neglecting the two alarms that could have saved them so much money and distress. Target has to implement new training or software to prevent this or at least have a plan if there is ever another breach anywhere near this size. If you look back at how much time has passed and we still continue to see security breaches from big retailers like Home Depot, Albertsons, and Neiman Marcus there should be some very serious

Data Security

1110 words - 5 pages year, the financial services corporation terminated one of their own for stealing account names and numbers from about 10% of their clients (Gara, 2015). Bank employees can breach data security through a number of methods and the company policy should take action to eliminate as many of these portals as possible (Hass, 2010). Some policies should include the inability to process family/friends’ transactions and disabling cell phone and personal

Cyber Crime

3407 words - 14 pages circumstance. A lot of authorities are actually tightening up regulations to make sure that firms will bear more responsibility, act more actively and directly to report data breach. With firms reporting any possible breach, governments can take action to enhance security, allow customers to minimise damages and encourages firms to adopt effective security practices. Government should announce special laws to prevent customers from being attacked by

Business Process

813 words - 4 pages putting their customers’ data at risk”( For instance, Target involved a third-party vendor to have network access. However, the vendor apparently compromised on security practices that led to the data breach. It was surprising that that Target failed to take an action in spite of being warned multiple times to isolate its

Related Essays

Breach Notification Rules Essay

2619 words - 11 pages disclosures of the information (Coburn, 2009). Definition of Breach Consistent with the definition of breach in HITECH Act, HHS defines breach as the acquisition, access, use, or disclosure of PHI in a manner not permitted by the HIPAA Privacy Rule which compromises the security or privacy of PHI. The use or disclosure of PHI poses a significant risk of financial, reputational, or other harm to the affected individual (OCR, 2009

The Importance Of Measuring Enterprise Impact

561 words - 3 pages have the keys needed to decrypt and understand it. Many companies are incorporating automatic encryption into applications. Networks establish firewalls that encrypt information when data is going to unsecured sites. Although security breaches may happen, keeping the information encrypted will protect many companies from losing valuable information to dishonest crooks. Establishing a preventative breach plan will prevent operational breakdown

Security Breach Essay

1672 words - 7 pages create and implement a supportable security answer method. Administration Plan The very first thing that needs to be complete when presents a security breach is to inform any and all losses that could have been involved by this breach. Losses of a security breach also are require to take steps and protections once they have learn that a breach has happened and can immediately disturb the them. These victims or losses have to initially

Ethical Framework Essay

1025 words - 5 pages . By collaborating about who is involved, what alternatives are available, and exploring strategies, the committee could use their expertise in formulating reasonable recommendations. Being approached by an ethics committee with recommendations for a plan of action could serve to make the school accept that the problem exists and invoke the need to take action. Many middle schools regard student sexual issues as non-school responsibilities