Login Signup
Verified Document

Crisis Management The E Mail Security Breach By The KP Online Pharmacy Case Study

Related Topics:
Management Hipaa Security Kaiser Permanente
Open Document Cite Document

How serious was this e-mail security breach? Why did the Kaiser Permanente leadership react so quickly to mitigate the possible damage done by the breach?

The e-mail security breach by the KP online Pharmacy was grave because it violated various HIPPA and State laws that protect patients from health information disclosure without prior consent. Moreover, such a breach of confidential and private information could cause harm and affect the patients' dignity. For instance, disclosing a patient's health data could result in embarrassment, stigma, or discrimination (Drolet et al., 2017). Protection of patients' information usually promotes quality care by enhancing effective communication and information sharing between physicians and patients. Furthermore, according to HIPPA security rule, Kaiser Permanente's mandate is to adopt applicable procedures and policies that ensure that patients' information is contained, protected from any form of a security breach. Also, that such policies and procedures can detect and correct any attempt to patient information security breach before it happens. Therefore, Kaiser Permanente leadership had to immediately contain and correct the e-mail security breach because it could cancel their trading license and legal action against the Pharmacy (Cohen et al., 2018).

Assume...

After the initial apologies, what recommendations would you make for investigating the root cause(s) of the breach? Outline your suggested investigative steps.

In evaluating and determining the exact root cause of such a security breach, Kaiser Permanente, the first step would be to determine when and where the clear violation occurred...

…any access or attempt to access the electronic patient health information database. In addition, the administrative leadership of Kaiser Permanente should implement and conduct training on security awareness for all the members of the workforce. Such training programs opt to encompass how addresses can be protected from malicious software and management of password and monitoring log-ins. Furthermore, the organization should implement a contingency plan to ensure proper testing and revision procedures whenever a new code or program is used to manage patient health information. Adoption of such testing plans will ensure that security breach is not permitted. Lastly, the administrative leadership of Kaiser Permanente should execute periodic nontechnical and technical evaluations to respond to any security threats or system changes that may compromise the security of electronic patient health information (Drolet…

Continue Reading...
Sources used in this document:

References


Cohen, I. G., & Mello, M. M. (2018). HIPAA and protecting health information in the 21st century. Jama, 320(3), 231-232.


Drolet, B. C., Marwaha, J. S., Hyatt, B., Blazar, P. E., & Lifchez, S. D. (2017). Electronic communication of protected health information: privacy, security, and HIPAA compliance. The Journal of hand surgery, 42(6), 411-416.


Cite this Document:
Copy Bibliography Citation

Sign Up for Unlimited Study Help

Our semester plans gives you unlimited, unrestricted access to our entire library of resources —writing tools, guides, example essays, tutorials, class notes, and more.

Get Started Now