Login Signup
Verified Document

Health Care Informatics And System Breaches Research Paper

Related Topics:
Human Services Social Security Health System Data Breach
Open Document Cite Document

Information Technology Breaches at a Healthcare Company:

UCLA Health and Implications for the Future

As our organization knows all too well, healthcare data breaches are occurring with alarming frequency. But just as hackers have more and more tools at their disposal to cope with such breaches, we too as healthcare IT experts, managers, and providers have more tools to guard against them. Online records have significantly improved patient care through comprehensive, sharable records. In wrong or inexpert hands, sharing of data can harm rather than heal. The frequency of healthcare data breaches, magnitude of exposed records, and financial losses due to breached records are increasing rapidly (Seh, 2020, par.1) Understanding how and why they have occurred in the past is important to ensure that they do not occur at our institution in the future.

Summary Statement

A good example of a recent data breach which ultimately resulted in legal action is the 2015 breach which occurred at one of the major university health systems in the United States. UCLA Health Systems failure to undertake appropriate data encryption measures resulted in the exposure of user information including Social Security numbers, health plan identification numbers, and personal medical and other identifying information of millions of patients in the UCLA system (Adler, 2020). Patients were not made aware of this until months after the data breach, further compounding the scandal.

Background

The reasons for the Health Insurance Management Systems (HIMS) breach are familiar ones. Firstly, UCLA did not perform due diligence and encrypt its patient data (Firestone, 2020). Although this has been a factor in other major data breaches of retail organizations, such as Target, UCLA Healths was also a breach of the Health Insurance Portability and Accountability Act (HIPAA) (Firestone, 2020). Secondly, the organization was unwilling to admit failures. As always, the coverup is often worse than the crime. When evidence of how its carelessness was revealed, instead of being honest and transparent, UCLA Health waited months before revealing it was well aware the breach had occurred, thus magnifying the challenges of the victims taking steps they might wish to embark upon to secure their identities, such as credit monitoring (Adler, 2020). But this circle the wagons mentality itself may be one of the causes of the breach, or the simple fact that the organization is unwilling to be upfront with users about its weaknesses.

Thirdly, there is also evidence that healthcare institutions, such as UCLA and, of course, ours, are particularly...

The degree to which internal misuse rather than outside incursions are responsible for the majority of breaches in healthcare is relatively unique. And fourth, while the reasons insiders are mainly responsible vary, one reason may be a lack of technological familiarity with many healthcare workers, who may be better versed in technology specific to healthcare provision, versus data recording. In the case of UCLA, inadequate precautions taken by healthcare personnel in regards to IT may have been manifest because priority was given to healthcare system operations from a patient treatment perspective, rather than a data perspective.

Of course, another reason healthcare breaches are so significant are that such significant patient data is stored within its files. In the case of this particular breach, patient privacy and information security were significantly compromised. Social Security numbers, along with dates of birth, addresses, names, and Medicaid IDs can enable individuals identities and credit information to be impacted, and all were stolen in the breach (Adler, 2019). They can also be used to apply for loans such as mortgages and new credit cards. As well as obtaining money, Social Security and other forms of identifying information can be sold to individuals wishing to conceal their identity, such as persons who are in the country illegally or criminals.

In addition to the risk to victims financial data, victims were also forced to suffer the additional difficulty of having to cancel credit cards, monitor their credit, and even though they were offered free credit monitoring, this still is a significant time and psychological burden that cannot be easily relieved. As patients of a healthcare institution, they had invested the organization with a significant degree of trust. The idea of their privacy…

Continue Reading...
Sources used in this document:

Reference


Adler, St. (2019). UCLA settles class action data breach lawsuit for 7.5 million. HIPAA Journal. Retrieved from: https://www.hipaajournal.com/ucla-health-settles-class-action-data-breach-lawsuit-for-7-5-million/


Firestone, J. (2020). UCLA class action develops after data breach. Expert Institute. Retrieved from: https://www.expertinstitute.com/resources/insights/ucla-health-system-class-action-develops-after-data-breach/


Hossain, M. M., & Hong, Y. A. (2020). Trends and characteristics of protected health information breaches in the United States. AMIA ... Annual Symposium proceedings. AMIA Symposium, 2019, 1081–1090. Retrieved from: https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7153056/


Jiang, J. X., & Bai, G. (2019). Evaluation of causes of protected health information breaches. JAMA Internal Medicine, 179(2), 265–267. Retrieved from: https://www.ncbi.nlm.nih.gov/pmc/articles/PMC6439649/


Seh, A. H., Zarour, M., Alenezi, M., Sarkar, A. K., Agrawal, A., Kumar, R., & Khan, R. A. (2020). Healthcare data breaches: Insights and implications. Healthcare (Basel, Switzerland), 8(2), 133. Retrieved from: https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7349636/

Cite this Document:
Copy Bibliography Citation

Sign Up for Unlimited Study Help

Our semester plans gives you unlimited, unrestricted access to our entire library of resources —writing tools, guides, example essays, tutorials, class notes, and more.

Get Started Now