Share
Explore BrainMass

HIPAA security breaches

To date, a total of 804 large breaches of protected health information (PHI) affecting over 29.2 million patients' records have been reported to the Department of Health and Human Services since 2009.
You are the Corporate Compliance Officer for your health organization and you have just been notified that an unknown party has "hacked" the main computer server and your organization's PHI has been breached by the theft of several facility laptop computers. Over 5,000 of the patients your organization serves are impacted. As a result, you have to explain to the Senior Leadership, the Board of Directors, the affected patients, and the public:

[a] what you plan to do about the breach? And [b] how you plan to prevent this breach from reoccurring?

1. Define breach of PHI by the federal government's standards including what federal laws dictate the health care organization's responsibility to protect electronic health information.
2. Explain to Leadership and the Board how this breach was allowed to occur. In other words, what went wrong and why?
3. Define what course of action should be taken to notify the Individual patients affected and the public of this breach that would incur the least amount of panic. Include any federally mandated course of action.
4. Develop an action plan [including safeguards] to prevent a PHI Breach from reoccurring at your health organization. Include both electronic and paper safeguards.

I need this to be at least 3-4 pages with 4 APA format references...please!

Attachments

Solution Preview

http://www.duanemorris.com/alerts/new_HIPAA_breach_notification_rule_may_prove_costly_for_HIPAA-covered_entities_4728.html
http://www.hipaasecurenow.com/index.php/blog/page/21/
http://www.hhs.gov/
http://www.dataprivacymonitor.com/enforcement/hhs-ocr-director-leon-rodriguezs-dialogue-on-hipaahitech-compliance/

1. Define breach of PHI by the federal government's standards including what federal laws dictate the health care organization's responsibility to protect electronic health information.

Breach of PHI as defined by the federal government standards that govern breaches are detailed in the Breach Notification Rule wherein healthcare organizations are mandated to provide notice to patients and others of a "breach," or disclosure of unsecured protected health information (PHI) if their organization is a covered HIPAA entity. A breach is represents protected health information within a healthcare organization that is rendered unusable, readable, or decipherable to unauthorized individuals. This breach can occur as a result of theft, internet piracy through the unsecured networks, and by malfeasance on behalf of employees.

The responsibility for healthcare organizations to protect electronic information begins with the Breach Notification Rule. In 2013, the federal government modified the definition of "breach" as well as the risk-assessment approach that healthcare organizations. To ensure that no breaches have occurred, the Security Rule requires healthcare organizations covered by HIPAA satisfy a number of general standards such as applying ...

Solution Summary

HIPAA security breaches are examined.

$2.19