Hcs533 Breach Case Study

1620 Words7 Pages
Security Breach Case Study HCS/ 533 Nichole Sims October 7th, 2013 Lori Koepsel Security Breach Case Study Securing patient information, privacy, and security within a health care organization is essential to the daily operations. The administration at St. John’s Hospital takes pride in its sound policies and procedures for the protection of confidential client information. In fact, it serves as a model for other institutions in the area; however, printouts discarded in the restricted-access Information Systems department are not shredded. On numerous occasions, personnel working late have observed the cleaning staff reading discarded printouts that hold protected health information. St. John’s Hospital took immediate action towards the cleaning staff as well as the information systems administration team to ensure this type of breach, or others do not happen again in the future. To begin the process, first a plan needs to be created by the management team to determine the best course of action to mitigate future breaches. The issues that need to be addressed include the actions of the cleaning staff, role of employees and action needed by the Information Systems team. After a breach has been identified, the entire health records process is scrutinized to eliminate any future errors. A management team from the hospital is assembled to determine consensus based standards for the organization as well as the specific department. According to HIPAA watch (2002), many institutions find it beneficial to put people on work groups, have them consider possible risks after a breach, and then find ways to mitigate those risks. Often times there are good privacy policies in place at the hospitals, but they just aren't written down. Meeting in larger groups makes it easier to share best practices and determine a set course of action for the entire organization. This

More about Hcs533 Breach Case Study

Open Document