This essay has been submitted by a student. This is not an example of the work written by professional essay writers.
Uncategorized

Case Analysis: BUILDING A BETTER MIS TRAP

Pssst… we can write an original essay just for you.

Any subject. Any type of essay. We’ll even meet a 3-hour deadline.

GET YOUR PRICE

writers online

Case Analysis: BUILDING A BETTER MIS TRAP

Recently, my Health services organization was involved in a confidentiality issue in that the names of 4000 HIV patients were leaked. This leak can only be explained by a breach in the management of the information system of the organization. Maintaining the privacy of our patient’s information has been paramount for us, the IT department if majorly responsible for ensuring the data is well protected (Surján, Engelbrecht, & McNair, 2002). The security concerns of data stem from the availability of information stored in electronic form; this is because it’s exposed to be accessed by a variety of people the security of the data is prone to be compromised. After an undercover investigation, there were security threats that were discovered to be some of the cause of the leak.

One of the major causes is the staff of the organization. The team have the easiest access to the patient’s data, while a majority of them can handle the information carefully; they are some who put the data at risk of being corrupted. In my health service organization I found out that some nurse were sharing their passwords to the hospital database with just anybody without determining their access has been approved. There are instances where others even leave the system open without logging out without thinking of who might get access to the information. With such tendencies, patient’s data can easily be breached and then it’s even hard to determine who did it due to the number of people accessing the system. This information can be seen and used by other people. People with malicious agendas can easily access the data of people and use it for the wrong reasons.

Don't use plagiarised sources.Get your custom essay just from $11/page

In this case, I will call for the creation of a set of policies and procedures which will be used in access and exchange of information in the facility (Surján, Engelbrecht, & McNair, 2002). Also, for all staff, especially the latest employees they should be trained on the measures and their responsibilities towards protecting the patient’s information. The access of unauthorized persons to the data should be protected to ensure the security of the information systems in the organization (Robichau, 2014). Access should be granted to few people.

CASE STUDY WRITE UP

My Health Services Organization in Florida has always had a good reputation when it comes to the quality of treatment of HIV in America. HSO has always been on the frontline for providing proper care for people in a caring and cost-effective manner. However, we were featured in almost all media outlets as someone got access to our information system and downloaded 4000 HIV patients’ names and sent them to the media. As the CEO of the organization all fingers were pointing back at me, especially the board of trustee. Therefore I had to take a step back and investigate the leading causes of this leak of information and how I would fix the situation or else I would lose my job. To accomplish this, I hired a computer security personnel to investigate the case on the ground.

Our major problem is the data breach that took place, where someone accessed our health system and used the data for malicious agendas. According to the research, the leading cause of the leak is the employees since they are weakest links in healthcare. Data breach in a healthcare facility could lead to severe and dangerous repercussions on the organization. Ensuring the privacy of the patient’s data and complying with regulations such as HIPPA, PSQIA and other is not only mandatory but also could cost the health organization hefty fines and fees for compromising the confidentiality of the patient’s information. This could also harm the reputation of the organization, having the reputation of breaching the information of the patients is not good as the confidentiality of the patient should be essential when attending to patients in any facility. When patients visit health centres, they need the assurance of privacy for them to be open about their problems. Having this reputation, no one would want to visit the facility which does not care about the confidentiality of their information.

As the CEO of the organization it’s my responsibility to determine the cause of the data breach and the ways which I can use to fix the situation at hand to protect the organization from further damage. Hiring a computer security consultant helped me determine the various causal of the breach in the management of the information system. It’s crucial that in this crisis, we identify the strengths and weakness of our organizations to know what areas we need to work on. One of the significant flaws we have the most employees have access to a lot of information, even the vital information of the patients. As we understand the more access, the more the data is prone to be breached.

To fix this situation, I will recommend the following changes within the facility. First, I would require that employees are regularly trained on data security; this will help mend the weakest link to information in the healthcare (Institute of Medicine, 2000). Still, on the staff, I will recommend that the access number to be limited especially access to vital information with this it will be easier to track the information sharing. On the issue regarding the passwords, it should be emphasized to the employees for them to create strong passwords and regularly change them to prevent someone else from accessing the information. Finally, policies should be designed to guide the organization towards information access, authorization and sharing. To evaluate the efficiency of the management of the information system, we will be regularly conducting tests on the system to ensure its working ideally. Also, I will ensure that a follow up on the employees is done to ensure that they are sharing information according to the set policies.

References

Institute of Medicine. (2000). Protecting Data Privacy in Health Services Research. Washington: National Academy of Sciences.

Robichau, B. P. (2014). Healthcare Information Privacy and Security: Regulatory Compliance and Data Security. New York: Apress.

Surján, G., Engelbrecht, R., & McNair, P. (2002). Health Data in the Information Society: Proceedings of MIE2002. Amsterdam: IOS Press.

 

 

 

 

 

  Remember! This is just a sample.

Save time and get your custom paper from our expert writers

 Get started in just 3 minutes
 Sit back relax and leave the writing to us
 Sources and citations are provided
 100% Plagiarism free
error: Content is protected !!
×
Hi, my name is Jenn 👋

In case you can’t find a sample example, our professional writers are ready to help you with writing your own paper. All you need to do is fill out a short form and submit an order

Check Out the Form
Need Help?
Dont be shy to ask