This essay has been submitted by a student. This is not an example of the work written by professional essay writers.
Uncategorized

HIPPA Violation

Pssst… we can write an original essay just for you.

Any subject. Any type of essay. We’ll even meet a 3-hour deadline.

GET YOUR PRICE

writers online

HIPPA Violation

Health insurance portability and accountability act (HIPAA) isa legislative body that focuses on protecting patient privacy, securing electronic records, and promoting insurance portability. This includes monitoring data usage and disclosure. This follows the fact that medical information has rich information prone to be used in malpracticessuch as theft of medical identity, fake bills, and secondary usage of medical records for patients who are terminally ill. For this reason, HIPPA requires medical organizations to deploy data management as well as report any breach of data, failure to which an individual or an organization becomes subject to penalties since HIPAA believes that failure to report data breaches or secure information imply carelessness and negligence for data protection.

Case summary

A real-life and serious example of HIPAA violation is the joint case between Columbia University and New York and Presbyterian hospital in the year 2014. (NYP) As reported by the modern healthcare news (2020), it happened that unknowingly, patient records were exposed to public search engines following a scenario that involved improper configuration of central computer server owned by a physician employed by the university hospital. Further, it is said that data exposure resulted from lack of technical safeguards for the shared data network between Columbia university and NYP hospital. Essentially, the poorly configured network system exposed the electronic protected health information ePHI following deactivation of a personal computer. This is said to have exposed medical information of about 6800 patients, including lab results, vital signs, and personal biodata.

 

Organizational protection and penalty for violation

From the news article (2020) It is identified that NYP didn’t have processes for assessing and monitoring equipment, systems, and applications integrated with patient data. Further, it lacked procedures and appropriate policies for access authorization to patient data. This means that, to a larger extent, NYP had poor administrative processes that, as a result, led to the breach of patient data. According to a report, it is identified that most fines from HIPAA result from poor risk management plans, andimproper evaluation of vulnerability and threats to organizational data networks (HIPAA journal, 2020).  In fact, HIPPA interprets this as negligence. And therefore, poor administrative issuescharacterized by lack of data monitoring and access authorization imply how HIPPA violation occurred in the NYP and Columbia university case scenario. Critical observation of the news article (2020) shows that although the organization had submitted data breaches reported in 2010, it did not have solid reasons to protect itself from the violation..

Don't use plagiarised sources.Get your custom essay just from $11/page

Different sets of HIPAA violations are subject to different forms of penalty. Often, HIPAA penalizes based on the severity of the submitted claims. More often, it tends to focus on none punitive measures that support voluntary compliance (HIPAA journal, 2020). However, multiple non-compliance and serious violations are subject to financial fines. Hence, with the severity and nature of violation NYP and Columbia university joint case was subject to financial fines of $ 4.8 Million. Ideally, this fine fall under tier four of HIPAA rules suggesting willful neglect and zero attempts to rectify the violation.

 

 

Ways, the organizations, could have prevented HIPAA violation

As seen earlier, with the vulnerability that exists for medical records, HIPAA requires that organizations must pay sustained efforts to protect privacy and security of patient information by ensuring central data security management (“modern health news,” 2020). Hence, it is arguable that the joint facility would have avoided the violation by revising policies and procedures of network data management, performing regular risk analysis, and developing effective risk management plans (“Modern health news,” 2020). In this case, revising policies and procedures is a way to identify threats like authorization access to the server. Similarly, risk analysis help identify vulnerabilities and actions that may cause violation. Then, risk management plans are causal actions like encryption of ePHI. In this way, the joint share would have avoided the violation as well as protect existing data from future threats and vulnerabilities.

 

 

 

 

 

 

 

 

 

References

New York-Presbyterian, Columbia to pay largest HIPAA settlement: $4.8 million. (2020). Retrieved from https://www.modernhealthcare.com/article/20140507/NEWS/305079946/new-york-presbyterian-columbia-to-pay-largest-hipaa-settlement-4-8-million.

Journal, H. (2020) Penalties for HIPAA Violations. Retrieved from https://www.hipaajournal.com/what-are-the-penalties-for-hipaa-violations-7096/

 

  Remember! This is just a sample.

Save time and get your custom paper from our expert writers

 Get started in just 3 minutes
 Sit back relax and leave the writing to us
 Sources and citations are provided
 100% Plagiarism free
error: Content is protected !!
×
Hi, my name is Jenn 👋

In case you can’t find a sample example, our professional writers are ready to help you with writing your own paper. All you need to do is fill out a short form and submit an order

Check Out the Form
Need Help?
Dont be shy to ask