Case Analysis
Hackers Blackmail
Mahanta, Spandan Section B Statement of the Problem:
Implementation of EMR (Electronic Medical Records) to replace paper records in Sunnylake hospital was a visionary idea. However a major area in implementation of technology i.e. Network Security was overlooked by the organisation. Moreover there was limited or no risk assessment done leaving Sunnylake’s IT team ill equipped to handle a possible intrusion into their network. The result was that the organisation was forced into a situation where they were on the verge of getting into myriad of legal problems including lawsuits amounting to millions. But more than the monetary damages, human lives were at stake which made it even more important for the Sunnylake team to arrive at an early and effective solution to the problem in hand.
Analysis:
Paul Layman had come to Sunny lake Hospital with the vision to transform the small hospital from a Community Care Centre to a role model for all small hospitals. To turn his vision into reality Paul Layman, the CEO decided to use state of the art technology to replace paper records with Electronic Medical Records (EMR). Accordingly a plan was formulated leading to formation of an IT team in the organisation under the leadership of a young IT Director Jacob Dale. Both Paul and Jacob gave in their best to implement a system which was initially not widely accepted by majority of the Doctors in the hospital. However with time, as the efficiency of the EMR’s showed up the resistance became minimal. For good three years Paul was basking under the glory of his successful implementation of EMR’s but was naive enough to overlook the technology security advancement and did not keep its security up to date and updated.
Sunnylake Hospital was almost at a dead end mainly due to human and technological errors. The intrusion into their network was due to someone in the staff mistaking the threat to be an antivirus download or
Mahanta, Spandan Section B Statement of the Problem:
Implementation of EMR (Electronic Medical Records) to replace paper records in Sunnylake hospital was a visionary idea. However a major area in implementation of technology i.e. Network Security was overlooked by the organisation. Moreover there was limited or no risk assessment done leaving Sunnylake’s IT team ill equipped to handle a possible intrusion into their network. The result was that the organisation was forced into a situation where they were on the verge of getting into myriad of legal problems including lawsuits amounting to millions. But more than the monetary damages, human lives were at stake which made it even more important for the Sunnylake team to arrive at an early and effective solution to the problem in hand.
Analysis:
Paul Layman had come to Sunny lake Hospital with the vision to transform the small hospital from a Community Care Centre to a role model for all small hospitals. To turn his vision into reality Paul Layman, the CEO decided to use state of the art technology to replace paper records with Electronic Medical Records (EMR). Accordingly a plan was formulated leading to formation of an IT team in the organisation under the leadership of a young IT Director Jacob Dale. Both Paul and Jacob gave in their best to implement a system which was initially not widely accepted by majority of the Doctors in the hospital. However with time, as the efficiency of the EMR’s showed up the resistance became minimal. For good three years Paul was basking under the glory of his successful implementation of EMR’s but was naive enough to overlook the technology security advancement and did not keep its security up to date and updated.
Sunnylake Hospital was almost at a dead end mainly due to human and technological errors. The intrusion into their network was due to someone in the staff mistaking the threat to be an antivirus download or