October 3, 2011
Building a Better MIS-Trap
In this case study, I am acting as a CEO. The situation at hand involves the breach of information on patients who have been seen in our facilities that are HIV positive. My job is on the line unless I act expeditiously to resolve the situation. I hired a computer security consultant who is undercover as a nurse manager within the organization to determine how it was possible for the violations against HIPPA (Health Insurance Portability and Accountability Act) regulations concerning the 4,000 patients whose information was leaked to the public through newspapers, magazines, and the Internet. Her findings were problematic and involved unattended computers that were logged into by staff members, passwords shared and not kept confidential or changed often or easily seen and identified, fax machines and printers easily accessed by anyone, remote access to the system even from our homes, and easy access to sensitive patient files.
Two Major Issues The two major issues identified in this situation is the violation against HIPPA regulations which is a US law designed to provide privacy standards to protect patients ' medical records and other health information provided to health plans, doctors, hospitals and other health care providers. This was an act developed by the Department of Health and Human Services, in which new standards provide patients with access to their medical records and more control over how their personal health information is used and disclosed. The HIPAA Privacy Rule provides federal protections for personal health information held by covered entities and gives patients an array of rights with respect to that information. At the same time, the Privacy Rule is balanced so that it permits the disclosure of personal health information needed for patient care and other important purposes (HHS.gov 2011). The other issue involves an outdated
Cited: U.S Department of Health and Human Services. (n.d.). Retrieved September 29, 2011, from http://www.hhs.gov/ocr/privacy/hipaa/understanding/index.html