Describe data security and privacy threats within a health care system. What are the most common causes of health information system breaches, and how can these be prevented?
Explain data security and privacy threats within a health care system.
Analyze the effect of risk assessments within an organization.
Security and Privacy threats within Health care system
The health record system requires adequate safeguarding to ensure that information is available when needed and that it is not disclosed, accessed, altered, or deleted while being stored or retrieved, or transmitted (Wang, 2013). Security measures need to be put in place to ensure that the safety of data is guaranteed. Health sectors are required to comply with privacy and security standards. Data breaches are the most widespread privacy risk that arises from the loss of control of data, either in electronic or paper form. Some of the major healthcare data breaches and threats to data privacy and security include theft of data, unauthorized access, inappropriate disposal of data, hacking IT incidences, loss of records and equipment containing sensitive information among others (Tentori, Favela, & Rodríguez, 2006).
Prevention of Health information breaches
Healthcare data breaches can be prevented by carrying out an annual security risk analysis to detect any form of vulnerability within the healthcare system. It is also important to create and implement a response plan to avoid escalations when a breach occurs. This will provide clear guidelines for the necessary decisions as well as follow-up measures. Limited access to healthcare records is also one way of preventing healthcare data breaches. Users should be identified and their activities tracked by ensuring that the right procedures for logging in and out are used. Other measures include updating software regularly, creating subnetworks, reviewing service-level agreements, and encrypting data (Rothstein, Talbott, 2007).
Effects of Risk Assessment in an organization
Risk assessment helps in the identification of hazards that could possibly have a negative impact on the ability of an organization to carry out its business activities. By carrying out a risk assessment, an organization will be able to recognize and control hazards within the workplace. Awareness among employees will be created and they will know how to go about in case a risk occurs (Wellington, 2013). The risk assessment will also ensure that the right management standards are put in place based on acceptable safe practices and legal requirements. Risk incidences will be reduced in the workplace leading to saving on the cost through proactive measures.
Wang, J. (2013). A Research on Security and Privacy Issues for Patient-Related Data in Medical Organization System. International Journal of Security and Its Applications, 2013. 7(4): p. 287-298.
Wellington, K., (2013). Cyberattacks on Medical Devices and Hospital Networks: Legal Gaps and Regulatory Solutions. Santa Clara High Tech. LJ, 2013. 30: p. 139
Tentori, M., Favela, J., & Rodríguez, M.D. (2006) Privacy-Aware Autonomous Agents for Pervasive Healthcare, IEEE Intelligent Systems, vol.21, no.6, pp 55 – 62
Rothstein, M.A., Talbott, M.K. (2007). Compelled Authorizations for Disclosure of Health Records: Magnitude and Implications, The American Journal of Bioethics, vol.7, no.3, pp 38-45