Health Data Breach Response Plan

Verified

Added on 2019/09/13

AI Summary

The assignment requires creating a comprehensive Health Data Breach Response Plan for a managed care organization after discovering a data breach caused by an employee's intentional actions. The plan must include steps to respond to the notification, identify responsible parties, confirm the occurrence of the breach, and outline procedures for different levels of impact. Additionally, it should cover risk analysis, data security checklist, and HIPAA standards, as well as resources and training for employees.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Health Data Breach Response Plan: A Managed Care Organization’s Comprehensive Plan
Note: APA STYLE WRITING
As the Chief Privacy Officer (CPO) of a competitive managed care organization, you have been
advised of a breach in the privacy, security and confidentiality of sensitive patient data that
occurred at the hands of an employee who was a willing participant in a large identify theft ring.
After a tip received from the FBI, a six (6) month investigation was conducted. The employee
sold hundreds of health records over the span of three (3) years for an undisclosed amount of
money. After immediate termination and prosecution, the next step is to develop a
comprehensive Health Data Breach Response Plan, a project assigned to you by the CEO.
Deliverables: The final product to submit is a comprehensive plan that includes the following:
 Propose a data response plan that address the following:
o Step One: The organization’s response to the notification of a breach
o Step Two: Identify those responsible parties (by titles) to respond to the
notification of breach and explain each of their roles in the process
o Step Three: Procedure(s) to confirm the occurrence of a breach & identify the
involved scope/type of data involved
o Step Four: A three (3)-point system measure, to impact of the data breach & the
action(s) taken for each level of impact
o Step Five: Data breach response and corrective practices
o Step Six: Monitor/test effectiveness of response and corrective practices
o Step Seven: Notification (public and customer (specify whether all customers are
notified or just those impacted)
 Proposed annual schedule of conducted risk analysis (frequency) to access the
organization’s susceptibility of data security risks and identify the identified person(s) to
conduct the scheduled risks analysis
 Create a risk analysis data security checklist to identify human, technical, environmental,
and natural threats
o Required checklist categories: identified threat, contributing factors, example of
threat, the likeliness of occurrence and the potential impact to the organization
(negative impacts)
o Determine a system to determine/rate the likeliness of occurrence and the
potential impact to the managed care organization
 A list of specific resources in place to respond to a data breach
 Identification and the incorporation Health Insurance Portability and Accountability Act
(HIPAA) security standards safeguards within the data response plan:
o Administrative Safeguards
o Physical Safeguards
o Technical Safeguards
 Create an agenda of topics to present in an organization-wide employee training on the
topic “What is My Role in the Prevention of an Organization’s Breach of Data”

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

1 out of 2

+13062052269

info@desklib.com

Health Data Breach Response Plan

Contribute Materials

Secure Best Marks with AI Grader

Related Documents

Development of a Comprehensive Data Breach Prevention Plan for USA MCO

Detecting and Closing Gateways of Security Breaches

Notification Letter for an EHR Data Breach

Guidelines of HIPAA in Preserving Patients' Data Confidentiality and Privacy

RESEARCH | Developing a Secure Electronic Health

Cyber Security And Privacy Issues