Health Data Breach Response Plan: A Managed Care Organization’s

Added on - 13 Sep 2019

  • 2

    pages

  • 473

    words

  • 61

    views

  • 0

    downloads

Showing pages 1 to 1 of 2 pages
Health Data Breach Response Plan: A Managed Care Organization’s Comprehensive PlanNote: APA STYLE WRITINGAs the Chief Privacy Officer (CPO) of a competitive managed care organization, you have beenadvised of a breach in the privacy, security and confidentiality of sensitive patient data thatoccurred at the hands of an employee who was a willing participant in a large identify theft ring.After a tip received from the FBI, a six (6) month investigation was conducted. The employeesold hundreds of health records over the span of three (3) years for an undisclosed amount ofmoney.After immediate termination and prosecution, the next step is to develop acomprehensiveHealthData Breach Response Plan, a project assigned to you by the CEO.Deliverables:The final product to submit is a comprehensive plan that includes the following:Propose a data response plan that address the following:oStep One: The organization’s response to the notification of a breachoStep Two: Identify those responsible parties (by titles) to respond to thenotification of breach and explain each of their roles in the processoStep Three: Procedure(s) to confirm the occurrence of a breach & identify theinvolved scope/type of data involvedoStep Four: A three (3)-point system measure, to impact of the data breach & theaction(s) taken for each level of impactoStep Five: Data breach response and corrective practicesoStep Six: Monitor/test effectiveness of response and corrective practicesoStep Seven: Notification (public and customer (specify whether all customers arenotified or just those impacted)Proposed annual schedule of conducted risk analysis (frequency) to access theorganization’s susceptibility of data security risks and identify the identified person(s) toconduct the scheduled risks analysisCreate a risk analysis data security checklist to identify human, technical, environmental,and natural threatsoRequired checklist categories: identified threat, contributing factors, example ofthreat, the likeliness of occurrence and the potential impact to the organization(negative impacts)oDetermine a system to determine/rate the likeliness of occurrence and thepotential impact to the managed care organizationA list of specific resources in place to respond to a data breachIdentification and the incorporation Health Insurance Portability and Accountability Act(HIPAA) security standards safeguards within the data response plan:oAdministrative SafeguardsoPhysical SafeguardsoTechnical SafeguardsCreate an agenda of topics to present in an organization-wide employee training on thetopic “What is My Role in the Prevention of an Organization’s Breach of Data”
desklib-logo
You’re reading a preview
card-image

To View Complete Document

Become a Desklib Library Member.
Subscribe to our plans

Unlock This Document