Health Data Breach Response Plan: A Managed Care Organization�s Comprehensive Plan

Health Data Breach Response Plan: A Managed Care Organization�s Comprehensive PlanHealth Data Breach Response Plan: A Managed Care Organization�s Comprehensive Plan Order Description s the Chief Privacy Officer (CPO) of a competitive managed care organization, you have been advised of a breach in" rel="nofollow">in the privacy, security and confidentiality of sensitive patient data that occurred at the hands of an employee who was a willin" rel="nofollow">ing participant in" rel="nofollow">in a large identify theft rin" rel="nofollow">ing. After a tip received from the FBI, a six (6) month in" rel="nofollow">investigation was conducted. The employee sold hundreds of health records over the span of three (3) years for an undisclosed amount of money. After immediate termin" rel="nofollow">ination and prosecution, the next step is to develop a comprehensive Health Data Breach Response Plan, a project assigned to you by the CEO. Deliverables: The fin" rel="nofollow">inal product to submit is a comprehensive plan that in" rel="nofollow">includes the followin" rel="nofollow">ing: Propose a data response plan that address the followin" rel="nofollow">ing: Step One: The organization�s response to the notification of a breach Step Two: Identify those responsible parties (by titles) to respond to the notification of breach and explain" rel="nofollow">in each of their roles in" rel="nofollow">in the process Step Three: Procedure(s) to confirm the occurrence of a breach & identify the in" rel="nofollow">involved scope/type of data in" rel="nofollow">involved Step Four: A three (3)-poin" rel="nofollow">int system measure, to impact of the data breach & the action(s) taken for each level of impact Step Five: Data breach response and corrective practices Step Six: Monitor/test effectiveness of response and corrective practices Step Seven: Notification (public and customer (specify whether all customers are notified or just those impacted) Proposed annual schedule of conducted risk analysis (frequency) to access the organization�s susceptibility of data security risks and identify the identified person(s) to conduct the scheduled risks analysis Create a risk analysis data security checklist to identify human, technical, environmental, and natural threats Required checklist categories: identified threat, contributin" rel="nofollow">ing factors, example of threat, the likelin" rel="nofollow">iness of occurrence and the potential impact to the organization (negative impacts) Determin" rel="nofollow">ine a system to determin" rel="nofollow">ine/rate the likelin" rel="nofollow">iness of occurrence and the potential impact to the managed care organization A list of specific resources in" rel="nofollow">in place to respond to a data breach Identification and the in" rel="nofollow">incorporation Health Insurance Portability and Accountability Act (HIPAA) security standards safeguards within" rel="nofollow">in the data response plan: Admin" rel="nofollow">inistrative Safeguards Physical Safeguards Technical Safeguards Create an agenda of topics to present in" rel="nofollow">in an organization-wide employee train" rel="nofollow">inin" rel="nofollow">ing on the topic �What is My Role in" rel="nofollow">in the Prevention of an Organization�s Breach of Data� 2. Do not create a sixteen page document. The template is only for learnin" rel="nofollow">ing. Keep it to 3 pages - sin" rel="nofollow">ingle spaced. 3. Follow the steps in" rel="nofollow">in the assignment in" rel="nofollow">instructions. Only provide a few sentences per section. Nothin" rel="nofollow">ing verbose. 4. Pick two sections and drill down on them to add substance. Be thoughtful about which sections to drill down on. Tell the reader why you are offerin" rel="nofollow">ing more substance in" rel="nofollow">in that particular area. Consider your audience and the situation. Pick and choose what is important to say. You may even say somethin" rel="nofollow">ing like "more in" rel="nofollow">information will be needed to contin" rel="nofollow">inue with this analysis such as ..." to close out a section. 5. Provide "examples" or "reference materials" by in" rel="nofollow">insertin" rel="nofollow">ing lin" rel="nofollow">inks in" rel="nofollow">in your document if that makes sense to you. 6. Insert lin" rel="nofollow">inks in" rel="nofollow">in your document as source material in" rel="nofollow">instead of havin" rel="nofollow">ing a list of references. 7. Fin" rel="nofollow">ind examples on the in" rel="nofollow">internet and paraphrase them - use them as a guide - in" rel="nofollow">insert a hyperlin" rel="nofollow">ink so that you are referencin" rel="nofollow">ing them properly and not takin" rel="nofollow">ing credit for the work. We are not rein" rel="nofollow">inventin" rel="nofollow">ing the wheel. All of this in" rel="nofollow">information lives on the in" rel="nofollow">internet somewhere. Or, in" rel="nofollow">in a guide of some sort. Have you taken advantage of resources that are offered by national associations such as ACHE and others?