Privacy And Security Concerns Regarding Health Information Essay

Case 4.8 E-mail Goes AstrayPrimarily, the technician is the one responsible for the breach in confidentiality because he was the one who direct out the e-mails. Moreover, he did not seek instructions from Kaiser Permanente regarding the backlogged e-mails. Kaiser Permanente hired the technician to upgrade their system. Therefore, tasks other than doing upgrades should be consulted to the company. The technician should fox asked whether the accumulated e-mails in the system should be displace out, and he should hold asked what to do with them. However, Kaiser Permanente is partly responsible for the breach, because first and foremost, since they hold millions of private information, they should have made sure that that information would not be compromised. They should have made their system secure and only accessible to Kaiser Permanente personnel.Yes, situations like this discourage subscribers in using the system of Kaiser Permanente. However, the services that Kaiser Permanent e offer is of great value and subscribers give not easily discontinue their subscription. But Kaiser Permanente has to turn back their subscribers that this will not happen in the future by informing them what caused the breach and reassuring them that upgrades be being done to improve the security of the system and the privacy of their information. The most important thing to do here is to be honest and at the uniform time make great efforts to secure the system of the company.Case 4.17 Patients Files Used for Obscene CallsDefinitely, scope checks should be conducted before hiring new employees because this would ensure the safety of the clients, especially in the health care industry. Employers should be granted access to criminal records for them to be able to identify the extent of the crime that ex-convicts have committed. Cases such as child rape and indecent assault is a serious crime that should not be disregarded when hiring employees, especially when the job require s relations with other people, children, etc. such as in the health care institution.Former employees who are given access to system information that are confidential, such as passwords, etc. should be screened out from the system. In other words, once an employee is not connected with the institution anymore, his access to the system should be deleted or reset. In this case, the system of the health care institution is at fault because it failed to keep the information confidential and secure.In this case, the hospital is accountable for the actions of the technician. Primarily because they hired an employee without doing background checks, they do not monitor the system, wherein they could have detected that calls were being made and the information of the clients were being accessed, and the system is not 100 % secure.Case 4.44 University Tightens Computer pledgeBecause of the wide range of subscribers in university medical centers information systems, it becomes vulnerable to hackers. In this case, they hacked into the system and used it to send hundreds of advertisements in their e-mails. The hackers wanted to tar force the significant tote up of subscribers in the system. However, the information within the system is not precisely the target of the breach.It is not entirely the medical centers fault. This is because hackers do what they do. They find shipway to get into the system even if security measures were set-up to avoid breaching the security of an information system. Therefore, even if the system is secure, hackers will really find a way to get into the system. The medical centers fault was that they were not able to detect that the system was being hacked. They should have upgrades in the system, which will be used in monitoring the system and alarming when hackers breach the system.