breaching the security of an internet patient portal case study

by Mrs. Krystina Goldner 5 min read

Breaching the Security of the Kaiser Permanente Internet …

17 hours ago This case study describes and analyzes a breach of the confidentiality and integrity of personally identified health information (e.g. appointment details, answers to patients' questions, medical … >> Go To The Portal


What do you need to know about the Kaiser online breach?

A full understanding of the KP Online breach requires technical, individual, group, organizational, and cross-level analysis. Technical Level: The Architecture and Management of the Kaiser IT Infrastructure Two individuals made specific mistakes that led to the immediate breach of message security.

Do health information systems aggravate security breaches and accidents?

1 Complex, tightly-coupled computerized health information system architectures potentially aggravate security breaches or other mistakes with their capacity to transform errors into cascading system accidents.

What is the best way to understand the KP online breach?

A full understanding of the KP Online breach requires technical, individual, group, organizational, and cross-level analysis. Technical Level: The Architecture and Management of the Kaiser IT Infrastructure

Do health information systems increase the risk of cascading system accidents?

This case study offers cautionary lessons for health care administrators as well as areas for further research. 1 Complex, tightly-coupled computerized health information system architectures potentially aggravate security breaches or other mistakes with their capacity to transform errors into cascading system accidents.

image

Abstract

This case study describes and analyzes a breach of the confidentiality and integrity of personally identified health information (e.g. appointment details, answers to patients' questions, medical advice) for over 800 Kaiser Permanente (KP) members through KP Online, a web-enabled health care portal.

Case Description

Serving over eight million members in nine states and the District of Columbia, Kaiser Permanente (KP) functions as an integrated health delivery system. In 1995 the KP Northern California region funded an innovation project to create an Internet Patient Portal known as “Kaiser Permanente Online” (KP Online).

Methods

This case study follows the long tradition of ethnographic research that focuses on extended “trouble cases.” 1–8 Trouble cases have the virtue of exposing the taken-for-granted principles of everyday life normally obscured by the apparently unproblematic patterns that drive routine living.

Example

A full understanding of the KP Online breach requires technical, individual, group, organizational, and cross-level analysis.

Discussion: Lessons Learned from KP Online Breach

This case study offers cautionary lessons for health care administrators as well as areas for further research.

image