breacing the security of an internet patient portal case study

by Roma O'Kon 5 min read

Breaching the Security of the Kaiser Permanente Internet …

34 hours ago This case study describes and analyzes a breach of the confidentiality and integrity of personally identified health information (e.g. appointment details, answers to patients' questions, medical … >> Go To The Portal


What do you need to know about the Kaiser online breach?

A full understanding of the KP Online breach requires technical, individual, group, organizational, and cross-level analysis. Technical Level: The Architecture and Management of the Kaiser IT Infrastructure Two individuals made specific mistakes that led to the immediate breach of message security.

Do health information systems increase the risk of cascading system accidents?

This case study offers cautionary lessons for health care administrators as well as areas for further research. 1 Complex, tightly-coupled computerized health information system architectures potentially aggravate security breaches or other mistakes with their capacity to transform errors into cascading system accidents.

Do health information systems aggravate security breaches and accidents?

1 Complex, tightly-coupled computerized health information system architectures potentially aggravate security breaches or other mistakes with their capacity to transform errors into cascading system accidents.

What is the best way to understand the KP online breach?

A full understanding of the KP Online breach requires technical, individual, group, organizational, and cross-level analysis. Technical Level: The Architecture and Management of the Kaiser IT Infrastructure

image

What is the KP online accident?from academic.oup.com

The KP Online accident occurred at a point of technical conjunction but organizational disjunction during KP-IT's process of overall organizational integration. The anthropologist Radcliffe-Brown emphasizes the generative possibilities of points of conjunction and disjunction depending upon the relative power distribution between interacting parties. 20 As (partially) subordinate and technically dependent components of KP-IT, E-mail and Development should have deferred to its policies, procedures, and established practices as implemented by Operations. Their program authority and technological expertise, nonetheless, established E-mail and Development as peers if not superiors to Operations with respect to Web-enabled applications. Avoidance marks such structurally ambiguous relationships. Thus, we observe that, as these work units tactically maneuvered to discharge their respective missions (compartmentalized sensemaking), they basically avoided each other and, thus, produced a series of errors, including but not limited to the security breach of patient messages in KP Online ( Figures 1 & 2 ).

What is Kaiser IT?from academic.oup.com

The Kaiser IT program illustrates elements of both perspectives: Kaiser pioneered the application of complex, interconnected information technology to health care within a nationally recognized program of good information security practice.

Why is security training necessary?from academic.oup.com

Security training is necessary but not sufficient to prevent information security breaches because individual errors, group failures, and system accidents may contribute to information security breaches without violating the HIPAA security rules or standard information security policies, procedures, or practices.

This problem has been solved!

Case Study #14: Breaching the Security of an Internet Patient Portal, Major Themes: Security Prepare a 2-3 page written response to the questions following the case study. Please include a cover page with pertinent course, assignment and student information.

Expert Answer

Internet patient portal are health related online application which helps the patients to interact with the health care provider like physicians and hospital. These services are available in internet all the hours of day and night. The central featur … View the full answer

What is the KP online accident?from academic.oup.com

The KP Online accident occurred at a point of technical conjunction but organizational disjunction during KP-IT's process of overall organizational integration. The anthropologist Radcliffe-Brown emphasizes the generative possibilities of points of conjunction and disjunction depending upon the relative power distribution between interacting parties. 20 As (partially) subordinate and technically dependent components of KP-IT, E-mail and Development should have deferred to its policies, procedures, and established practices as implemented by Operations. Their program authority and technological expertise, nonetheless, established E-mail and Development as peers if not superiors to Operations with respect to Web-enabled applications. Avoidance marks such structurally ambiguous relationships. Thus, we observe that, as these work units tactically maneuvered to discharge their respective missions (compartmentalized sensemaking), they basically avoided each other and, thus, produced a series of errors, including but not limited to the security breach of patient messages in KP Online ( Figures 1 & 2 ).

What is Kaiser IT?from academic.oup.com

The Kaiser IT program illustrates elements of both perspectives: Kaiser pioneered the application of complex, interconnected information technology to health care within a nationally recognized program of good information security practice.

Why is security training necessary?from academic.oup.com

Security training is necessary but not sufficient to prevent information security breaches because individual errors, group failures, and system accidents may contribute to information security breaches without violating the HIPAA security rules or standard information security policies, procedures, or practices.

image