Avoiding a Breach, Term Paper Example

Introduction

At Kaiser Permanente, an information system with optimized security is essential in order to eliminate breaches in data that could compromise patient information. These risks are very real and significant; therefore, they must be addressed on a continuous basis with a high level of focus on protecting patient information and education to ensure that only those with authorization to access this information are able to do so under specific conditions. This process is instrumental in shaping Kaiser Permanente’s patient information security strategy. In recent years, however, the organization has been the subject of much controversy because its information systems technology interface has been subject to a number of important data breaches that have compromised patient information on an unintentional basis (Kern, 2014). These breaches have demonstrated the vulnerabilities of Kaiser’s system and how it has been impacted by external and internal vulnerabilities in recent years.

Analysis

Based upon the level of security that is required to maintain a successful system of this nature, Kaiser Permanente has been largely unsuccessful in recent years in its ability to protect data from unnecessary breaches (Kern, 2014). Therefore, it is evident that additional information is required to ensure that the organization is able to overcome these inconsistencies and to protect its patients from these breaches over time (Kern, 2014). One such breach took place over several years and impacted 5,100 patients in Northern California (Goldman, 2014). These concerns have unfolded at the organization as it attempts to overcome some of its most complex vulnerabilities and to recognize the importance of developing new approaches to address any current vulnerabilities, as well as future protections to address possible compromises of patient information (Goldman, 2014).

Kaiser Permanente’s emphasis on protecting personal health information has been critical to its success in recent years. These factors have represented an opportunity to explore new insights regarding the needs of its vast patient base so that their data is not compromised or accessed by unauthorized parties under any circumstances. The organization has been largely successful on many levels in its ability to protect health information that is stored electronically; however, there are always lessons to be learned in this area that require continuous attention and focus. Two systems offered to patients are My Health Manager and HealthConnect, both of which represent a means of connecting patients to their physicians through an electronic portal that emphasizes patient communication and safety (HIMSS Analytics, 2012). The organization is far advanced in its model regarding electronic patient records and health information; however, it is vulnerable to attack in the same manner to ensure that all possible efforts are made to prevent any threats to this information (HIMSS Analytics, 2012). Nonetheless, all organizations are vulnerable to threats as they become increasingly sophisticated in nature, thereby making all systems prone to attacks, even when their systems are highly advanced.

In an effort to overcome information security threats within organizations, it is important to identify some of the resources that are available to prevent attacks that could compromise data and information. It is important to “regard security measures as a way to advance the business, through increased consumer satisfaction, and to enhance the protection of its proprietary and valuable information” (Arizona State University, 2011). Under these conditions, it is important to identify possible opportunities to advance information technologies to the point that they are not as vulnerable to threats that could compromise data and damage an organization’s reputation (Arizona State University, 2011). A comprehensive systems-based approach is required in order to ensure that an organization is sufficiently protected from these risks and that there are sufficient resources available to expand a system to ensure that it will not be compromised (Arizona State University, 2011).

Information security threats are not a new concept; however, the types of threats continue to be more complex and intricate. Therefore, organizations must be able to recognize their own threats and vulnerabilities so that they are in a position to overcome these concerns and to take the steps that are required to overcome threats through expanded security measures. Maintaining the utmost confidentiality of all patient information is of critical importance; furthermore, other factors must be considered that will have a positive impact on outcomes and in determining how to best move forward to prevent future system attacks and breaches, particularly since Kaiser Permanente has a recent history of breaches that have led to new questions regarding the organization and its attention to information security.

Conclusion

The factors associated with developing a patient information system that is not vulnerable to outside threats are complex and multifaceted on many levels. These factors require an organization such as Kaiser Permanente to move its information security agenda forward to accompany patient information systems accordingly. Since new opportunities are emerging to track and store patient information, it is more important than ever to develop a strategy that will encourage system managers and technical experts to optimize functionality under a secure interface to ensure that patient information is not compromised. This process is important because it should be designed to protect patient data at all costs and to aim to prevent as many security vulnerabilities as possible. The organization requires an ongoing effort to protect this information so that the firm is successful in its efforts to achieve maximum security protection for all patient information.

References

Arizona State University (2011). Avoiding a breach: advice for managers from security experts. Retrieved from http://knowledge.wpcarey.asu.edu/article.cfm?articleid=2039

Goldman, J. (2014). Kaiser Permanente acknowledges three-year data breach. Retrieved from http://www.esecurityplanet.com/network-security/kaiser-permanente-acknowledges-three-year-data-breach.html

HIMSS Analytics (2012). HIMSS Analytics honors Kaiser Permanente Moanalua Medical Center with Stage 7 Award. Retrieved from http://www.himssanalytics.org/about/NewsDetail.aspx?nid=79350

Kern, C. (2014). Kaiser Permanente suffers fourth privacy breach in 5 years. Retrieved from http://www.healthitoutcomes.com/doc/kaiser-permanente-suffers-fourth-privacy-breach-in-5-years-0001