Health Information Breach

Health Information Breach
Name
Institution
Course
Date

Health Information Breach
Protection of patients’ data is one of the key responsibilities of the healthcare organization. Under the HIPAA, a breach of the patient’s protected information involves the disclosure, use, access, or acquisition of unguarded protected health information (PHI) which creates a significant risk of reputational, financial, or other damages to the concerned parties (Snell, 2017). In January 2017, reports revealed that workers at Yakima Virginia Mason Memorial Hospital were accessing the PHI of patients without authorization. Precisely, 21 staff had intentionally retrieved PHI without permission. Nearly, 419 patients have been affected by this breach. The patients’ records included medical information and social security numbers for patients in the emergency rooms. The hospital stated that there was no evidence, which indicated that the documents were, utilized inappropriately (Herold & Beaver, 2014). In addition, it noted that the issue was not an information security gap since external actors did not hack the hospital.
Subsequently, a couple has sued the hospital for violation of data privacy. Sarah and Mathew Hipps argued that they received notice letters on occasion. They contended that they lack adequate information about the HIPAA breach or whether their data was sold or shared. Similarly, they noted that the hospital failed to initiate prompt notification which is within 60 days following the detection of the breach in accordance with the HIPAA Breach Notification Condition (Snell, 2017).

To prevent the violation, the hospital should have introduced regularly training to its staff, which would be a key milestone in stopping such incidents. Precisely, the workers should have been educated on rules governing patient privacy. Method of delivery should include on-the-job teaching, which encompasses a worker being guided by an experienced manager or employee. Moreover, the health institution should have initiated surveillance of access logs pre-emptively (Herold & Beaver, 2014). Finally, the hospital should have performed routine audits of protected health information to detect confidentiality abuses.

References
Herold, R., & Beaver, K. (2014). The practical guide to HIPAA privacy and security compliance. CRC Press.
Snell, E. (2017). Virginia Mason Patient Data Privacy Breach Leads to Lawsuit. Retrieved from https://healthitsecurity.com/news/virginia-mason-patient-data-privacy-breach-leads-to-lawsuit