As an information systems manager, you need to consider an important aspect of your operation–patient information, privacy, and security. Review the following case scenarios and select one to use for your management plan for security and privacy.
Case Scenario 1 (Security Breach)
The administration at St. John’s Hospital takes pride in its sound policies and procedures for the protection of confidential client information. In fact, it serves as a model for other institutions in the area; however, printouts discarded in the restricted-access information systems department are not shredded. On numerous occasions, personnel working late have observed the cleaning staff reading discarded printouts. What actions, if any, should these personnel take toward the actions of the cleaning staff? What actions, if any, should be taken by the information systems administration?
Case Scenario 2 (Natural Disaster)
Living on the Gulf Coast is a benefit that many residents of a small Southern town enjoy; however, natural disasters are a concern. The town has just been struck by a hurricane and the entire basement of your operation is flooded by the storm surge. Patient files were destroyed or washed away with the receding water. What actions do you take when patients ask for their health records? What processes did you have in place to protect your records in anticipation of such an event?
Research management plans and choose one of the scenarios above and develop a process for maintaining patient privacy and security.
Create a detailed management plan for patient data privacy and security in the case of a security breach (Case Scenario 1) or a natural disaster (Case Scenario 2).
Based on the management plan format you found through your research write a 1,400- to 1,750-word paper that details your facility’s management plan.
Include the following:
- Create a business problem statement.
- Analyze how you will respond to these situations.
- Evaluate the training you can provide to your staff.
- Analyze the considerations of HIPAA and patient privacy compliance requirements in planning.
- Analyze the need for an information technology management plan for natural disasters and security breaches.
- Evaluate how you will implement your management plan.
Create a 350-to 700-word executive summary in which you review the management plan you designed. Explore possible challenges and the utilization of your plan.
Cite a minimum of three peer-reviewed, scholarly, or similar references, other than the textbook, that directly support your analysis.
Format your paper according to APA guidelines.