Buy answer
Topic: Executive Team Policy Recommendations Briefing
Subject: Nursing
Paper type: Essay (Any Type)
Style: APA
Cost: $25
Number of soruces: 8
Language: English (U.S.)

Question

HIM 422 Final Project Guidelines and Rubric

Overview

Healthcare organizations, which accounted for about 42% of all major data breaches reported in 2014, will continue to be vulnerable and attractive targets for

cybercriminals, due to the expanding number of access points to protected health information and other sensitive data via electronic health records (EHR) and

the growing popularity of wearable technology. Hospitals, providers, and even individual physicians need to ensure that they create and then implement a

strong healthcare security program as the organizational impacts of healthcare data breaches range from costly financial penalties to costly bad publicity.

As a health information management (HIM) professional, you will be expected to apply the science of informatics to the collection, safe storage, analysis, use,

and transmission of sensitive and confidential patient and organizational information to meet legal, professional, ethical, and administrative records-keeping

requirements of healthcare delivery. Should a data breach occur in your facility, you will be looked to as an expert in helping to identify the nature of the breach

and provide recommendations for remediation and prevention.

For the final project for this course, you will imagine yourself as the HIM director of a healthcare organization who has just been alerted to the presence of a

data breach. ABC Hospital is a 250-bed acute-care hospital in the Midwest. The HIM department employs 15 people. The seven medical coders all work

remotely, scattered throughout the region. Recently, there was a breach of protected health information (PHI). One of the coders logged into a neighbor’s health

record. The coder discovered the neighbor recently had an inpatient stay for complications from HIV. The coder then told other neighbors. The patient found out

and filed a complaint to the hospital’s legal department. The coder was terminated.

Prepare a policy recommendations briefing for your imagined executive team—the “C-Suite” (CEO, CIO, CFO, CMO, and CNO)—that outlines the nature of your

breach, key stakeholders to be notified, impacts of the breach, recommendations for remediating the breach and ensuring the security of patient and

organizational data going forward, and recommendations for preventing another breach from happening.

In this assignment, you will demonstrate your mastery of the following course outcomes:

 Assess the impact of key healthcare laws and internal codes of compliance on professional healthcare information management with regard to

organizational decision making

 Analyze the role of federally sponsored initiatives in improving healthcare quality, safety, and efficiency while reducing existing gaps in securing patient

health information

 Recommend technology-based strategies for ensuring data confidentiality

 Propose feasible solutions to organizational challenges that address data-related ethical and legal risks to patient safety and quality of care

Prompt

Specifically, the following critical elements must be addressed:

I. Summary of Problem

A. Describe the nature of the data breach. How did the breach occur?

B. Determine what the breach investigation should look like upon discovery, including a risk assessment and communication plan.

C. Based on your research, what are the short-term and long-term consequences that will result from this breach?

II. Key Stakeholders

A. Identify the key internal workforce (e.g., organizational staff, board, etc.) and external stakeholders (e.g., patients, vendors, etc.) who need to

be notified about the data breach, and justify your rationale based on your research.

B. Identify the key federal stakeholders (i.e., governmental officials) who need to be notified about the breach, and justify your rationale based on

your research.

C. Identify the key stakeholders that need to follow the policy to avoid future breaches.

III. Impacts

A. Analyze the laws that are in place specifically for trying to prevent such data breaches, and assess the extent to which these laws were violated

during this data breach. Be sure to use specific examples from your research to support your position.

B. Determine the communication plan for notifying the key stakeholders. What expectations are set to ensure these people are notified in a timely

and appropriate manner? Be sure to use specific examples from your research.

C. Identify the potential non-financial and financial impacts a data breach may have on the organization. How could a data breach impact decision

making, such as financial decisions? Be sure to cite specific examples from your research.

D. Evaluate your organization’s use of the appropriate federally sponsored initiatives in ensuring the provision of the highest level of healthcare

quality and safety, and efficiency in keeping data secure. Be sure to cite specific examples from your research.

IV. Ethical and Legal Considerations

A. Analyze any ethical and legal risks that you feel may have contributed to the data breach. Be sure to cite specific examples from your research in

supporting your claims.

B. Determine how the information compromised during the data breach will be maintained. Be sure to cite specific examples from your research to

support your claims.

V. Policy Recommendations

A. Considering the nature of the data breach, provide technology-based recommendations for ensuring data confidentiality and preventing future

breaches of this sort. Be sure to justify your recommendations with research.

B. Provide recommendations for solving organizational challenges that may have contributed to this breach. What policy elements should be

implemented to prevent this from happening in the future? Do staff need additional training surrounding data security? Be sure to support your

recommendations with specific research.

C. Using current federally sponsored initiatives, provide recommendations for hospital subscriptions that will improve quality and safety and

reduce gaps in security. Be sure to support your recommendations with specific research.

Milestones

Milestone One: Summary of Problem and Key Stakeholders

In Module Two, you will imagine yourself as the HIM director of a healthcare organization who has just been alerted to the presence of a data breach. ABC

Hospital is a 250-bed acute-care hospital in the Midwest. The HIM department employs 15 people. The seven medical coders all work remotely, scattered

throughout the region. Recently, there was a breach of protected health information (PHI). One of the coders logged into a neighbor’s health record. The coder

discovered the neighbor recently had an inpatient stay for complications from HIV. The coder then told other neighbors. The patient found out and filed a

complaint to the hospital’s legal department. The coder was terminated. Prepare a policy recommendations briefing for your imagined executive team—the “CSuite” (CEO, CIO, CFO, CMO, and CNO)—that outlines the nature of your breach, key stakeholders to be notified, impacts of the breach, recommendations for

remediating the breach and ensuring the security of patient and organizational data going forward, and recommendations for preventing another breach from

happening. This milestone will be graded with the Milestone One Rubric.

Milestone Two: Impacts

In Module Four, after successfully briefing your executive team on the nature of your imagined breach and the key stakeholders to be notified, you have been

asked to present another report detailing the impact the breach has on your organization. The executive team is interested in knowing the legal and financial

impact this breach has had on the organization and what federally sponsored initiatives can be put in place to ensure that the institution is providing high-quality

healthcare, patient and staff safety, and data protection. This milestone will be graded with the Milestone Two Rubric.

Milestone Three: Ethical and Legal Considerations and Recommendations

In Module Six, you will submit your ethical and legal considerations and recommendations. Your executive team was impressed with your report detailing the

legal, financial, and non-financial impact the data breach had on your organization. They were also impressed with your research on federally sponsored

initiatives designed to ensure that the institution is providing high-quality healthcare, patient and staff safety, and data protection. However, in order for the

executive team to make the best decision for moving the organization forward, they need additional information. This time they want to know what ethical

and/or legal risks may have contributed to the data breach as well as policy recommendations for how the organization can ensure that such a breach does not

happen again without compromising quality healthcare and patient and staff safety. This milestone will be graded with the Milestone Three Rubric.

Final Submission: Executive Team Policy Recommendations Briefing

In Module Eight, you will submit your final project. It should be a complete, polished artifact containing all of the critical elements of the final product. It should

reflect the incorporation of feedback gained throughout the course. This submission will be graded with the Final Project Rubric


Answer

Key Stakeholders The organization has an obligation to its stakeholders to notify them about the breach. It is mandatory that the affected party get notified within 60 days of the breach according to the HIPAA Breach Notification Rule (Smith, 2016). In this incident, the organization has the obligation of sending a notification since the afflicted party is the one who reported the incident. Moreover, the issue was internal hence there is no need for the incident to be posted on the organization’s website. The Health and Human Services (HHS) secretary will be notified about the breach. It is necessary to select a qualified team to address the security breach within the organization. Moreover, it is the duty of the Health Information Management (HIM) director to oversee the investigation. ...
Buy answer