4-2 Short Paper_Fraud and Identity Breaches_DeKeyser
docx
keyboard_arrow_up
School
Southern New Hampshire University *
*We aren’t endorsed by this school
Course
510
Subject
Information Systems
Date
Jan 9, 2024
Type
docx
Pages
6
Uploaded by AmbassadorOxideOpossum37
4-2 Short Paper: Fraud and Identity Breaches
Kristen DeKeyser
Southern New Hampshire University
Professor Simmons
October 12, 2023
1.
What approaches, systems, and/or tools would you recommend keeping your data protected from an identity breach?
a.
One way that our facility has worked to protect data from a breach is our use of security guidelines that require our staff to maintain secure passwords meeting specific character criteria. These guidelines also stipulate those unattended computers, devices, and/or papers are secure before the employee steps away. While our physical precautions have been a great front end prevention method, we also utilize secured networks and strong firewalls that protect the data from cyber-attacks.
2.
What is your assessment of the role that firewalls, and encryption play in protecting data?
a.
For me to provide my assessment of the roles that firewalls, and encryption play in protecting data, I first want to explain what these are. According to Clare Stouffer, “a
firewall is a security device that can help protect your internet network by filtering unknown traffic and blocking outsiders from gaining access to your private data” (Stouffer, 2023). Knowing this, you would be able to deduce
that firewalls function as a type of blockade to prevent external users from accessing the data stored in our network. Clare goes on to state that, “encryption scrambles plain text into a type of secret code that hackers, cybercriminals, and other online snoops can't read” (Stouffer, 2023). This means that by encrypting our data, even if someone were able to get through our security system, they would still have difficulty reading the data.
3.
What might the consequences be if someone accessed your data without authorization? Could fraud be perpetrated?
a.
To properly answer this question, I first want to differentiate the difference between a covered entity and individuals regarding HIPAA laws. HIPAA dictates that an individual who is not a covered entity, for example another patient in the hospital, is not held liable via HIPAA guidelines. This means that if another patient or individual outside of the medical field accessed your data without authorization, they would face criminal charges that could include fines and possible jailtime. Someone working within the medical field, however, is a covered entity and would be held liable per HIPAA laws. This means that if a covered entity knowingly accesses your information without consent, and it is not for the purpose of their job, they can face a fine up to $50,000 and possible jailtime up to one year. Knowingly accessing someone’s healthcare information without permission is a form of fraud and such charges could be filed.
4.
How should an HIM professional manage any associated ethical considerations?
a.
A HIM professional is responsible with the safeguarding of patient information and protected data within the facility. This creates an environment where the HIM
professional needs to have positive ethical considerations to ensure that the data and information remains protected. An example of when ethics would come into play would be if the HIM professional has access to a friend’s medical records. They should use their best judgement and ask someone else to oversee that record to avoid any ethical concerns.
5.
In your own role at Mercy Vale, what risks are involved in identity breaches or fraud?
a.
Identity breaches and fraud have a direct impact on me during my daily job functions as it would not only put the facility and patients at risk, but also my job
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
within the organization. It is imperative to ensure every safety effort is used to protect the data within the network and avoid data breaches. If a data breach happens and I am at fault, not only would I lose my job, but I would also face criminal charges including fines and jailtime. 6.
What steps can you take to protect your institution against identity breaches or fraud?
a.
The most crucial step that we can do within Mercy Vale is ensuring the staff are properly educated with how to manage health information, when they should be locking their computers, and password security. These are immediate actionable items that can be completed to help ensure data security on the front end.
7.
Could an information governance plan help protect an institution? What arguments would
you make to justify recommendations?
a.
According to Robert Dougherty, “by being mindful of data privacy and security, information governance can help organizations protect the data they possess from unauthorized access, ensure its accuracy and integrity, and reduce the risk of data breaches and other malicious activities” (Dougherty, 2023). Having an information governance plan will allow our facility to create initiative-taking measures regarding data breaches while also maintaining the security of our systems. 8.
What are the recommended actions to take to reduce your exposure?
a.
Our plan moving forward is to implement a security audit program that will allow us to better monitor how the data within our network is utilized, and by whom. Additionally, employee education to create a safer environment within the facility regarding the data and security measures is needed. By implementing an audit
program that includes both system checks as well as staff, it will allow our facility
to create routine checks as well as stay aware of when and how the data used.
References
Dougherty, R. (2023, October 10). Information governance: Why is it important?
. Kiteworks. https://www.kiteworks.com/regulatory-compliance/information-governance/#:~:text=By
%20being%20mindful%20of%20data,breaches%20and%20other%20malicious
%20activities. Stouffer, C. (2023a, July 12). What is a Firewall? firewalls explained and why you need one
. Norton. https://us.norton.com/blog/privacy/firewall Stouffer, C. (2023b, July 17). What is encryption? how it works + types of encryption
. Norton. https://us.norton.com/blog/privacy/what-is-encryption#:~:text=Encryption%20scrambles
%20plain%20text%20into,back%20into%20plain%2C%20readable%20text.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help