Healthcare Setting Chief Privacy Officer at WGU Hospital Information Breach Case Study
INTRODUCTIONIn this task, you will assume the role of a chief privacy officer (CPO) in a healthcare setting who has experienced a breach. You will determine how many patients were affected in the breach, develop a focused risk analysis of the breach, identify software that should be implemented, and create a breach notification letter.The purpose of this task is to 1) examine the role of different types of healthcare information systems in health information management (HIM); 2) examine the structure, function, and security associated in a HIM setting; and 3) evaluate privacy and security concerns involved in the use of technology in a healthcare setting.SCENARIOYou are the CPO at WGU Hospital, a large teaching facility. A doctor brought a mobile device when going on break, during which the device was stolen from the doctor’s car. The mobile device has access to the hospital’s electronic health record (EHR).As the CPO, you must determine how many patients’ information was breached. Additionally, you must conduct a focused risk analysis of the breach to see which safeguards should be implemented to prevent future breaches, as well as identify which software should be implemented to ensure all regulatory concerns are appropriately addressed. Furthermore, you must craft a letter notifying all the patients affected in the breach.REQUIREMENTSYour submission must be your original work. No more than a combined total of 30% of the submission and no more than a 10% match to any one individual source can be directly quoted or closely paraphrased from sources, even if cited correctly. The originality report that is provided when you submit your task can be used as a guide.You must use the rubric to direct the creation of your submission because it provides detailed criteria that will be used to evaluate your work. Each requirement below may be evaluated by more than one rubric aspect. The rubric aspect titles may contain hyperlinks to relevant portions of the course.Tasks may not be submitted as cloud links, such as links to Google Docs, Google Slides, OneDrive, etc., unless specified in the task requirements. All other submissions must be file types that are uploaded and submitted as attachments (e.g., .docx, .pdf, .ppt).A. Using the scenario above, answer the following prompts:1. Develop a plan to determine the number of patients whose information was breached.2. Explain what steps should be taken to perform the focused risk analysis of the breach.3. Recommend an administrative safeguard that should be reviewed and updated to prevent future breaches from occurring.4. Recommend a technical safeguard that should be reviewed and updated to prevent future breaches from occurring.5. Recommend a physical safeguard that should be reviewed and updated to prevent future breaches from occurring.6. Discuss two safekeeping practices the physician in the scenario should follow to prevent a future breach.7. Discuss the applicable fines and penalties that could be imposed on the facility for this disclosure.8. Discuss a software the hospital should implement to make accessing mobile devices safer in the future.B. Create a breach notification letter to all the patients affected in the breach.C. Acknowledge sources, using APA-formatted in-text citations and references, for content that is quoted, paraphrased, or summarized.D. Demonstrate professional communication in the content and presentation of your submission.File RestrictionsFile name may contain only letters, numbers, spaces, and these symbols: ! - _ . * ' ( )File size limit: 200 MBFile types allowed: doc, docx, rtf, xls, xlsx, ppt, pptx, odt, pdf, txt, qt, mov, mpg, avi, mp3, wav, mp4, wma, flv, asf, mpeg, wmv, m4v, svg, tif, tiff, jpeg, jpg, gif, png, zip, rar, tar, 7z