...

BHA FPX4020 Assessment 3 Data Collection and Analysis

BHA FPX4020 Assessment 3

Data Collection and Analysis

BHA FPX4020 Assessment 3 Security breaches represent a danger to preserving the confidentiality, integrity, and accessibility of essential information with regard to the organization’s peculiarity of operation, as well as in the healthcare sectors such as Emory University Medical Center (EUMC). As it has been stated, good data collection and data analysis are critical for covering all the aspects of breaches in their totality (Koopmans & Mouter, 2020). The primary intended use of this assessment is to review the data collection and analysis procedures of EUMC in reference to data breaches.

With the given elements analyzed, it should be noted that the purpose of the assessment is based on the current processes and practices review, strengths and weaknesses’ identification, as well as recommendations for improvement to make EUMC’s capability of identifying, managing, and preventing data breach more effective and efficient. Therefore, this assessment aims to strengthen EUMC’s data protection strategies, protect the data of its consumers, and operate within the legal framework by conducting a comparative analysis of data management and protection policies and procedures.

Rationale for Cost Benefit Analysis Tool

As for the set goal to analyze the problem of data breaches in the application of various kinds of healthcare technology, specifically the growing number of violations at the Emory University Medical Center, the appropriate problem analysis method is the Cost Benefit Analysis (CBA). The advantage of CBA can be found in the systematic approach to various proposed interventions present in terms of their financial consequences (Koopmans & Mouter, 2020). This helps identify key projects that will benefit the organization most and, in this way, assist in supporting the organization’s objectives through effective and efficient decisions. The theoretical concept of Benefit Analysis (CBA) is associated with the case of data breaches occurring at Emory University Medical Center since it enables the efficient analysis of the financial impacts of resolving such a problem (Mouter et al., 2020). It assists in putting a dollar value on losses likely to be incurred as a result of a breach of the data, fines to be paid, and other legal expenses to be incurred against potential gains to be made by investing in security measures to reduce risks and improve the security of data.

BHA FPX4020 Assessment 3 HealthCare services

 CBA is globally appreciated and applied across the globe in the field of HSM due to its capability to establish an organized method of evaluating quantifiable benefits and costs in the efficiency of the proposed solutions. Thus, in the situation of pursuing unit costs of healthcare services and dozens or hundreds of potential problems waiting to be solved within a healthcare organization, CBA provides a clear and coherent framework to compare the costs and benefits of prospective solutions to these problems (Biancardo et al., 2022). Thus, CBA allows decision makers to include a whole range of known factors, of both concrete monetary measures, for instance, cost of financial capital, time which is monetized, and more abstract parameters, for example, patients’ outcomes as well as organizational gains. Also, CBA enables the evaluation of various options where one can prioritize actions that yield the most significant net benefit to the firm (Biancardo et al., 2022).

Analyzing Data Relative to Internal and External Benchmarks

            When conducting a complete examination of data breaches that took place at Emory University Medical Center and discussing potential strategies for minimizing the risks, one of the critical factors is the relative measurements of the obtained data, both internal and external standards. BHA FPX4020 Assessment 3 internal benchmarks are organisationally specific and enable one to compare the current performance with previous performance or with set goals (Kabassi & Papadopoulos, 2018).

 By applying the idea of the internal benchmark, it is evident that effective measures should be developed and put in place to guard against such incidences and to prevent leakage of sensitive patient details, which are deemed to be discreditable to the organization. In this way, EUMC can use the internal benchmark to monitor its results in terms of data breach decrease and the improvement of the organization’s data security plans on the whole (Campbell et al., 2023).

Click on the given link and get: BHA FPX4020 Assessment 2

 Selecting this external benchmark is justified because it is a nationally established portrayal of measures to protect PHI. HIPAA’s non-compliance status can lead to costly penalties and negatively affect patients’ rights, which is why healthcare organizations must fully implement and adhere to HIPAA standards (Dagher et al., 2019).             

BHA FPX4020 Assessment 3 Proper training should be carried out on the importance of data with particular emphasis on the role everyone has to play in the protection of patients’ information. Nield et al. (2020) showed that the awareness of phishing scams, password complexity, and general internet safety should be discussed in detail. In this way, EUMC can achieve staff training that will decrease the probability of irresponsible employee actions leading to data leakage. It is, therefore, the proactive way of ensuring that the organization maintains its stand on the conservation of patient information and his/her right to privacy.

 By adopting these evidence-based recommendations, EUMC will strengthen its data security competence and prevent future data breaches while upholding patients’ confidentiality and trust in the health services provided at EUMC.

Cost-Benefit Analysis of Data Breaches Prevention Strategies

            The CBA is necessary for solving the data breaches in Emory as a result of consideration of the following components with regard to key research questions: The first is cost estimation evaluating the direct monetary value of losses; the second is benefit quantification, which aims at determining the overall advantages of taking measures against the data breaches, as well as identifying potential general benefits for Emory and medical sector at large (Biancardo et al., Costs associated with data breach prevention consist of expenditure on security tools and systems, personnel raises awareness, compliance with the standards, preparation for data breaches, consulting fees, loss of revenue from customers’ trust, and losses resulting from system’s unavailability (Kampová et al., 2020).

BHA FPX4020 Assessment 3 Training and education expenses relate to investment in cybersecurity awareness campaigns and sessions and organizing of cybersecurity courses for the employees. These programs and policies seek to increase staff awareness and competence in matters to do with data security to minimize cases of data leakage due to human factors. Offering training encourages organizations to regularly update their security and help sustain a culture in which people will be sensitive to protecting the organization’s data from cyber criminals.

Data Breach BHA FPX4020 Assessment 3 

             This pie chart attempts to show the percentage of the various kinds of data breaches that were identified in the Emory University Medical Center (EUMC). Unauthorized access, inadequate access control, and user authentication systems account for 58% of breaches. The four types of breaches are as follows. Phishing is cited to be 23% of the violations, proving that social engineering strategies are a severe menace to the security of systems. An insider threat represents risks introduced by a malicious internal actor with proper access to the organization’s information and occurred in 10% of the breaches. This is because lost or stolen devices result in 9% of breaches, hence the need for physical security measures and device encryption (Roumani, 2022). EUMC needs to recognize these categories so as to focus on desired cybersecurity initiatives, as well as apply proper prevention measures to strengthen the organization’s defense against the most common threats in order to protect patient information and the company’s credibility.

 In this distribution, an end-to-end strategy is created, focusing on the active monitoring of the organization and data assets, analysis of risks, staff awareness, and measures for an efficient response to risks.

Scholarly Justification for Recommendations

            The recommendations given here for Emory University Medical Center (EUMC) are based on the author’s research and practical/modern trends to counter the multifaceted threats that data breaches pose to a healthcare facility. This involves the following recommendations, each of which has specific advantages to enhance the protection of data at EUMC while maintaining the patient’s privacy (Stewart, 2022). This is enforced by cybersecurity specialists’ advice on the use of standard safety procedures like encryption and access controls (Stewart, 2022). That way, EUMC shall be able to protect patients’ data that are restricted to some personnel, hence minimizing breaches.

 The process of monitoring and the actions that are taken to manage security incidents means that the detection of such incidents is prompt. The proactive approach assures EUMC that the effect of breaches on patient privacy and organization operations will be reduced, thus sustaining trust and integrity (Koopmans & Mouter, 2020). It is unlawful not to abide by the set laws and regulations such as HIPAA and GDPR, and this could lead to severe consequences on the patient’s data. Through adherence to these standards and conducting the assessment and review, EUMC proves that it follows and enforces ethical and legal aspects, thus creating trust in patients and stakeholders.

BHA FPX4020 Assessment 3 Data Encryption

 Encryption of data and access controls, as highlighted by Alkinoon et al. (2021), strengthen EUMC’s protection from unauthorized access to patient data. Most of these measures are benchmarked against best practices in the industry and facilitate compliance with the regulatory requirements meant to protect the identity of the patient as well as the credibility of the learning institution. Cybersecurity awareness training allows EUMC staff to identify possible threats, which increases the staff’s ability to manage risks, thereby lessening the influence of human mistakes. Implementing security awareness ensures that EUMC staff are prepared to protect patients’ information, consequently upholding the organization’s integrity and assuring the overall populace of its healthcare services (Shukla et al., 2022). Together, these best practice recommendations support EUMC’s data security plan, reduce the possibility of breach, and protect patients’ information and confidence in the organization.

Conclusion

 Therefore, BHA FPX4020 Assessment 3 current study findings on data collection and analysis on data breaches at Emory University Medical Center (EUMC) offered biochemical and implementable suggestions for enhancing data security measures. Hence, by pointing out the attained and potential scores as well as recommending proven measures to avoid breaches, this assessment intends to improve EUMC’s ability to close breaches’ risks efficiently. Therefore, it will be essential to continue the implementation of the recommendations on increasing the efficiency of training on cybersecurity, the regulation of data encryption, and the development of the appropriate response to incidents affecting the protection of patient information and the trust of clients to EUMC’s health care services in the context of developing different types of cybersecurity threats.

References

Alkinoon, M., Choi, S. J., & Mohaisen, D. (2021). Measuring healthcare data breaches. Information Security Applications, 265–277. https://doi.org/10.1007/978-3-030-89432-0_22

Bandari, V. (2023). International Journal of Business Intelligence and Big Data Analytics, 6(1), 1–11. https://research.tensorgate.org/index.php/IJBIBDA/article/view/3

Biancardo, S. A., Gesualdi, M., Savastano, D., Intignano, M., Henke, I., & Pagliara, F. (2022). An innovative framework for integrating Cost-Benefit Analysis (CBA) within Building Information Modeling (BIM). Socio-Economic Planning Sciences, 101495. https://doi.org/10.1016/j.seps.2022.101495

Campbell, K., Gordon, L. A., Loeb, M. P., & Zhou, L. (2023).  Information Systems Research, 31(4), 1200–1223. https://doi.org/10.1287/isre.2020.0939

Dagher, G. G., Mohler, J., Milojkovic, M., & Marella, P. B. (2019). Ancile: Privacy-preserving framework for access control and interoperability of electronic health records using blockchain technology. https://doi.org/10.1016/j.scs.2018.02.014

Kampová, K., Mäkká, K., & Zvaríková, K. (2020). Cost-benefit analysis within organization security management. School of Health Sciences Web of Conferences, 74, 01010. https://doi.org/10.1051/shsconf/20207401010

Koopmans, C., & Mouter, N. (2020, January 1). Chapter One – Cost-benefit analysis (N. Mouter, Ed.). ScienceDirect; Academic Press. https://www.sciencedirect.com/science/article/abs/pii/S2543000920300184

Roumani, Y. (2022). Detection time of data breaches. Computers & Security, 112, 102508. https://doi.org/10.1016/j.cose.2021.102508

Saleem, H., & Naveed, M. (2020). Anatomy of data breaches. Proceedings on Privacy Enhancing Technologies. https://petsymposium.org/popets/2020/popets-2020-0067.php

Seh, A. H., Zarour, M., Alenezi, M., Sarkar, A. K., Agrawal, A., Kumar, R., & Khan, R. A. (2020). Healthcare data breaches: Insights and implications. Healthcare, 8(2), 133. NCBI. https://doi.org/10.3390/healthcare8020133

Shukla, S., George, J. P., Tiwari, K., & Kureethara, J. V. (2022). Data security. Data Ethics and Challenges, 41–59. https://doi.org/10.1007/978-981-19-0752-4_3

Stewart, H. (2022).

Unger. (2021). Susceptibility and Response of Small Business to Cyberattacks – ProQuest. Www.proquest.com. https://www.proquest.com/openview/c6d0bf13fcf0ca37dae88f5ea6d5f2a8/1?pq-origsite=gscholar&cbl=18750&diss=y

Zhang, X., Yadollahi, M. M., Dadkhah, S., Isah, H., Le, D. P., & Ghorbani, A. A. (2022). Data breach: Analysis, countermeasures, and challenges. International Journal of Information and Computer Security, 19(3/4), 402. https://doi.org/10.1504/ijics.2022.127169

    Please enter correct phone number and email address to receive OTP on your phone & email.

    Verification is necessary to avoid bots.
    Please Fill The Following to Resume Reading
    Please Fill The Following to Resume Reading

      Please enter correct phone number and email address to receive OTP on your phone & email.

      Verification is necessary to avoid bots.
      Scroll to Top
      Seraphinite AcceleratorOptimized by Seraphinite Accelerator
      Turns on site high speed to be attractive for people and search engines.