BHA-FPX 4020 Health Care Administration Capstone Project

Health Care Problem Analysis Proposal

Health Problem and Rationale

Healthcare data breaches reveal a troubling trend in the industry. The incidents have an impact on patients, organizations, and professionals at alarming rates despite efforts to adopt and upgrade data security solutions. According to Bohn and Schiereck (2022), the demand for data-driven clinical practices requires hospitals to keep pace with the influx of sophisticated threats. The healthcare sector reported 337 data breaches in the first half of 2022 (McKneon, 2022). Similarly, there were over 19 million records implicated in healthcare data breaches within the first six months of 2022. The average cost of a breach is about $10.1 million, which reveals the extent of the problem and its implications on the future of health care (McKneon, 2022). The problem highlights the need for robust administrative, physical, and technical programs to identify and intercept risks. Boh and Schiereck (2022) indicated that current and former employees may trigger increased breaches due to unauthorized access to databases and sharing of sensitive information with third parties. The targeted files contain details of patients’ identification, emails, appointment information, social security number, health insurance, billing information, and addresses (Lee & Choi, 2021). Failure to respond to incidents has serious implications on reputation, financial stability, and patient satisfaction. Enhancing security and monitoring capabilities is a strategic priority appropriate for organizations commitment to maintaining a superior competitive advantage.

Assessing and Measuring Issue for Quality Improvement

The measures of health data breaches include frequency of occurrence, the common types in terms of percentages, and cost to patients and the organization. The metrics guide organizations to complete a risk assessment to understand the type of data affected, the number of people affected, and the harm caused by the breach (Argaw et al., 2020). The benchmarks for measuring performance include hiring adequate skilled IT security professionals, enhanced employee responsibility and accountability when handling patient information, and significant investment in technologies such as firewalls to mitigate data breaches. The goal is to ensure that the organization has enough resources to identify and resolve data breaches involving unauthorized access, loss, and theft of patient data (Lee & Choi, 2021). Assessment include discovering processes necessary to prevent an incident from happening in the future. The team in charge also considers risk to a firm’s reputation and financial losses. A high-risk incident provides insights into the adverse impacts of data breaches based on the magnitude of losses and business disruptions.

Authoritative Sources Applying to the Issue

Abouelmehdi et al. (2018) highlighted the need for organizations to assess and measure data breaches in terms of the number of incidents and the percentage of the most common breaches. According to the authors, data-driven clinical practices improve patient care flow and reduce costs. However, organizations become vulnerable to ransomware and other attacks. Unauthorized access and disclosure is the most common type of breach with 40% of the reported incidents. Al-Muhtadi et al. (2019) assessed breaches based on the number of personal devices used in the clinical environment and the frequency of incidents. The authors also remind organizations to focus on type of information such as medical records, diagnosis, and medical history that are more vulnerable to unauthorized access and disclosure. In this case, the care team should acquire knowledge and skills to enable them identify corporate impersonations, click bait attacks, customer scam, phishing, and malware associated with increased use of social devices and networks.

Argaw et al. (2020) reminded healthcare facilities to address breaches based on the most targeted data types. The authors indicated that attackers target personal health information, diagnosis, insurance details, and billing. Organizations should also assess risks based on the detrimental effects on reputation and revenues. Similar findings by McKeon (2022) indicate the need for hospitals to reputational and financial losses caused by data breaches. The author suggested that companies risk losing millions of dollars from data breaches. Robust measures are necessary to prevent cyberattacks targeting phone numbers, addresses, emails, driver’s license numbers, health insurance information, Social Security numbers, and other crucial information. Seh et al. (2020) added to the discussion on assessing and measuring breaches by focusing on the frequency of data breaches, the magnitude, and financial losses. Accurate and complete as