Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

Case Study: The Advocate Medical Group ePHI Breach Advocate Medical Group is the

ID: 3905595 • Letter: C

Question

Case Study: The Advocate Medical Group ePHI Breach Advocate Medical Group is the largest Chicago physician group, with more than 1,000 doctors and 200 locations. On July 15, 2013 four unencrypted computers—containing data for more than four million patients—were stolen from the Advocate Medical Group of Chicago administrative building in Park Ridge, Illinois. The information contained on the computers included patients’ addresses, dates of birth, names, and social security numbers. Affected patients include those who received treatment as far back as the 1990s. In addition, the computers contained clinical information, such as health insurance data, medical diagnoses, and record numbers.

1. Based on HIPAA/HITECH/Omnibus Rule regulations, was Advocate Medical Group required to notify patients? Explain your answer.

2. Did Advocate Medical Group make any public statements?

3. Did Advocate Medical Group notify patients?

4. Do State Data Breach Notification laws apply to this event?

5. What steps could Advocate Medical Group have taken to prevent or minimize the impact of the data breach?

6. Has there been any enforcement action taken or fines levied against Advocate Medical Group?

Explanation / Answer

1) Based on HIPAA Rules and regulations ,the advocate medical group must intimate to the inidivual that data is breached by Unkown. so that the patients will aware of this incident and they will be alert from frauds.

2) Yes , Public Statement in News papers , media and socal sites are required to shared the information to all .

3) It depends on the data Backup , if one copy of data loss and another copy exist , patients will be notified directly by post / email / phone call . but in another case if one copy of data avilable and is stoled ,there is no ways to intimate the patients .

4) Yes! it is applicable ,

Advacte Media group have to initimate the state without any delay

notify to the correspoding agencies to fix the issue

And also describe what is the data ?, what it contains ? , size ?, encrypted or not and how they are going to resolve his issue etc..

5)Steps to prevent - High Security Shields in the Systems ,

24/7 Monitoring

Passwords , Data Encryption Algorithms etc

Data Backup

identity Managment

6) enforcement Actions should be taken after finding ,the causes of data stelling , reasons .

from the reasons the state Enforcement team will take action and may make fine - example - security issues

Related Questions

Case Study: John & Jon (J&J) Financial Statement Preparation & Analysis You are
Question #2617039
Case Study: John Attila has COPD caused by smoking for 50 years. His skin is gre
Question #15152
Case Study: John is a 17-year old male who is of normal intelligence and emotion
Question #244288
Case Study: Kara invited the girls in her first grade class to her birthday part
Question #3479749
Case Study: Keiretsu Nearly six months since Japan established its first corpora
Question #368819
Case Study: Latest Wireless Attacks What are some of the most recent attacks tha
Question #3919186
Case Study: Laura\'s Sweet Stuff Bakery Laura Schulz has operated Laura\'s Sweet
Question #393115
Case Study: Little Raymond Raymond and his mother live in the urban high rise. R
Question #3456527
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
Case Study: Teledermatology “Well, this analysis does not suggest to me that it
Next
Case Study: The Challenges of Interoperability It is necessary to safely and sec

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.