Topic 4 DQ 2 Responses

Response to Classmate 1

Hello,

Thank you for an educative and insightful discussion. The healthcare industry is the most

affected by cybercrimes as unauthorized individuals attempt to access patient health information

and other information, including payment details. Data security breaches can be intentional or

unintentional, and internal threats remain the most significant. Internal threats can result from

human mistakes or intentional unauthorized access to patient health information. Healthcare

systems like EHR can be vulnerable to external hackers, exposing patient health information to

possible attacks (She et al., 2020). I agree that purposeful training is needed to keep data safer

and increase awareness of potential loopholes that can open opportunities for attacks, internally

or externally.

References

Seh, A. H., Zarour, M., Alenezi, M., Sarkar, A. K., Agrawal, A., Kumar, R., & Khan, R. A.

(2020). Healthcare Data Breaches: Insights and Implications. Healthcare (Basel,

Switzerland), 8(2), 133. https://doi.org/10.3390/healthcare8020133

Response to Pamela Davidson-Gordon.

Hi, Pamela.

I enjoyed reading your discussion for its communicativeness and clarity. Indeed human

errors are rated as the most significant threat to data security breaches. For instance, a provider
can expose login details to the EHR by mistakenly sharing them through email. The

unintentional mistakes can be detrimental if the patient health information falls into malicious

hands. I concur that cyber-attacks, including hacking and phishing, contribute significantly to

data security threats, increasing the risk of patients losing their privacy and the organization

being sued for failing to adhere to HIPAA and other regulations (Lee & Choi, 2021). I support

the adoption of cyber-security training programs to ensure employees understand data security

protocols and measures to take in case of an attack. Security can only begin from within, hence

the need to empower employees by making them more aware and knowledgeable.

References

Lee, J., & Choi, S. J. (2021). Hospital Productivity After Data Breaches: Difference-in-

Differences Analysis. Journal of medical Internet research, 23(7), e26157.

https://doi.org/10.2196/26157

Response to Owairna Morris

Hello, Morris.

Thank you for the great post. I agree that technological advances in the healthcare

industry have been beneficial but also presented multiple challenges, including cybersecurity

issues that put patient and organization health information at risk of malicious use. Indeed

phishing attacks are significant and common in the healthcare industry and mostly affect

unaware individuals, exploiting unintentional human errors. Inadequate security measures like

the failure to secure the network by making it private, adopting multi-factor authentication,

constant updating of passwords and login details, and limiting access to patient health
information increase the risk of data security breaches (Choi et al., 2019). I agree to a robust

cybersecurity plan to enhance data security and increase capacity to prevent, identify, respond to,

and mitigate data security breaches.

References

Choi, S. J., Johnson, M. E., & Lehmann, C. U. (2019). Data breach remediation efforts and their

implications for hospital quality. Health services research, 54(5), 971–980.

https://doi.org/10.1111/1475-6773.13203