The data breach at the Utah Department of Health (UDOH) impacted more than 780,000 patients. Several security vulnerabilities caused the breach, including lack of appropriate security measures and lack of appropriate staff training on protecting sensitive patientsâ€™ health information against unauthorized access. Besides, the DOTS staff were not sufficiently trained and ready to manage cyber risks and vulnerabilities. Specifically, they were less conversant with access controls, secure internet connections, secure password management. Consequently, UDOH had financial problems, which limited its efforts to manage the breach and prevent future similar cyber-attacks. This security plan will assess the UDOH breach and present significant measures to ensure the security and privacy of PHI in the institutionâ€™s health systems.
Project Plan: Training Initiatives
cybersecurity risks in the future, both UDOH and DOTS staff need to undergo
ongoing education and training programs on cybersecurity. Ideally, using
lectures, conferences, and role-playing, the leadership of the organization and
HIM professionals needs to organize the structure of
the education and training programs to be presented to the employees and formulate
associated films and videos, among other applicable educational and training materials,
to power the education and training program. To ensure a practical training and
education initiative, it is essential to categorize the UDOH and DOTS staff
based on several factors, including IT competence and role in the facility. We
will essentially segregate the IT staff from the other staff since they already
have a background in IT systems and cybersecurity.
Click to view the full document!View Document