Data Breach Analysis: the UCLA Health System Case

Need help with assignments?

Our qualified writers can create original, plagiarism-free papers in any format you choose (APA, MLA, Harvard, Chicago, etc.)

Order from us for quality, customized work in due time of your choice.

Click Here To Order Now

Privacy and Security: Introduction

The issue of personal data safety has become increasingly significant lately (Libicki, 2015). Because of the new opportunities that cybercriminals gain as technological progress continues, healthcare institutions become more vulnerable. The recent case of the UCLA Health System having been accessed by hackers shows that the concept of cybersecurity needs to be taken more seriously and that, to prevent it, the institution will have to train its staff and introduce them to the foundational principles of online security such as consistent supervision, non-disclosure policies, etc.

The UCLA Health System: Analysis

According to the recently published report (UCLA Health System reports massive data breach, 2015), the UCLA Health System has suffered a serious cyberattack. As a result, personal information of numerous patients became exposed to the malefactors. It is quite peculiar, though, that, according to the official statement issued by the organization leader, Dr. James Atkinson, the criminals have not used any financial data of the patients (e.g., credit card numbers and similar data).

Causes and Remediation

When it comes to defining the factor that caused the security breach, one must mention that the organization created an opportunity for unauthorized access to its databases, as the report says (UCLA Health System reports massive data breach, 2015). The further investigation of the subject matter will reveal that the problem occurred due to the poor supervision of the numerous data storages created by the organization: These breaches will keep happening because the healthcare industry has built so many systems with thousands of weak links (Terhune, 2015, par. 5).

The problem under analysis can be viewed as the result of a combination of negligence and a cyberattack (Hutfless, 2014). On the one hand, the information security breach was the result of cybercriminals activity. On the other hand, unless the organization had made their database open to attacks, none of the issues would have occurred, and the patients personal information would have been safe. Therefore, the case in point falls under both categories identified by Hutfless (2014).

As far as the remediation of the damage made is concerned, the efforts made by the organization are very impressive. The UCLA Health System members have invited the FBI and forensic experts to investigate the issue. The fact that experts have been invited to analyze the problem, detect the factors that had caused it and suggest the tools that might help improve it shows that the UCLA leader is determined to improve the data management system: UCLA said that its working with the FBI and had hired computer forensic experts to further secure its network (UCLA Health System reports massive data breach, 2015, par. 2).

Designing Preventive Measures

Since the problem was caused by two key factors, i.e., the abundance of datasets containing the patients personal information and the lack of supervision over the latter, the prevention of the further instances of a security breach should occur in two stages. To be more exact, the tools for data processing must be enhanced, and the control over the security system performance must be reinforced.

Conclusion: Maintaining Safety

since the security breach that the UCLA Health System has suffered points to the possibility of negligence and the lack of proper technological tools and skills, it is imperative that the staff members should be instructed on the essential security rules and that the proper technological upgrade should be made to the system. As soon as the staff gains control over the data management process, the patients personal information will be safe.

Reference List

Hutfless, B. (2014). Health information, privacy and security. In R. E. Hoyt & A. K. Yoshihashi (Eds.), Health Informatics: Practical guide for healthcare and information technology professionals (6th ed.) (pp. 193217). New York City, NY: Lulu.com. Web.

Libicki, M. C. (2015). Sharing information about threats is not a cybersecurity panacea. Santa Monica, CA: RAND. Web.

Terhune, C. (2015). UCLA Health System data breach affects 4.5 million patients. Los Angeles Times. Web.

UCLA Health System reports massive data breach. (2015). Web.

Need help with assignments?

Our qualified writers can create original, plagiarism-free papers in any format you choose (APA, MLA, Harvard, Chicago, etc.)

Order from us for quality, customized work in due time of your choice.

Click Here To Order Now