Please help with this :

State selected is Tennessee

Visit the Health and Human Resources Office of Civil Rights website. Link : https://www.hhs.gov/hipaa/for-professionals/breach-notification/breach-reporting/index.html Select an incidence of breach (state select is Tennessee ) state from the Breaches Affecting 500 or More Individuals link Research the case Write a 2-4 page case study paper. Your paper needs to be typed and doubled spaced. Follow the APA style guidelines for formatting your paper, including a cover, and a resources pages. An abstract is not required. In- text citations must be included in the narrative of the paper. A references page is required for all references.

Remember to follow the Academic Integrity policy found in the syllabusSafeAssign will be used. Plagiarism will result in an automatic grade of a and the offense will be reported to the Office of Academic IntegrityYour paper must include complete sentences, complete paragraphs, and consist of correct spelling and grammar

At minimum , YOU MUST address the following in separate sections of your case study:

1. Describe what happened. 2. Which laws did the breach violate and why? 3. Describe actions the health care organization took in response to the breach 4. Describe at least the following factors of the Breach Risk Assessment as it pertains to the breach: A) What is the nature and extent of the PHI involved, including the types of identifiers and the likelihood of re-identificationWas it sensitive PHI (e.g. HIV, genetic)? What is the financial risk? What is the risk of medical identity theft? B) Who was the unauthorized person who used the PHI or to whom the disclosure was made; Who was the authorized user? Was the PHI de-identified? Could a person re-identify it? C) Was the PHI actually acquired or viewed (or did the opportunity exist for the information to be acquired or viewed)? Did audit trails show that stolen information was ever accessed/viewed?

D) Was the risk to the PHI mitigated? Covered entities and business associates should attempt to mitigate the risks to the PHI following any impermissible use or disclosure, such as by obtaining the recipient's satisfactory assurances that the information will not be further used or disclosed (through a confidentiality agreement or similar means) or will be destroyed, etc.

5. Describe the Breach Notification. What did it or should it have contained 6. What should the organization do to reduce breach risk of this nature in the future?