Synopsis

Due to a programming error, $19$ members of Kaiser Permanente received email messages containing private healthcare information about multiple other members. A root cause analysis showed that organizational issues played a significant role in this security breach. Please read the entire article $($link below$)$ from the Journal of the American Medical Informatics Association $(2007)$ to gain more insight into the situation presented in this case.

Breaching the Security of the Kaiser Permanente Internet Patient Portal: the Organizational Foundations of Information Security $-$ PMC $($nih$.$gov$)$Links to an external site.

This breach had the potential to cause harm to KP members. How did the leadership act quickly and what did they prevent?

According to the authors of the JAMIA article, there was a risk of future security breaches if the organizational issues were not resolved. What steps might they take to resolve this issue?

Review the section in Chapter $9$ on administrative safeguards. Would the processes described apply to this case?