Discussions

The University of California healthcare corporation had the intention to develop data warehouse that could be used for managing critical information. As with any other organization, the healthcare organization is facing the new world of risks. For this reason, it hired Chief Risk Officer, who oversaw the successful implementation of the ERM framework (Fraser Simkins & Narvaez, 2014). This framework acted as the best approach of identifying, quantifying and managing risks within the organization, an act that will ultimately improve the processes.

However, the University of California Healthcare organization did not take into consideration the risks that come from breaches of Protected Health Information. The breaches of this information present wide array of repercussion ranging from financial, legal to reputation risks (Fraser Simkins & Narvaez, 2014). In its recent quest to address these risks, the healthcare organization sought to adopt Protected Health Information Value Estimator (PHIve). This methodology will help the healthcare organization calculate the costs associated with the breach of the PHI and recommend the best mitigation strategies.

The PHIve require the organization to follow the five critical steps in addressing the associated risks. The steps included assessment of risks, security readiness score, determination of relevance, determination of the repercussions and total impacts (Fraser Simkins & Narvaez, 2014). The University of California healthcare organization adopted PHIve for the first time and did not follow well the five critical steps in addressing the risks. It only focused on the repercussions and total impact of the risks associated with the breach of Protected Health Information.

In light to the above information, it is recommended to the healthcare organization to come up with the security readiness on these breaches. The security readiness will help the organization know the best approaches to prevent the breaches of the Protected Health Information. Also, this readiness will show the preparedness of healthcare organization to handle the risks associated with the breach of Protected Health Information (Fraser Simkins & Narvaez, 2014). Lastly, the healthcare organization should consider carrying out assessment of the risks. This act is of great help as enable the organization to determine the extent or severity of the risks on its financial performance.

1.Evaluate one pro and con above proposed description.

Response Requirements:

1. Be 2 paragraphs in length

2.Be supported by the required textbook and one additional reference

Points deducted if the submission: 

Does not use the required textbook as one of the two reference sources 

• • You CANNOT use Wikipedia, LinkedIn articles, blogs, paid vendors, certification websites, or similar sources in academic writing. You CAN use reputable industry articles from publications similar to ComputerWeekly, PCMag, Wall Street Journal, New York Times, or similar sources. Academic journals and popular industry articles are accessible in the university’s library databases and Google Scholar. All references should not have a publication date older than 2005.

• Does not respond to the question(s) thoroughly meaning with more than 2 paragraphs

• Primarily consists of bullet points

• Uses statements such as “I have gone through your post,” “I have gone through your discussion,” “adding a few more points,” “based on my knowledge,” “according to me,” “as per my knowledge,” or similar

• Contains contractual phrases, as an example “shouldn't" "couldn't" or "didn't,” or similar

• Uses vague words or phrases such as "proper," "appropriate," "adequate," “it is obvious,” “it is clear,” “in fact,” or similar to describe a process, function, or procedure

• • • As an example, "proper incident response plan," "appropriate IT professional," "adequate security," or similar. These words are subjective because they have different meanings to different individuals.