The Use of Medical Information Discussion

Please read the Capstone Project I have attached, see my mentor’s comments and correct everything my mentor has suggested me to correct.

Comment by Microsoft Office User: Thank you for including a title page. Please double-check the format of the title page according to your APA Guide or the APA resources within the Keiser Online Writing Lab (OWL).

Abstract

Topic

Privacy- What medical information should be confidential? Who, if anybody, should have access to medical records?

Thesis statement Comment by Microsoft Office User: A separate heading for the thesis statement is not necessary. Instead, just place the thesis as the last sentence of your introduction.

The overuse of one’s medical information, the security breaches in the medical industry, and protections/precaution one should take. Comment by Microsoft Office User: Be sure that the thesis statement is a complete sentence.

In its current form, it is a fragment. It is excellent that you’ve included three supporting elements! Prior to the supporting elements, be sure to present your specific argumentative position.

Rationale. Comment by Microsoft Office User: A rationale section was required for the proposal, but this should not be included with the final paper.

• Purpose- To express how identity thief has grown throughout the medical field.
• Background- Talk about statistics, laws, and precaution one can take to help shield their identity.
• Significance- I want to express how important this issue is that we ourselves might have gone through this are we know someone that has.
• Research methodology and description – Use internet and book sources

Rough Draft ideas

That is just enough information to take someone’s identity for someone to make different accounts in that person particular name. How can we make this better? Sticker laws, tighter security on patient records portals. Comment by Microsoft Office User: This is the root of your position, so be sure to present it in the thesis statement.

Introduction – HIPPA Law

Every American, from the beginning of life to its end, enjoys a fundamental, but not absolute, the right to privacy that is deeply rooted in both tradition and law. In no area is this right more cherished, or more unsettled, than in protecting the confidentiality of identifiable personal health information, as lawmakers, judges, and healthcare professionals struggle to balance individual privacy interests against other strong societal interests.

“An estimated 17.6 million people, or about 7 percent of U.S. residents age 16 or older, were victims of at least one incident of identity theft in 2014, the Bureau of Justice Statistics (BJS).” (http://www.bjs.gov, 2016).

The overuse of one’s medical information, the security breaches in the medical industry, and protections/precaution one should take. Comment by Microsoft Office User: It’s unclear what the distinction is, in this context, between “fundamental” and “absolute.” Consider clarifying. Comment by Microsoft Office User:

Be sure that the thesis statement is a complete sentence. In its current form, it is a fragment. It is excellent that you’ve included three supporting elements! Prior to the supporting elements, be sure to present your specific argumentative position. Comment by Microsoft Office User: This is a nice start for your introduction. It would help to expand your introduction a little in order to offer a more thorough overview of the key points that your essay will explore.

Feel free to expand on the background of the issue a bit more as well. (Leave the thesis statement as the last sentence of the introduction.)

The Hippocratic Oath, dating to the fourth or fifth century B.C., requires physicians to keep secret all knowledge of individual patients.

Personal health information is maintained not only by physicians but also in the records and/or databases of hospitals and clinics that provide treatment or diagnostic services, laboratories that perform tests, pharmacies, and insurance companies and managed care organizations to which claims are submitted or coverage is made.

In addition, personal health data frequently is shared with universities and pharmaceutical companies for medical and health-services research purposes.

How can we make the medical privacy policy better?

What is a shame is now when a person goes to a doctor’s office or the emergency room, and the person working the window is either asking for the patient’s social security number or wanting the patient to give out their social security so they can check what is on file? Ever noticed that there are not a room or a door one can close.

Technology as grown over the years and while one is giving out their personal information to get medically treated, someone can record that person with their cell phone while the patient is verifying their social security number, date of birth, and address. Then that vindictive person has all the information they need to pretend to be you.

Some people when they talk their voices are loud everyone can hear their whole conversation. some elderly people that do not wear hearing aids and they talk so loudly that they receptionist is not thinking of their privacy.

Personally, I would like to see the clerk or the patient write their social security number on a piece of paper like a post-it note. When the clerk is done, he/she gives the post-it note back to the patient and the patient can dispose of it at their own risk. Just with all the bad things going on in the world today one does not know if the office clerk or program secretary is going to shred your information.

Now one might have family working at the hospital or a clinic that one might go to and I would hate to know if a member of one’s family has access to your personal medical records. There is something a patient that one likes to keep private. Now medical facilities have made it where if the patient does not have a signed or scanned copy in your medical documentation of a medical release form. That legally they cannot send or give out that patient’s personal medical records to anyone.

It just makes one wonder if the person behind the desk is actually going through your medical files to make sure the patient has a signed released from in one’s file. Comment by Microsoft Office User: Avoid using first-person perspective for this essay. Avoid examples based on personal experience as well.

Stick with the more objective third-person point of view. Comment by Microsoft Office User: Be sure to double-check grammar, spelling, and punctuation. One trick that I use is to slowly read my work aloud. I encourage you to take advantage of the Keiser Online Writing Lab (OWL). The following website is also a helpful resource: www.grammarly.com.

Statistics of medical breaches and Figure A

The word breach sometimes just makes one’s skin crawl. When one hears of a breach in the medical field everyone assumes of the worst has happened. “Experts, estimates that data breaches cost the healthcare industry some $6.2 billion, as some 79% of healthcare organizations say they were hit with two or more data breaches in the past two years, and 45%, more than five breaches.” (Higgins, 2016).

” Most of those exposed fewer than 500 data records, and thus don’t get reported to the US Department of Health and Human Services nor are revealed to the media.” (Higgins, 2016). That is a huge number and how does one know if they are one of the not so lucky ones that information as breached?

Figure A (Kassner, 2016). Comment by Microsoft Office User: Wow—this is a powerful chart!

Breaches of confidentiality, in fact, are on widespread now from medical devices, medical records, and even to government medical clearances.

In some instances, breaches occur within the parameters of present law: Pharmacies in some states legally sell individual prescription records to pharmaceutical companies for use in marketing campaigns. As one now knows that pharmaceuticals companies are now pushing for these prescription saver cards for medicines like Farxiga or Invokana.

Now it great in a way because we are getting or prescription for no cost, but to just activate the card one has to put in their personal information to an extent. Once one has done that you have opened yourself to that particular company that makes your prescription drugs marketing companies.

Cyber Attacks- Attacks on Insulin Pumps

“The cyber-attack—in which hackers stole the names, birth dates, Social Security numbers, home addresses and other personal information of 78.8 million current and former members and employees—gave Anthem’s reputation a black eye early on. The company and the industry at large scrambled to do damage control.

Consumers questioned whether Anthem and other healthcare organizations could manage the volumes of data they had.” (Herman, 2016). The worst part about this whoever hack this company if it was an individual person, another country like Russia or China, or even if it was another insurance company.

This person/person has access to all patients’ medical records from surgeries done in the past, to medications one is current taking, and one’s deductibles.

Comment by Microsoft Office User: Avoid starting a paragraph with source material, especially a direct quote. Instead, begin each paragraph with a clear topic sentence, written in your own words, and then use source material in the body of the paragraph to support your main point.

One new scare one should watch out for now is if you are a diabetic Johnson and Johnson is warning more than 100,000 medical patients who use certain insulin pumps they could be targeted by hackers.

In a letter, the company said its Animas OneTouch Ping insulin pump has a bug causing a potential cybersecurity risk. Hackers could hijack the device and force it to deliver unauthorized, and possibly lethal, insulin doses. That is scary to think someone either in your community or across the world could be in control of your insulin levels.

Comment by Microsoft Office User: Read this sentence aloud to see how you might adjust the phrasing and sentence structure for greater clarity.

The common courtesy and rules of a breached. Comment by Microsoft Office User: My recommendation is to organize the essay primarily around your three main supporting elements (from the thesis). Consider labeling the headings according to those elements.

Unlike your fingerprints, which are unique to you and cannot be given to someone else for their use, your personal data ­ especially your Social Security number, your bank account or credit card number, your telephone calling card number, and other valuable identifying data ­ can be used, if they fall into the wrong hands, to personally profit at your expense.

“Individual identities, called ‘fullz’ on the black market, vary in price from $1 to about $450 (converted from bitcoin) and are valued based on factors like quality, robustness, reliability, and the seller’s reputation – not unlike eBay.” (Abrams,2016).

That should just make one cringe it makes one think are we really safe is our information really safe at night or anytime. The Figure below shows just how easy it is for someone to buy one’s information. Comment by Microsoft Office User: Nice work on the format of this citation!

Figure B: (http://businessidtheft.org, 2016)

Federal laws-precautions after a breach

Once this is filed submit a copy of one’s police report to one of the credit bureaus the other two bureaus will receive the report as well and will make sure that any financial institution is aware as well.

I would suggest that one should put a good contact number for a bank or Credit Company to call if they see someone is using your personal identity. This way when they call you can give verification and with your phone number it is an extra step for security. If you get anything in your mail about certain accounts you did not open and it is in your name, call the company and demand the shut those accounts down.

Tell them “I am a victim of an identity thief,” this way the company will working on closing all of the open accounts. Tell them that if they find that person put them in jail and punished to the maximum extent.

Comment by Microsoft Office User: Remember to stay focused on supporting a specific argumentative position. Avoid simply educating or informing readers. Right now, the essay is going in a few different directions. Try to tighten the organization up a little based around your thesis.

Services one can use- example LastPass

Another thing one should look into is a service called LifeLock. This service monitors all one’s financial activity as well as one’s person information such as social security number, date of birth, home address and mail address.

Nowadays one cannot be too safe when it comes to anything. If a person that likes to submit one’s medical claims or look at one personal insurance statement, or have access to personal online medical records I would recommend LastPass. Is a freemium password management service which stores encrypted passwords in private accounts?

LastPass is standard with a web interface but also includes plugins and apps for many modern web browsers and includes support for bookmark lets.

Penalties and jail time for hacking personal info

“Penalties for fraud offenses may include criminal penalties, civil penalties, or both. Most criminal fraud offenses are considered felony crimes and are punishable by jail, fines, probation, or all of the above.

Civil penalties may include restitution (paying the person back) or payment of substantial fines (geared to punish the behavior).” (http://criminal.findlaw.com, 2016). The federal law relating to identity theft penalties was signed into action by President Bush in 2004, and it mandates federal prison time for anyone convicted of the crime.

It also increases the maximum jail sentence from three years to five years, and increases penalties for phishing schemes, among other changes. There should be longer jail time for someone that steals another person identity. When one is born, we come into this word all one has their name, and over time one works hard to build up their name and who they become in life.

But have some horrible vindictive person take that way would infuriate someone. With the criminal just using the major information that they need they have everything to pretend to be someone else. Depending on how that person is they can ruin one’s life and rack up tons of fraudulent bills.

Theft is one of the fastest growing crimes in the United States today. The Federal Trade Commission (FTC) estimates that as many as 9 million Americans have had their identities stolen each year. That is too many and will is enough going to be enough?

Identity Laws and how can we make them better

Personally, the criminal should have to pay the person/persons whose identity they stole. If for example, this individual took $10,000-$30,000 dollars. That criminal need to pay all that back to that individual if that mean that person need to sell things get personal loans or work several jobs well everything needs to be paid back.

If not paid back in time that it was given then when it comes tax time that individual taxes if he/she gets anything back they have to pay for the person that had to suffer for their mistake. “Each state differs in how they handle an identity theft conviction, but at the very least, the criminal will be given a misdemeanor and forced to pay back any loss suffered by the victim, whether financial or in compensation of time, labor, etc.

As the severity of the crime increases, so too do the state identity theft penalties, ranging from prison terms up to ten years to fines numbering in the thousands of dollars” (https://enlightenme.com, 2016). There are a lot of time and man hours that goes into one having their identity stolen.

The paper work that is involved, one’s time, make phones to certain companies to make sure your information is not being used, and the hurt the one goes thought and wondering why did this have to happen to them?

“There are two levels of punishment for identity theft: the state level and the federal level. The federal law relating to identity theft penalties was signed into action by President Bush in 2004, and it mandates federal prison time for anyone convicted of the crime. It also increases the maximum jail sentence from three years to five years, and increases penalties for phishing schemes, among other changes.” (https://enlightenme.com, 2016).

When the criminal is convicted, they need to have to have credit monitoring and have random inspections of their finances, and there is certain investments.

Anything that looks out of the ordinary then they need to be brought in for questioning if found guilty again 10 years for terrorism related offenses should be the pending charges of the induvial. If that criminal does not learn their lesson, they should serve life in prison afterwards. If one cannot learn after the first time, they went to jail then they need to be where they monitored twenty-four-seven.

This is very serious crime and with technology we have now days it will only get worse to do cyber-attacks and hacking into records or insurance companies.

To just give someone on their first offence to just put them on probation that does not seem fair. They need to jail time right off the bat, no normal person ever thinks about hacking or taking someone identify, and if someone does that, he/she must be aware and prepared to assume the consequences of his/her actions.

Comment by Microsoft Office User: This paragraph can be deleted. It is not specific to the thesis.

Being charged with an identity theft crime is a very serious situation. Depending on their circumstances, being convicted of identity theft can lead to large fines and years or more in prison. Talking to a local criminal defense attorney as soon as one learns that they are being investigated for, or charged with, an identity theft crime is essential to protecting one’s rights throughout the criminal justice process.

An area lawyer who has experience with identity theft cases and who has represented clients in local courts is the only person capable of giving legal advice about one’s case.

Victims of identity theft should be aware of the laws in their area so that they know what to expect when their case moves towards conviction. It is helpful to know what statutes are being used to measure the crime when anticipating what the outcome might be for you as the victim. Always report if you see something that is off or questionable. Ask yourself the following questions or if you receive something have it checked into:

• Get a bill for medical services they didn’t receive;
• Be contacted by a debt collector about medical debt they don’t owe;
• See medical collection notices on their credit report that they don’t recognize;
• Find erroneous listings of office visits or treatments on their explanation of benefits (EOB);
• Be told by their health plan that they’ve reached their limit on benefits; or
• Be denied insurance because their medical records show a condition they don’t have.

Comment by Microsoft Office User: Consider incorporating counter-arguments at some point in the essay. By offering a solid rebuttal to those arguments, you will ultimately strengthen your own position.

Black Market and how much your information is worth

Breached records can go for pennies to hundreds of dollars depending on the nature of the content up for sale. So, how much money do these cybercriminals make after they get hold of data? How precious is the data in monetary terms?

According to Symantec’s 2019 Internet Security Threat Report, attacks on enterprises are up 12%. A new business will fall victim to an attack every 14 seconds this year. The attacks have already generated upward of $25 million in revenue for criminals. (https://www.symantec.com/security-center/threat-report)

The Sociable spoke to an array of experts to see what price cybercriminals put on different types of information. The following is a composite list:

• Personal Information (including identification number, address, birthdate) – $20 to $450
• Social Security Numbers – $1 each
• Medical Records – $20 to $50 each
• Credit Card Numbers – $2 – $5

Social security numbers were one of the most frequently exposed types of sensitive data last year and fetch a surprisingly low sum, according to Adam Stahl, Digital Marketing Specialist at Kelser Corporation. (https://www.linkedin.com/in/adam-stahl-44857632/)

He also says medical records are one of the most valuable types of information on the black market, making healthcare organizations such a target for hackers. For instance, UConn Health experienced a breach this spring, exposing the data of 326,000 patients.

“say a small portion of that – 10 % – were complete medical records. That data would sell for $652,000 – $1.8 million,” he says.

Motives and prices vary as cybercriminals pursue that valuable information that we inadvertently put out there. As Buxton says, “As far as worth goes, it depends on what information is for sale.” (https://sociable.co/web/the-many-motives-of-hackers-and-how-much-your-data-is-worth-to-them/) Comment by Microsoft Office User:

Don’t include the full URL in the body of the essay. Instead, use the author’s last name and the year of publication for the citation. (The URL will be included with the reference entry on the reference page).

Conclusion

Privacy is paramount and to personalize it vital whether it is me or you. Not just in the healthcare sector but everywhere like insurance companies and banks are also impacted by these evil attacks.

After reviewing the data of healthcare breaches and its impact on the lives of victims, I would say that healthcare officials should stay vigilant and careful about the protection of patients, healthcare information. Personal information and medical history are two important things to be protected under strong security. Comment by Microsoft Office User:

You’re off to a nice start! Here are just a few things to keep in mind in terms of the conclusion: Note that the first sentence of the conclusion should generally be a rephrasing of the initial thesis statement. The conclusion is an opportunity for you to briefly recap your key points, but the conclusion should not just be a summary.

Consider linking your key points to a larger context or to the broader literature. You might touch on the implications or ramifications of the points you’ve made (for example, in terms of laws or policy decisions, some of which you’ve done already). You might consider including a final thought-provoking quote, or a story/anecdote that illustrates your thesis.

Recommendations

Healthcare protection laws should be improved with the aim to protect electronically saved patient’s information. Training should be arranged for healthcare officials and employees so they can get an insight into technical risks and enable them to manage if occurs.

Employees should be hired on a loyalty basis in healthcare organizations, and strict punishments are needed to impose to regulate their activities. Strong security should be maintained to monitor the activities of healthcare workers.

Enhanced and advanced network security and application security are required to avoid data breaches and further complications for the organization as well as for the patient.

Encryption methods should be implemented because this is a good thing to protect the patient’s personal and medical information from any unauthorized access. Punishments stated in constitutional and universal laws are short term that is not enough to probate a criminal.

Healthcare hacking laws need to be improved with extended imprisonment and fined that will be paid to the patient according to the beard loss. Government involvement in the healthcare sector needs to eliminate or should be on a small level, to protect data breach by undefined ways. These recommendations help deal with privacy problems in the United States as well as across the world.

PLACE THE ORDER WITH US TODAY AND GET A PERFECT SCORE!!!