Health Data Breach Response Plan: A Managed Care Organization’s Comprehensive Plan

As the Chief Privacy Officer (CPO) of a competitive managed care organization, you have been advised of a breach in the privacy, security and confidentiality of sensitive patient data that occurred at the hands of an employee who was a willing participant in a large identify theft ring. After a tip received from the FBI, a six (6) month investigation was conducted. The employee sold hundreds of health records over the span of three (3) years for an undisclosed amount of money.  After immediate termination and prosecution, the next step is to develop a comprehensive Health Data Breach Response Plan, a project assigned to you by the CEO.Deliverables: The final product to submit is a comprehensive plan that includes the following:Propose a data response plan that address the following:• Step One: The organization’s response to the notification of a breach• Step Two: Identify those responsible parties (by titles) to respond to the notification of breach and explain each of their roles in the process• Step Three: Procedure(s) to confirm the occurrence of a breach & identify the involved scope/type of data involved• Step Four: A three (3)-point system measure, to impact of the data breach & the action(s) taken for each level of impact• Step Five: Data breach response and corrective practices• Step Six: Monitor/test effectiveness of response and corrective practices• Step Seven: Notification (public and customer (specify whether all customers are notified or just those impacted)