There is an increasing use of information technology in healthcare owing to its benefits in care provision. However, Arain, Tarraf & Ahmad (2019) indicates that the use of information technology in healthcare pose significant risks related to security and privacy, particularly with regards to the patient information stored in the electronic system. This calls for the need to adopt effective data protection measures and reporting mechanisms in case there are privacy and security breaches. The healthcare employees should be provided with a way in which any data breaches can be reported to the relevant department within the hospital.
In order to address any privacy and security breaches, as a privacy officer in my organization I would encourage employees to report them without the need to reveal their identity. Although employees work together as a team, it is possible that some of the privacy and data breaches may not be provided if the reporting system requires the reported to provide their identity. The major reason would be fear of retribution particularly where a junior employee reports any breaches attributed to their superiors. Encouraging employees to make anonymous reports together with the affected healthcare information or parties will allow the organization to detect and resolve any privacy issues that would otherwise go undetected.
In addition, a reporting mechanism that does not require full disclosure of the privacy and security breaches will be provided. The provision of a system that demands provision of actual data under threat, the concerned parties, and possibly accompanying evidence may be too laborious for employees to pursue them. Providing an easy reporting mechanism will ensure initial privacy and security breaches are reported upon which investigations will commence.