Introduction

Protected health information can describe any individually identifiable data such as insurance, demographics, medical or billing information. The HIPAA state that health care providers and physicians ensure that the protected health information is confidential and has a high level of privacy. For providers like my current organization, providing the security of protected health information is challenging because of external and internal risks (Carlson & Mandel, 2017). Measures must continually be taken to address the many ways in which the privileged and protected information can be compromised. This paper describes some of these risks and details the process of risk assessment.

Internal and External Risks Associated with Protected Health Information

Internal risks threatening protected health information in the current organization include employees, the technology used and physical computer damage. Employees pose a threat to the data in different ways. Insider employees may make innocent mistakes that result in accidental disclosures like overhead conversations between providers in the elevator (Carlson & Mandel, 2017). Some employees may also abuse their information access privileges. This is common in cases where an employee who has access to the PHI data violates the accessed trust.