Breaching the security of the Kaiser Permanente Internet patient portal: the organizational foundations of information security.
This case study describes and analyzes a breach of the confidentiality and integrity of personally identified health information (e.g. appointment details, answers to patients' questions, medical advice) for over 800 Kaiser Permanente (KP) members through KP Online, a web-enabled health care portal. The authors obtained and analyzed multiple types of qualitative data about this incident including interviews with KP staff, incident reports, root cause analyses, and media reports. Reasons at [...]
Author(s): Collmann, Jeff, Cooper, Ted
DOI: 10.1197/jamia.M2195