Home » Case Study on Healthcare Management System

Case Study on Healthcare Management System

Case Study: Healthcare Management System

Executive summary 

According to the case study, a case of data breach was reported from which it was found that important information’s of the patients as well as the doctors, insurance agencies, were stolen with their personal details like credit or debit card information and all. In this case the 600 clients were affected as their data got exposed on the internet. It was found with the occurrence of this incidence, some rights such as right to free from discrimination right to protection, right to  harassment as well as the dignity was also breached. There are four principles which can be used and introduced in the healthcare in order to keep all the data and the information of the clients as well as the healthcare staff in safe and secured condition. Those significant principles are “principle of the accountability, principle of the protection, principle based on transparency and the principles based on the compliance.” In the part A of this particular assignment deals with the legal implications that are applicable on the case study as mentioned above. These legal implications are dependent on the rights of privacy which the clients of the health care management are having; this is what is going to be discussed in the first part of this assignment. In the second part of this assignment determination as well as the discussion of the “principles based on the health management system will be done and in the part C of this assignment will include an evidenced based framework of the specific organization which will help in dealing with the issues occurring in the health care sectors.


In the Bon Secours, Which is an American health system, it was found that all the private information of the patients was leaked and 600 patients were affected due to this. As it has been mentioned above that from the banking information of the patient to their insurance ID number, has been leaked. Even the clinical records along with the laboratory test results were accessible on the internet and it was found that data breach had taken place within the health care system. According to the case study and its shortcomings, it can be said that the health care system should have a systematic usage of the health information system which help the organization the secure and protect the data of the patients. The developed evidenced based model which was identified and determined is helpful for the organization for handling the issues. Therefore this report will discuss about the legal implications from the New Zealand perspective that is applicable for this case study as well as other health care related policies and rules which needs to be implemented within the organization so that the similar kind of incident does not take place in the organization in the future.


“Possible legal implications according to New Zealand perspective”

An important act which was found to be breached is names as the “health act of 1956”. According to this act the policies states that no exchange or disclosure of the information would be done between the health care providers as well as the other agencies without the legal consents of the clients. This act is being followed by the health organizations as well as other organizations so that the confidential information of the clients stays safe. (legislation.govt, 2020)

The next act which is breached with the incident provided in the case study is the “act of health and disability commissioner” this right can be considered as the can be said as the watchman for the clients of the organization. This is an act which helps to resolve the complaints and the issues of the clients by keeping their private information secure. It also helps in improving safety within the health sector by improving their safety and promoting their rights at the same time.  It has been found that the “HDC” clearly governs the “DHB” which is a compliant profile that helps in solving issues regarding the privacy of the client (.hdc.org., 2020).

According to the “privacy act of 1993” its policies does has a matching scenario with the case study mentioned above even this is considered as another form of legal implication which is applicable for this case. It was seen that it became a mess when the information of the clients got exposed in the internet and the whole world could see them, of course no client will want that to happen that their confidential information will get leak as there was not any particular department to blame on or was not responsible, therefore it is recommended that the organizations should adopt advanced technology, in order to avoid occurring similar kind of data breach and the technology should systematically store the patients information in a secured place from where no leakage of those information can take place and a department should be there who will take the responsibility of the patients data was well as tackle them while any issue occurs regarding the confidential information of the patients.


This is a sample Case study on healthcare management system  From our experts get your report right now

“Implications on the privacy of the patients”

One of the rights based on the act of privacy is the right which should be treated with respect. it means that, it is important for the organizations that they should respect the private information of the clients in order to avoid losing their confidentiality and exposed in front of the whole world, even if any information is being shared for the treatment purpose it is important that consent of the customer is being taken, the exchanging which will be done the organizations needs to assure enough that the information is not breached in any manner (data.govt., 2020).

Another right that was violated in this case study was the act based on the “right to freedom from discrimination” this act is applicable in this situation because it was found that full exploitation of the banking information as well as personal information was done and it was exposed in the internet as a result of which a fraud can happen in the future this will be responsible for this.

This right is particularly chosen for this scenario because using the personal data of the patients and not even informing them within a short span of time is incorrect where as providing no compensation on the other hand is found to be falling under the category of discrimination.

The act based on “right to full information” is actually violated in this case as well, according to the act its right states that any organization has the responsibility of information as well, as providing the correct information and also communicate with honesty in an efficient manner. But in this case it was found that the patients got informed after two months of the data breach took place by the organization.

The last act which is being very much applicable for this case is the “act based on health and disability commissioner 1996”. This act is applicable under the code of health and disability in the health sector in which the patients are given certain kinds of consumer rights which they can use if incase any legal issue within the organization takes place with them. This code helps in explaining or informing the clients within the health sector about their rights they have so that they use it in an effective manner to the effective places.


This is a sample case study on Healthcare management System From our experts get your report right now

“Principles of health information system”

“Principle based on Accountability”

This principle states that there should be appropriate rules, regulation as well as policies for the employees working in the organization that will help them to understand the methods of maintaining the customers confidential information safe and secured and in this case it is being suggested that, the department should consist of one or a senior manager who can take the charge and the account of this kinds of cases if it happens in the future.

“Principle of protection”

A security measures should be implemented in the organization and that should be in the computerized from which will provide protection to the day for example the cloud storage in considered as important storage system of the information system which provides full protection to the confidential information of the patients.

“Principle of transparency”

This principle look after the information of the client which needs to be made public and what needs to be kept confidential  in order to provide great level of satisfaction to the customers.

“Principle of the compliance” 


There should be important, rules, laws and policies that need to be implemented, for maintaining the health information of the patients in order to know what type of information of the patients has been recorded according to the policies of the organization.

Principles and the components of the health information system 

The principle of accountability is considered as one of the crucial principle for the organization as because this will help in the development and improvement of the information rather are being stored in the organization as in this case 600 patients was affected due to the data breach and no one was responsible or was easy to take the account of it so this principle will help in investigating the situation in future if similar incident occurs as an account will be taken if this principles is being followed.

 The principle of protection will provide security and protect the data as well as the confidential information of the patient from the data breach, the other principles as has been discussed above like the principle based on transparency as well as compliance will help the client to get assured that their data is in the safe place which will bring a good level of satisfaction among the clients.


Example of similar kind of issue,

In the year 2019, on the month of august an unauthorized intrusion was reported by the ministry of health that took place about digital information system in the health organization of “Tu Ora compass health”. Privacy and confidentiality of the information is one of the important parts in the health sector where the same incident took place that is the confidential information of the patients were breached and leaked out (health.govt., 2019).


This is a sample Case study on healthcare management system From our experts get your report right now

Health related issues in case of evidenced based framework 

It has been said that the cancer is one of the disease that is found to be most prevailing in the health sector of New Zealand. The heath care which is known as “ST, LUKE medical center” is located in New Zealand; this organization is found to be dealing with certain important health issue among which the department of skin cancer within this health center faces the maximum issue.

The above represented model is the evidenced based model which has been chosen for comparing with the evidenced based framework. This model is popularly known as the ACE star model.

When a comparison of the ACE star model is being done with evidence based framework, it can be said that ACE start based model actually provides more information regarding the facts related to the disease by detailing the issues and applying them with the scientific literature. On the other hand it has been said that the “developed framework only helps in the identification which means that it identifies the health related issue and in the ACE star model the discovery of the health issues actually lead in the identification of the disease and the conditions of it.


According to the case study and the scenario of the case study it has been found that the legal implications, as well as various policies need to be implemented within the organizations. The healthcare management therefore is being suggested to develop a proper healthcare management system which will fight against the data breaching so that the information of the clients as well as the same incident does not occur in the future.


.hdc.org. (2020). Formation of HDC. Retrieved from https://www.hdc.org.nz/: https://www.hdc.org.nz/about-us/history/#:~:text=The%20Health%20and%20Disability%20Commissioner,and%20efficient%20resolution%20of%20complaints.

data.govt. (2020). What is personal information and the Privacy Act? Retrieved from https://www.data.govt.nz/: https://www.data.govt.nz/manage-data/privacy-and-security/what-is-personal-identifiable-information-and-the-privacy-act/#:~:text=The%20Privacy%20Act%201993%20controls,or%20organisa

health.govt. (2019). Cyber security incident. Retrieved from https://www.health.govt.nz: https://www.health.govt.nz/our-work/emergency-management/cyber-security-incident#:~:text=The%20Ministry%20of%20Health%20was,Health%20Network%20and%20Ora%20Toa.

legislation.govt. (2020). Health Act 1956. Retrieved from legislation.govt.n: http://www.legislation.govt.nz/act/public/1956/0065/121.0/DLM305840.html

Need Assignment Help! Service, Order Now

Our Top Features

All Subjects Covered

It doesn’t matter if you are in college or university our experts have got all your academic needs covered. Be it Law, Management, Business, IT, Finance or others our experts have got you covered.

Plagiarism Free Work

We understand just how embarrassing  it can be to get your papers rejected due to plagiarism. Therefore at Topicwize, we have a strict rule against plagiarism.

Unlimited Revisions

We are aware that every client has a different set of requirements. So even though our writers may draw impeccable contents, it may not live up to your expectation.

24/7 Live Support

Last minute assignments can truly be a hassle.So, we decided to launch the ’24-hour deadline assignment service’. Even if you have an assignment that needs to be submitted within 24 hours, we will accept your order.

Speed up all processes!

Find the Right

Similar Posts