StudyDaddy Information Systems Please read the instructions and let me know if you have any questions

Please read the instructions and let me know if you have any questions

Cloud IAM and Data Security Design

Replace all RED TEXT with your selections and justifications. Your content should be in black font typeface.

Business Scenario

A healthcare organization is moving their patient management system to the cloud. They need to ensure proper access controls and data protection measures are in place to meet HIPAA requirements.

Instructions

  1. Create an APA Style Title Page.

  2. Review the business requirements in the scenario description.

  3. Build on the business scenario with additional content (200-300 words).

  4. For each section below, select the most appropriate options from the provided lists.

  5. Provide a brief justification (1-2 sentences) for each selection that clearly relates back to the business scenario.

  6. Include a few references and citations to support some of your justifications.

  7. Submit the completed template document.

1. User Roles

Instructions: Select 3-5 roles from the following list of common healthcare roles:

  • Physician, Nurse, Medical Administrator, IT Administrator, Billing Specialist, Patient Coordinator, Pharmacist, Lab Technician, Data Analyst

Example Selected Roles:

  1. Justification: Compliance Officers ensure adherence to HIPAA regulations, needing access to audit logs and security configurations.

2. Access Control Mechanisms

Instructions: Select 3-4 mechanisms from the following list of IAM controls:

  • Attribute-Based Access Control (ABAC)Role-Based Access Control (RBAC), Multi-Factor Authentication (MFA), Single Sign-On (SSO), Attribute-Based Access Control (ABAC), Zero Trust Principles, Mandatory Access Control (MAC), Discretionary Access Control (DAC), Time-Based Access Restrictions

Example Selected Mechanisms:

  1. Least Privilege Principle
    Justification: Enforcing least privilege minimizes access to only what is necessary, reducing the risk of data breaches.

3. Data Protection Strategies

Instructions: Select 2-3 strategies from the following list of encryption and protection options:

  • Data Encryption in Transit, Tokenization, Data Masking, Key Management Service (KMS), Data Loss Prevention (DLP), Backup and Recovery

Example Selected Strategies:

  1. Data Encryption at Rest
    Justification: Encrypting data at rest ensures patient data stored in the cloud is protected from unauthorized access, a HIPAA requirement.


4. Monitoring and Audit

Instructions: Select 2 options from the following list of security monitoring options:

  • CloudTrail (AWS) / Activity Logs (Azure) / Audit Logs (GCP), Intrusion Detection System (IDS), Log Retention Policy, Real-Time Monitoring

Example Selected Options:

  1. Security Information and Event Management (SIEM)
    Justification: SIEM provides centralized monitoring and analysis of security events, helping detect and respond to potential breaches.

Have a similar question?

Continue to edit or attach image(s).

  • Fast and convenient

    Fast and convenient

    Simply post your question and get it answered by professional tutor within 30 minutes. It's as simple as that!

  • Any topic, any difficulty

    Any topic, any difficulty

    We've got thousands of tutors in different areas of study who are willing to help you with any kind of academic assignment, be it a math homework or an article.

  • 100% Satisfied Students

    100% Satisfied Students

    Join 3,4 million+ members who are already getting homework help from StudyDaddy!