Assignment 4: Business Value of Risk Management PlansDue Week 7 and worth 100 pointsWhen organizations develop risk management plans, they need to consider the value of the assets being protected and

****************** ** ContentsIntroduction: ****** ******** **** *** ******* ***** ****** ********* *** ***** *** *********** ********** *** *** ********* controls: ******** ************* 2Medium ***** Hospital ** *** Medical ************* *** ***** Plan ************ ************ 4Introduction: Department of ****** and Human ******** *** **** * *** ***** for *** ************* ** ***** ** maintain *** ******* and *** ******** of the PHI *** *** **** of the health ************ must comply ** **** ***** *** *********** **** *** ************* would ** ******* heavily ** *** *********** ****** the ***** *** ******* ******* ******** *** ************* ******** **** *** ******* ***** HIPPA ******** ******* *** security ** *** ************* Though **** *** different *** ****** the ************ simultaneously ******* **** ** HIPPA ***** *** *********** the right ** ******* his/ *** ******** health *********** ** ************ * ******** ** allowed to *** PHI ** *** ******* ******* his/ *** ********** The privacy ** *** information can ** maintained ** *** ****** according ** *** **** ** protectionThe security rule ** *** ** *** ***** **** allows the ************ ** secure the *** of *** individuals by ********* all ***** ** ******** ************** *** technical ********** ** the *** *** ************ ****** ******** *** confidentiality ** the **** *** ****** **** *** *** ******** procedures ** ******* *** ***** Harrison * & Simon * ***** The **** ****** be stored in any ******** *** must ** ********* **** ************ access The **** *** ** stored *** *********** ******* *** ****** *** security ****** be ********** *** example ** *** ****** *********** ** a patient is leaked **** it **** ** ******* to ensure the ******** ****** ****** the ******* ***** means ******* *** reason ** *** data leakage ** *** ******* ******* or *** security ************ ********* *** ***** *** *********** Experts are ******* *** on *** most ***** frequent ******* ** incidents *** ***** *** ********** Some of *** ******** *** ***** ******** ************ ****** to * ******* **** ** one ** *** major ******* *** ***** non compliance **** ** *** ******* *** ***** ****** ** the *** *************** **** is ******* *** ****** **** *** the ************* ** passing on *** ******* ** *** doctors ******* wrong emails( ****** ***** ***** wrong ****** **** *** *********** ** *** unauthorized **** **** ************ access breaks *** security ****** ******** *** ******* access: ******* ***** *** ***** non compliance is *** ******* ** *** ******* access to the patient *** health *********** because ** the other ************** Technical *** *** ********* *********** order to ** ********* **** HIPPA *** ************ **** make *** below *********** ***** *********** *** ************ **** **** * ***** consultant *** would ** *********** *** ****** and testing *** processes *** **** the hospital This ***** consultant **** ** ** ****** who *** handle *** *** *** ********* ********* and ****** ******* ways ** **** the ******* *********** Technology ****** There are ******* ***** available in the ****** ** ***** ** **** * ************ ***** ********* These *** *** ** rules and regulations ***** *** **** ** the **** of * ********* ** *** various other *************** ********* about HIPAA ******** ** order ** ****** **** *** *** *** company **** **** sure that it ** aware ** *** *** ******* ** ***** which imposes *** ***** *** *********** ********* ** *** ******** *********** ********* ***** ***** update is ********* ******* **** ********* ** *************** *** ** made accuratelyNetwork **************** ******* architecture ** ** organization ** ***** ** ** ***** compliant must contain *** ***** ************* Physical Safeguards: *** ****** ***** ******* **** ** ****** **** ** ******** places ******** ******* *** ******** ********* **** be protected **** ********* security ******** ******** ******** are **** ******** **** ****** ****** screens ** ********* ****** offices *** rooms· ************** *********** * security officer should ** ***** in *** premises ****** ******** must ** ***** ** *** various *********** **** *** access ** *** *********** ****** ** *** hospital **** ** restricted * ****** ***** ******** ******** measure ****** ** **** ** ***** ** ****** *** security ******** ********* *********** ***** should be * ******* *********** on *** ******* *** ****** ** *** *** ***** ***** *** **** **** ** used for ********** the record ** *** users Proper ******** *** ******** ** *** **** should be **** in order to protect *** data **** the ************ ****** **** must be ********* ******** *** *********** *** ***** ******** *** ********** should be ******* *** ****** in each *** ***** ********** in ***** ** **** the system compliant **** *** ******** ********** ****** be ********** **** ** ********* ************ Requirements: The Breach ************* *** ********** policies *** ********** must ** ********** carefully *** the ******** ******* ********** must ** ********** ***************** ***** Hospital ** *** Medical ************* ** * ****** sized ************ *** ****** ** non compliance ** the ***** ** because ** *** ************* ************ ** many ***** with *** data ** ******** ***** these ****** sized organizations *** ***** the influence ** bigger ************* ** the *** medical ************ again the non compliance to *** ***** ** because of *** ************* ****** ** the **** to *** *** because ** *** ******* ** *** ****** ***** hospital *** *** *** ******* ************ *** *** ******* organization *** ** *** *** ************ **** ********* company ***** *** ** **** **** *** hospital in ***** ** ******* *** ********* amount to *** ******** ** behalf ** patient **** ******** **** ** **** ******* of *** ** *** ************ usersIT ***** ***** *** ** ***** plan **** consider *** below ***** ** *** **** ** ***** to ****** *** IT ********* Secure ********** *** the users ** *** *********** system and PHI **** ** ***** ******* ********* ****** ******* ********** ***** ****** **** ****** ****** ** made ** order ** ensure **** *** **** *** be ********* **** ** **** of *** *************** Virus ******* ********* and ******** ***** checks **** ** **** in ***** ** ******** *** ***** attacks· **** *********** The **** **** ** ********* ****** transmission ** ** ** ******** *** ******* *** ******** of *** dataConclusion: HIPPA ***** *** regulations *** *********** for ******** *** patient **** In order ** ** compliant **** ***** *** ******* needs ** **** some changes ** *** ************** ** *** ******** *** **** **** ******* ** the ** ***** plans ******** ** ******* ******* It ** important to make *** ******** ***** **************************** * ***** ***** * ****** ***** ***** privacy *** security *********** ************* ******* *** ******************* (2006) ***** ************** ******************* ************** ************** ********** Text00(1)Hhsgov ***** ) ****** States ********** ** ****** and ***** Services | HHSgovSummary of the HIPAA ******* ************* *** 26 **** **** ************************************************************************ (2014 ) ****** ****** Department ** ****** *** ***** ******** * ************* ** *** ***** Privacy RuleRetrieved May ** **** **** http://wwwhhsgov/ocr/privacy/hipaa/understanding/ ***************************

Click here to download attached files: Gottiparthy- HIPAA-final.docx