User Account

All Pages

Discuss how difficult and costly completing the assessment

Assignment Help Computer Engineering
Reference no: EM133698277

Homework

Purpose

In this homework, you will be provided a scenario in which you need to prepare for a HIPAA audit using materials found on the healthIT.gov website and using a government-provided online or downloadable tool to perform a risk assessment.

Instructions

You are the IT and Security Manager for a small five-physician medical practice that uses electronic medical records (EMR) but has never performed a HIPAA security risk assessment. You need to prepare for the upcoming HIPAA Audit, and the healthIT.gov site recommends performing a security risk assessment using their Security Risk Assessment (SRA) tool (downloadable or paper).

Based on the scenario above, review the questions in the Administrative Safeguards portion of the tool. This private practice has many written policies, but the policies are often not updated, and training new personnel on HIPAA requirements is a bit haphazard and poorly coordinated. The practice does not have a formally appointed security contact, although the office general manager is the one that most people go to. The one-person IT professional tries to protect the patient's information and access to that information as best that is possible, but people that leave the organization are often not immediately removed from having that access. Physical access to the building does require a key card access, but the building entrance is not monitored by cameras or the need to sign in. The company has not formally documented and mapped relevant business associates and has not secured business associate agreements related to patient information security. Although the receptionist area has a high counter, and patients typically cannot see the receptionist's computer screen, patients can hear the phone conversations in the receptionist area. Access to the medical records is password protected but not encrypted, and not all computer screens have automatic locks when the screens are idle.

I. Identify at least 10 Administrative Safeguard questions from the tool that are particularly relevant to this organization. Identify each by number and the specific wording of the question.

II. Discuss at least five identified threats or vulnerabilities and discuss the likelihood and overall impact of each of these vulnerabilities in a table like the one below for each threat/vulnerability (you should have five tables).

Likelihood

Impact

Low
Medium
High
Low
Low Risk
Low Risk
Low Risk
Medium
Low Risk
Medium Risk
Medium Risk
High
Low Risk
Medium Risk
High Risk

I. For each threat/vulnerability, describe one or more safeguards that could be implemented against the threat/vulnerability. Suggested safeguards can be found in the SRA tool.

II. Write a summary that discusses what you learned by participating in this exercise. Discuss how difficult and costly completing this assessment might be for the small medical practice described in this case. Recommend possible solutions to make this assessment process possible for this small practice.

Reference no: EM133698277

Questions Cloud

Define cybercrime and the categories of cybercrime : Define cybercrime and the categories of cybercrime. How understanding of differences among cultures affect your ability to make decisions within your company?
Describe each law and consequences for violation of the law : Describe each law and consequences for violation of the law. Discuss the reputational and financial impact this scenario might have on the organization.
What evidence would be needed to show compliance : What the question means? What evidence would be needed to show compliance? Whether it would be easy or difficult to achieve compliance and why?
Painless lump palpated at left vaginal opening : Appropriate hair distribution, No lesions, Small, painless lump palpated at left vaginal opening. Mild swelling noted.
Discuss how difficult and costly completing the assessment : Discuss how difficult and costly completing this assessment might be for the small medical practice described in this case.
Explain how the ssl and tls work : Read more about SSL and TLS and write a report explaining how they work. Use the following link as a starting point.
Design and implement a raytracer : CSE3PSD Professional Software Development, La Trobe University Implement a Zork-style text adventure and Design and implement a raytracer
Identify four aspects of end of life care : Identify four aspects of end of life care e.g., eligibility criteria, services provided, types of medical conditions, reimbursement models,
What have researchers learned about the negative impacts : What have researchers learned about the negative impacts of excessive social media use among teenagers, and ways to mitigate these negative impacts?

Reviews

Write a Review

Computer Engineering Questions & Answers

  Mathematics in computing

Binary search tree, and postorder and preorder traversal Determine the shortest path in Graph

  Ict governance

ICT is defined as the term of Information and communication technologies, it is diverse set of technical tools and resources used by the government agencies to communicate and produce, circulate, store, and manage all information.

  Implementation of memory management

Assignment covers the following eight topics and explore the implementation of memory management, processes and threads.

  Realize business and organizational data storage

Realize business and organizational data storage and fast access times are much more important than they have ever been. Compare and contrast magnetic tapes, magnetic disks, optical discs

  What is the protocol overhead

What are the advantages of using a compiled language over an interpreted one? Under what circumstances would you select to use an interpreted language?

  Implementation of memory management

Paper describes about memory management. How memory is used in executing programs and its critical support for applications.

  Define open and closed loop control systems

Define open and closed loop cotrol systems.Explain difference between time varying and time invariant control system wth suitable example.

  Prepare a proposal to deploy windows server

Prepare a proposal to deploy Windows Server onto an existing network based on the provided scenario.

  Security policy document project

Analyze security requirements and develop a security policy

  Write a procedure that produces independent stack objects

Write a procedure (make-stack) that produces independent stack objects, using a message-passing style, e.g.

  Define a suitable functional unit

Define a suitable functional unit for a comparative study between two different types of paint.

  Calculate yield to maturity and bond prices

Calculate yield to maturity (YTM) and bond prices

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd