What are all of the documents we will need to have prepared

Assignment Help Other Subject
Reference no: EM132260774

Here are weekly assignments to address for each week which will contribute to the Final Project: Each weekly assignment will between 250-350 words.

Week 1 - Develop your network boundary based on the requirements provided, see Appendix A of the syllabus. Follow the assignment in Appendix A. You will need to draw the network boundary and provide a detailed network description of the network boundary.

Week 2 - Describe the security and privacy requirements for the network boundary. This is a physician's office, so please describe the HIPAA security and privacy requirements you need to follow for your network boundary. Use the HIPAA, HiTech, and Omnibus Laws to help you create HIPAA security and privacy requirements.

Week 3 - We need to ensure the physician's office is secure and the HIPAA data is protected. Read NIST SP 800-53 rev 4. How can this document help you ensure your physician's office is secure? Out of the 18 control families, pick two control families and address the controls in complete sentences for your network boundary.

Week 4 - We need to ensure the network boundary is hardened. Please review the DOD STIG for Oracle 12. Select 20 controls and address how the Oracle server has been hardened in the physician's office.

Week 5 - We are preparing for an audit of the system for HIPAA compliance. What are all of the documents we will need to have prepared for the upcoming audit? Please explain why each document is important. What scans should you run on the system, please describe the scan and on why systems the scan ought to be facilitated.

Week 6 - The auditors have finished their assessment. In Appendix B, we have the findings from the audit. Please address in detail how each finding should be mitigated. Match up each control to the SP800-53 control family and control number.

Week 7 - The physician's office now wants to add tele-medicine to the functionality of their network. Explain in great detail, 500 words or more how this will impact the physician's office and what we need to do from an information assurance perspective. Make sure you include change management in this discussion.

Week 8 - Turn-in of FINAL PROJECT. Bring together your past 7 weeks of work. Add narrative transitions where appropriate and ensure you have addressed the instructor's feedback provided each week. Conclude your project with a 500 word narrative explaining why information security is important in the Healthcare field. Cite Scripture to demonstrate your understanding of how faith integrates with the information technology and healthcare fields. Check to ensure that APA format has been used and you have at least 14 peer-reviewed references.

APPENDIX A

Information Assurance Project

In order to understand the practical impact of Information Assurance, we will work on a project over the next 8 weeks. One of the major requirements in information assurance is documentation and being able to articulate your understanding of a security requirement or control.

Please design a network for a hypothetical physician's office and provide a network description with the following:

1 Server with Scheduling software (pick one)

1 Server for billing (pick one)

1 Server with a data base for patient data - Oracle 12

1 Server for email - Microsoft Exchange Email

The office has 10 patient rooms with a desktop in each room running Windows 10 for the OS

The office is based on wireless networking with TCP/IP.

There are two doctors in this office.

This office has an Internet connection to the mother company.

The network boundary for this assignment is just this physician's office.

In your network description please provide the following:

Describe the purpose of this network.

Describe the network and equipment, the servers and the software in place.

Describe the security you have in place.

APPENDIX B

The auditors have completed their assessment. The following are the findings determined during the audit. Please address in detail how each finding should be mitigated.

Identified Vulnerability

Identify the Matching Control in the SP 800-53 - Control Family and Control Number

What would be the appropriate mitigations?

1. People can gain physical access to the physician's office without anyone checking ID.

2. The server room does not have a lock on the door.

3. There are default admin accounts with elevated privileges

4. The receptionist of the office provided the password to the server via an inbound phone call.

5. There are unused open ports on all of the servers.

6. The scheduling software shows verbose code.

7. There is no encryption on the network. PHI/PII data is sent over the wireless network in clear text.

8. The PHI/PII data on the database server resides on unencrypted drives.

9. In an interview with the Nurse, she stated there is no training for HIPAA Security or Privacy provided.

10. On the desktops, there are Microsoft vulnerabilities in the Windows 10 OS which have not been patched.

11. The auditor watched an employee make changes to the Oracle server without following change management.

Reference no: EM132260774

Questions Cloud

Laws and regulations that impact privacy in the workplace : What could an organization utilize to ensure that all employees are well aware of their rights and responsibilities in regard to privacy?
Explain business intelligence : Explain business intelligence(BI), as well as describe one use of BI in retailing, entertainment, and medicine.
Compute the variable portion : Compute the variable portion (total) of Cost C at 140,000 hours of activity.
Why is the blackberry controversy prominent : Why is the BlackBerry controversy prominent in Asia, particularly in the Middle East, and not anywhere else in the world? Analyze the measures that RIM.
What are all of the documents we will need to have prepared : We are preparing for an audit of the system for HIPAA compliance. What are all of the documents we will need to have prepared for the upcoming audit?
Selecting security software system for business : In this assignment, you will be evaluating and selecting a security software system for a business.
What is customer relations : What is customer relations, this is the main method to ensure you will retain your customer base. How would you begin to build a strong
Prepare a schedule of variable and fixed cost : Prepare a schedule of variable and fixed cost for each of the costs and total manufacturing cost for 2018 and 2019. Calculate the company's per unit cost.
Business ethics highlight the main focus : Business Ethics Highlight the main focus areas that were the most valuable to you and describe why.

Reviews

Write a Review

Other Subject Questions & Answers

  Cross-cultural opportunities and conflicts in canada

Short Paper on Cross-cultural Opportunities and Conflicts in Canada.

  Sociology theory questions

Sociology are very fundamental in nature. Role strain and role constraint speak about the duties and responsibilities of the roles of people in society or in a group. A short theory about Darwin and Moths is also answered.

  A book review on unfaithful angels

This review will help the reader understand the social work profession through different concepts giving the glimpse of why the social work profession might have drifted away from its original purpose of serving the poor.

  Disorder paper: schizophrenia

Schizophrenia does not really have just one single cause. It is a possibility that this disorder could be inherited but not all doctors are sure.

  Individual assignment: two models handout and rubric

Individual Assignment : Two Models Handout and Rubric,    This paper will allow you to understand and evaluate two vastly different organizational models and to effectively communicate their differences.

  Developing strategic intent for toyota

The following report includes the description about the organization, its strategies, industry analysis in which it operates and its position in the industry.

  Gasoline powered passenger vehicles

In this study, we examine how gasoline price volatility and income of the consumers impacts consumer's demand for gasoline.

  An aspect of poverty in canada

Economics thesis undergrad 4th year paper to write. it should be about 22 pages in length, literature review, economic analysis and then data or cost benefit analysis.

  Ngn customer satisfaction qos indicator for 3g services

The paper aims to highlight the global trends in countries and regions where 3G has already been introduced and propose an implementation plan to the telecom operators of developing countries.

  Prepare a power point presentation

Prepare the power point presentation for the case: Santa Fe Independent School District

  Information literacy is important in this environment

Information literacy is critically important in this contemporary environment

  Associative property of multiplication

Write a definition for associative property of multiplication.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd