User Account

All Pages

What are the most important areas to monitor

Assignment Help Management Information Sys
Reference no: EM131957586

Team or Individual Project Health First Case Study

Overview

In the US, many doctor’s offices or clinics are considered small businesses, as the Health First clinic introduced in the case study. These clinics must also adhere to federal laws governing privacy and security of patient information including the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and its related security and privacy rules.

To help lead us through the case studies, a Security Workbook has been developed that guides small businesses through the process of organizing a security program. The Security Workbook provides a procedure for building security plans for a generic small business. In combination, the Health First Case Study and Security Workbook introduce a realistic organizational setting.

For this project:

We will only take two components of the Security Workbook to work with – HIPAA and Security Metrics. Two sets of slides as supplementary information are available. Materials are based on the information provided in ISACA’s CISA and CISM exam review books

Two components of the project:

HIPAA Adherence: HIPAA compliance is a necessary aspect of being in the medical profession. Summarize what all employees shall do, according to which HIPAA rule or standard, to maintain privacy of a patient’s health information, patient’s rights, and PHI disclosure. The workbook on “HIPAA Adherence” is on page 2.

Defining Security Metrics: Metrics are part of the Monitoring and Compliance function, and help to indicate whether controls and compliance are effective or not. While metrics are not absolutely necessary for the average small organization, any organization that is subject to regulation (e.g., HIPAA, SOX, FISMA) should take this section very seriously. In fact, most organizations would benefit from a few carefully selected metrics. The workbook on “Metrics” is on page 3-4.

HIPAA Adherence

Question: HIPAA compliance is a necessary aspect of being in the medical profession. Summarize what all employees shall do, according to which HIPAA rule or standard, to maintain privacy of a patient’s health information, patient’s rights, and PHI disclosure.

Step 1 Question. What are the most important areas to monitor in your organization? What threats and legislation are you most concerned with? You may want to review risk and policies to help define the most important areas to monitor.

Step 2 Question. After listing the most important threats, consider which metrics make the most sense to collect. Since automated metrics are doable in a busy world, is there an easy way to collect these metrics?

Step 3 Question. Consider the following three perspectives and different audiences:

Strategic: Management level: audit, policy; may discuss annually.

Tactical: Observe how you are performing; view trends; may discuss every six months.

Operational: Gather metrics and look at them; may discuss weekly or monthly.

Attachment:- Case Study.rar

Reference no: EM131957586

Questions Cloud

Explain how the old information system handles the functions : Explain how the old information system handles the functions you mentioned, the problems that occur, and why your information system will handle things better.
List the count of unique room numbersin the res detail table : List the customer ID, first name, and last name for all customers for whom no phone number exists. Sort the output by customer ID.
Complete the missing areas of the statement of cash flows : Complete the missing areas of the Statement of Cash Flows for the period ending December 31, 20.
Compose an outline with complete headers : Compose an outline with complete headers and brief 1-sentence paragraphs towards the Week 8 Project Paper assignment found under Assignments.
What are the most important areas to monitor : What are the most important areas to monitor in your organization? What threats and legislation are you most concerned with?
What type of product would prefer in business product mix : Read "A Strategy of Scarcity" on page 525 of your text. Can you think of any other products that are similar in that the turnover is very slow.
What e-waste problems were presented : What new terms were introduced? What e-waste problems were presented?
Reconcile the bank account to July : The business supplies a small range of women's surf-wear to surf shops and souvenir shops around Sydney. Reconcile the bank account to 31 July 2016
Describe the needed integration with other systems : Describe the needed integration with other systems and infrastructure. Note: Database and Data Warehousing, Cloud Technology and

Reviews

Write a Review

Management Information Sys Questions & Answers

  Business risk financial risk and beta1 define and discuss

business risk financial risk and beta1. define and discuss the relationship between business risk financial risk and

  Propose alternative strategies for the erp system

You are preparing to meet with your end users to discuss possible strategies for converting their old ERP system to a new one.

  Why the ddos for hire hackforums closure didnt matter

Whack-A-Mole Cyberattackers: Why The DDoS For Hire HackForums Closure Didn't Matter.

  Research the guidelines for documentation of health records

Research the guidelines for documentation of health records and compile a list of ten (10) key requirements related to the Standards and regulations for The Joint Commission (TJC), Commission on Accreditation of Rehabilitation Facilities (CARF), a..

  Operations and supply management change in productivitya

operations and supply management change in productivitya parcel delivery company delivered 103000 packages in 2007 when

  What factors will be important in good data governance

What factors will be important in good data governance

  Why is the study of information systems important

Why is the study of information systems important to you? What do you hope to learn from this course that will make it worthwhile for you?

  Evaluate the four risk-mitigation options and strategies

Explain how ITPM best practices can facilitate process change within an organization. Determine if ITPM would be used differently depending upon the industry in which it was used. Explain your answer.Evaluate the four risk-mitigation options and st..

  Description of computer question

Description of Computer question - system that is designed to integrate all activities within a business is referred to as

  What is the easiest way to check the overall layout

Computer user A wants the Excel worksheet in a Word document to automatically update when she makes changes to the Excel worksheet so she'll embed the worksheet into the Word document. Computer user B says to link the worksheet to the Word documen..

  Is change control necessary for use of modified technologies

Do you think that amalgamation of IT technologies can create a serious threat for management? Why or why not?Do you think that governance framework provides complete solution for needs of information technology? Why or why not?Is change control neces..

  Create a use case diagram for the urp approval form system

List 2 considerations to help you define your actors at an appropriate level. List 2 considerations to help you define your scenarios appropriately.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd