HI300: Information Technology and Systems for Healthcare
Unit 7 Assignment
Unit outcomes addressed in this Assignment:
• Contrast the difference between the terms confidentiality, privacy, and security.
• Identify the greatest threats to the security of health information.
• Describe the primary components of the security provision of the Health insurance Portability and Accountability Act and extensions by HITECH ACT.
• Summarize the roles and responsibilities of the health information technician.
Course outcome(s) assessed/addressed in this Assignment:
HI300-4: Formulate a secure storage and retrieval process for healthcare data.
GEL 1.1: Demonstrate college-level communication through the composition of original materials in Standard American English.
There are two parts to this Assignment. Each one will help you better understand how security breaches are handled and give you the opportunity to create a security plan. Creating this security plan will help you understand what is needed to protect data.
1. Search the internet for news about security breaches in healthcare and other industries in the last three years. Suggested source for the latest breach information from the Office of Civil Rights:
Source: HIPAA Privacy, Security, and Breach Notification Audit Program: United States Department of Health & Human Services. Retrieved from http://www.hhs.gov/ocr/privacy/hipaa/enforcement/audit/index.html
2. Write a critical essay summarizing the two cases. In your summary, identify the principal threats in each of these cases and what could have been done to minimize these threats.
1. Using what you learned from Part I, create a security plan for a medium sized health care facility. In your security plan, evaluate how you would approach security threats from both inside and outside the organization. Be sure that you address the following items in your security plan:
a. physical and administrative safeguards: employee education, health information archival and retrieval systems, disaster recovery, storage media
b. access safeguards: authentication, password management
c. network safeguards: cloud computing, mobile devices to deliver health care, firewalls, encryption / decryption
d. security threats of mobile devices used in health care delivery
2. Critique the plan you have written, identifying its strengths, elements that were not covered in the text, and any additional omissions or weaknesses of the plan.
• The Assignment should be three to four pages in length, prepared in a Microsoft Word document, and APA-formatted.
• Include a title page and reference page. Length requirements do not include the title page, and the reference page.
• Follow APA style format and citation guidelines, including Times New Roman 12 point font and double spacing.
• This Assignment should follow the conventions of Standard American English featuring correct grammar, punctuation, style, and mechanics.
• Include at least four references. The course textbook counts as one reference. All sources must be scholarly. Wikipedia is not acceptable. Use APA style for all citations including course materials.
• Your writing should be well ordered, logical, and unified, as well as original and insightful.
• For additional support utilize the GEL 1.1 Universal Writing Rubric in Doc Sharing, the Writing Center and review Writing Center Resources in Doc Sharing. The Writing Center provides guidelines for writing essays and comparing and contrasting.