Description
Please find attach questions in a word document. Thank you.
Unformatted Attachment Preview
MULTIPLE TOPICS
There will be no written assignment for this period since we have three broad topics of study.
Thus, you are required to post two discussions each (A and B) for each of the three topics.
Topic 1: Privacy vs. Security
Objectives:
1. Summarize the security controls that align with a privacy policy to meet regulatory
requirements.
2. Explain the relationship between patient privacy and security of electronic protected
health information (ePHI).
3. Track release of information (ROI) requests.
Discussions
Discussion A
Briefly summarize the administrative, technical, and physical privacy control domains. What is
the key difference among them? Choose two controls from each domain and provide a specific
example of how these security controls serve as safeguards or countermeasures to meet
regulatory requirements.
Discussion B
Explain the relationship between patient privacy and security of electronic protected health
information (ePHI). Why is patent privacy more important today than it was 50 years ago?
Resources
•
•
•
Review Chapter 4 in Healthcare Information Security and Privacy.
Read “Your Electronic Medical Records Could Be Worth $1000 to Hackers,” by Yao
(2017), located on the Forbes website.
https://www.forbes.com/sites/mariyayao/2017/04/14/your-electronic-medical-recordscan-be-worth-1000-to-hackers/?sh=241c27ad50cf
Read “The Questions You Should Ask About Your EHR/EMR,” from Health
Management Technology (2015).
Topic 2: Privacy and Security in Health Care: Sensitive Data and Confidentiality
Objectives:
1. Describe the steps necessary to protect confidentiality, integrity, and availability of
sensitive data.
2. Describe a program to manage the confidentiality of electronic protected health
information (ePHI) and personally identifiable information (PII) to prevent data
breaches.
Discussions
Discussion A
Explain the relationship between the confidentiality, integrity, and availability (CIA) triad and
HIPAA controls. What is the legal impact to a health care provider if the CIA triad fails?.
Discussion B
Describe the security measures that are put in place to ensure the four guiding principles of
security: confidentiality, integrity, availability, and accountability.
Resources
•
•
•
•
•
Read “Fundamental Objectives of Information Security: The CIA Triad,” by Metivier
(2017), located on the Sage Data Security website.
https://www.tylercybersecurity.com/blog/fundamental-objectives-of-informationsecurity-the-cia-triad
Read Chapters 7-9 in Healthcare Information Security and Privacy.
Read “Cyber-Security Issues in Healthcare Information Technology,” by Langer,
from Journal of Digital Imaging (2017).
Read “Security Techniques for the Electronic Health Records,” by Kruse, Smith,
Vanderlinden, and Nealand, from Journal of Medical Systems (2017).
Read “Patient Safety Critical Part of Healthcare Information Security,” by Snell
(2017), located on the Health IT Security website.
https://healthitsecurity.com/news/patient-safety-critical-part-of-healthcare-informationsecurity
Topic 3: Risk Management: Threats, Vulnerabilities, Impacts, and Disaster Recovery
Objectives:
1. Describe how security controls are utilized in an organization’s risk management
program.
2. Explain the key components of risk and the impact of inappropriate electronic protected
health information (ePHI) exposure.
Discussions
Discussion A
From a health care organization’s perspective, explain the relationship between vulnerability,
threat, and risk. Can one exist without the other? Describe the impacts of inappropriate
electronic protected health information (ePHI) exposure. Locate a credible source that outl ines
a risk management process. Describe the risk management process and explain how it aids in
the protection of ePHI. Provide an APA citation for the source.
Discussion B
How are HIPAA controls used in an organization’s risk management program? Does the
organization’s culture have an impact on how the HIPAA controls are implemented within a
risk management program? Provide a specific example.
Resources
•
•
•
Read “Nine Steps to Better Disaster Recovery Planning,” by Matheson, from Health
Management Technology (2016).
Read “Cyber Threats to Health Information Systems: A Systematic Review,” by Luna,
Rhine, Myhra, Sullivan, and Kruse, from Technology & Health Care (2016).
Review Chapter 4 in Healthcare Information Security and Privacy.
***Based on the above knowledge, answer the questions in a discussion format. Ensure all
questions are answered appropriately with references attached.
Purchase answer to see full
attachment
