Get your Homework Done Today at a click.

We guarantee you quality work 

100% Original, Plagiarism Free, Customized to your instructions!


Security and Privacy Management Plan Assignment

Security and Privacy Management Plan Assignment

Security and Privacy Management Plan Assignment

Security and Privacy Management Plan Assignment

As an information systems manager, you need to consider an important aspect of your operation–patient information, privacy, and security. Review the following case scenarios and select one to use for your management plan for security and privacy.

Security and Privacy Management Plan Assignment: Case Scenario 1 (Security Breach)

The administration at St. John’s Hospital takes pride in its sound policies and procedures for the protection of confidential client information. In fact, it serves as a model for other institutions in the area; however, printouts discarded in the restricted-access information systems department are not shredded. On numerous occasions, personnel working late have observed the cleaning staff reading discarded printouts. What actions, if any, should these personnel take toward the actions of the cleaning staff? What actions, if any, should be taken by the information systems administration?

Security and Privacy Management Plan Assignment: Case Scenario 2 (Natural Disaster)

Living on the Gulf Coast is a benefit that many residents of a small Southern town enjoy; however, natural disasters are a concern. The town has just been struck by a hurricane and the entire basement of your operation is flooded by the storm surge. Patient files were destroyed or washed away with the receding water. What actions do you take when patients ask for their health records? What processes did you have in place to protect your records in anticipation of such an event?

Research management plans and choose one of the scenarios above and develop a process for maintaining patient privacy and security.

Create a detailed management plan for patient data privacy and security in the case of a security breach (Case Scenario 1) or a natural disaster (Case Scenario 2).

Based on the management plan format you found through your research write a 1,400- to 1,750-word paper that details your facility’s management plan.

Include the following:

  • Create a business problem statement.
  • Analyze how you will respond to these situations.
  • Evaluate the training you can provide to your staff.
  • Analyze the considerations of HIPAA and patient privacy compliance requirements in planning.
    Security and Privacy Management Plan Assignment

    Security and Privacy Management Plan Assignment

  • Analyze the need for an information technology management plan for natural disasters and security breaches.
  • Evaluate how you will implement your management plan.

Create a 350-to 700-word executive summary in which you review the management plan you designed. Explore possible challenges and the utilization of your plan.

Cite a minimum of three peer-reviewed, scholarly, or similar references, other than the textbook, that directly support your analysis.

Format your paper according to APA guidelines.

ORDER an A++ paper from our Verified MASTERS and DOCTORATE WRITERS: Security and Privacy Management Plan Assignment

Click the Assignment Files tab to submit your assignment.

The Hipaa Security And Privacy Rules

1. List when PHI can and cannot be disclosed:
The HIPAA Security and Privacy Rules mandate that healthcare providers and organizations and their respective business associates abide by HIPAA rules when they create and follow procedures that must be transmitted, obtained, handled, or shared. In addition, during these processes, the confidentiality and security of all protected health information (PHI) must be achieved and maintained (Hernandez, 2015). Moreover, there are instances when PHI can and cannot be disclosed. Stanford (n.d) differentiates between information that is “shared” and “disclosed.” Shared applies to PHI utilized within the covered entity; whereas, “disclosed” pertains to PHI shared outside of the covered entity (Stanford, n.d). Furthermore, Stanford (n.d.) states that according to the Privacy Rule, it consents to employ or disclose PHI for the following purposes:
• For treatment (including treatment in the course of research);
• For payment;
• For health care operations (including education programs);
• With authorization by the individual;
• When bound by law
Moreover, Hernandez (2015) provided additional situations when PHI can be disclosed. These are:
• To perform the work defined in the contract between a covered entity and its business associate.
• To the individual that the information is about (once the verification process has been achieved).
• With a third person with the individual’s permission.
Upon further investigation, there are…

HCS 533 WEEK 4 Case Study Implementing a Syndromic Surveillance System

Resource: “Case Study 12: Implementing a Syndromic Surveillance System,” Ch. 18 of Health Care Information Systems.

Read the case study.

Write 350 to 700 words that address the following issues as if you were the CIO of the State Public Health Agency:

  • How will your agency ensure the quality of the data acquired from many hospitals throughout the state?
  • What are the consequences of poor data quality in the syndromic surveillance system?
  • How can management ensure that significant data trends are acted on without distraction from expected variations in the data?

Click the Assignment Files tab to submit your assignment.