Module 1: A Case for Securing Healthcare Data
For this assignment, you will need to review the Case Study presented and perform an audit to assess if there are any gaps related to regulations, internal policies and procedures to identify any areas where the organization’s data security is leaving them vulnerable to virtual attacks. You will need to utilize the CIA triad principles to assist you in making recommendations to protect patient health information, along with a strategy to prevent future security breaches from occurring.
Expand AllPanels Collapse AllPanels
Case Study
Action Plan
Steps you will complete as part of your audit:
1. Assess the Health Center’s policies and procedures for managing user access to their electronic health record system. Ask yourself, are there clear policies for assigning and revoking user access rights based on job roles?
2. Review and assess the quality and frequency of security updates to the Health Center’s electronic health record. Did you observe protocols in place for performing updates and applying patches as needed?
3. Assess the encryption methods in place for protecting patient health information. Are you confident that both data at rest and data in transit are sufficiently encrypted using current systems in place?
Your deliverable method can be either in the form of a half-page to full page report or PowerPoint slides that outline your findings from the audit, including any identified compliance issues, an assessment of current security measures, and strategies you are recommending improving current data protection and regulatory compliance.
Note: If you utilize your textbook or any references to support your recommendations, provide a reference list.
Action
Select the Start Assignment button to begin.
Once you have uploaded your file, select Submit Assignment.
Rubric
M1 A Case for Securing Healthcare Data
|
M1 A Case for Securing Healthcare Data
|
|
Criteria
|
Ratings
|
Pts
|
|
This criterion is linked to a Learning OutcomeParameters
Parameters
Paper Option
-Uses standard double-spacing without extra spaces between bullets or paragraphs
-Minimum length 1/2 page, maximum length 1 page
-Free of grammatical & spelling errors
-Uses APA in-text citations and reference list IF applicable
PowerPoint Option
-No more than 5 bullets per slide
-Keep slides uncluttered so easy to follow
-Notes Section of slides should contain a detailed outline of what slide is presenting (speaker notes)
-Free of grammatical & spelling errors
-Uses APA in-text citations and reference list on a reference slide IF applicable
|
|
7 pts
Meets or Exceeds
Student submission clearly encompasses all paper or PowerPoint parameters -Free of grammatical & spelling errors -Uses APA in-text citations and reference list IF applicable
|
5 pts
In Progress
Student submission mostly meets paper or PowerPoint parameters -1-3 grammatical & spelling errors -Uses some APA in-text citations and reference list IF applicable
|
2 pts
Little Evidence
Student submission does not clearly meet the paper or PowerPoint parameters -Has 4 or more grammatical & spelling errors -does not use APA in-text citations and reference list IF applicable
|
0 pts
No Evidence
Student submission clearly does not meet the required Parameters
|
|
7 pts
|
|
This criterion is linked to a Learning OutcomeAudit Findings
Audit Findings
Compliance Issues
-Clearly identifies any compliance issues
|
|
9 pts
Meets or Exceeds
Student submission clearly provides for Audit Findings on Compliance Issues
|
6 pts
In Progress
Student submission mostly provides the audit findings on compliance issues
|
3 pts
Little Evidence
Student submission is off topic or does not clearly layout the finding of the audit on compliance issues
|
0 pts
No Evidence
Student submission does not clearly meet compliance issue audit findings or nothing submitted
|
|
9 pts
|
|
This criterion is linked to a Learning OutcomeSecurity Measure Assessment
Security Measure
Assessment
*Incorporate applicable CIA triad principles into your assessment.
-Provides clear assessment of current security measures
-Including job role user access controls
CO1
|
|
9 pts
Meets or Exceeds
Student submission clearly provides for the Security Measure Assessment by -Having clear assessment of current security measures -Including job role user access controls
|
6 pts
In Progress
Student submission mostly provides for the Security Measure Assessment by -Having clear assessment of current security measures -Including job role user access controls
|
3 pts
Little Evidence
Student submission does not clearly provide the Security Measure Assessment by -Having clear assessment of current security measures -Including job role user access controls
|
0 pts
No Evidence
Student submission does not clearly meet a security measure assessment or nothing submitted
|
|
9 pts
|
|
This criterion is linked to a Learning OutcomeStrategies
Strategies
*Incorporate the CIA triad principles: Confidentiality, Integrity & Availability into your strategies.
-Recommends strategies to improve the current data protection policies
-Recommends any actions necessary to meet regulatory compliance deficiencies
CO1
|
|
10 pts
Meets or Exceeds
Student submission has clear Strategy for Recommendations -to improve current data protection policies -for any actions necessary to meet regulatory compliance deficiencies
|
7 pts
In Progress
Student submission contains a mostly clear Strategy for Recommendations -to improve current data protection policies -for any actions necessary to meet regulatory compliance deficiencies
|
4 pts
Little Evidence
Student submission may be slightly off topic or does not clearly provide Strategy for Recommendations -to improve current data protection policies -for any actions necessary to meet regulatory compliance deficiencies
|
0 pts
No Evidence
Student submission does not clearly outline recommendations of strategies for improving current data protection policies and/or any actions needed to meet regulatory compliance deficiencies or nothing is submitted
|
|
10 pts
|
|
Total Points: 35
|
Previous
Next
