Instructions:
There are two parts to this Assignment. Each one will help you better understand how security breaches are handled and give you the opportunity to create a security plan. Creating this security plan will help you understand what is needed to protect data.
Part I
1. Search the internet for news about security breaches in healthcare and other industries in the last three years. Suggested source for the latest breach information from the Office of Civil Rights:
Source: HIPAA Privacy, Security, and Breach Notification Audit Program: United States Department of Health & Human Services. Retrieved from https://www.hhs.gov/ocr/privacy/hipaa/enforcement/audit/index.html
2. Write a critical essay summarizing the two cases. In your summary, identify the principal threats in each of these cases and what could have been done to minimize these threats.
Part II
1. Using what you learned from Part I, create a security plan for a medium sized health care facility. In your security plan, evaluate how you would approach security threats from both inside and outside the organization. Be sure that you address the following items in your security plan:
a. physical and administrative safeguards: employee education, health information archival and retrieval systems, disaster recovery, storage media
b. access safeguards: authentication, password management
c. network safeguards: cloud computing, mobile devices to deliver health care, firewalls, encryption / decryption
d. security threats of mobile devices used in health care delivery
2. Critique the plan you have written, identifying its strengths, elements that were not covered in the text, and any additional omissions or weaknesses of the plan.