Assignment - Case Study
Objectives: On successful completion of this assignment students should be able to:
- Analyse information security vulnerabilities and threats and determine appropriate controls that can be applied to mitigate the potential risks
- Describe the role of disaster recovery and business continuity plans in recovering information and operational systems when systems and hardware fail
- Describe why legal privacy and ethical issues play an important part in effectively managing information security
- Communicate effectively written and orally about the management of information security in organisations.
Assignment Details -
This group assignment is designed to develop students' problem solving and communication skills and requires a student to be responsible and collaborate with team members. It specifically requires you to apply the knowledge learned in this course to solve a particular problem.
Case Study -
Your project group are working for a consulting company that provides IT solutions for health care organisations in Australia. Recently a state health authority requires your company to provide solutions to the management of their medical records. There are 12 hospitals, 23 medical centres and 38 allied health services spread over 8 cities in this health authority. In Health Insurance Portability and Accountability Act addresses the security and privacy of health data. It also establishes national standards for electronic health data exchange. Your solution has to comply with the requirements of Health Insurance Portability and Accountability Act. It has to ensure that the authorised healthcare stakeholders can access the patient's information any time, any place when they need to access it. The tasks for you are listed below, also any other issues that you have identified as essential for the sustainability of the proposed system:
Task 1: Design the medical data storage infrastructure.
Task 2: Design the network infrastructure.
Task 3: Design the privacy and security protection mechanisms for the databases, software, hardware and network of your system. This includes controlling physical security and logical security of the system.
Task 4: Design the policies that ensure operations security.
Task 5: Identify potential risks of your solutions.
Task 6: Develop disaster recovery plan for the system
Please present your solution in a formal consulting report using the template provided on the Study Desk. Make full use of the knowledge and techniques acquired in this course, as well as your prior knowledge and skills. Your report must be no more than 3500 words.