Scenario: You are the Data Security Officer for a small 100 bed Hospital. The hospital is preparing to implement an EHR. You have been asked to determine the security measures that your facility will take to maintain confidentiality and prevent loss of data.
Write a security proposal to be presented to the CIO. Areas to be covered include, but are not limited to
- Physical security hardware
- Data authentication
- Passwords
- Data encryption/decryption
- Firewalls
- Data security
- Confidentiality
- Access
- Penalties for violating policies
- Network Security
- Integrity controls
Note: This is not a paper. This is a proposal. The proposal should begin with a cover letter to the CIO to introduce the plan and the proposal should outline the data security plan.