The paper will be 3.5- 4 pages Each paper must be typewritten with 12-point font and double-spaced with standard margins. Follow APA format
For this assignment you are encourage generating a Security Plan and implemented in a Health Care Facility of your choosing.
Work with your EHR vendor(s) to let them know that protecting patient health information and meeting your HIPAA privacy and security responsibilities regarding electronic health information in your EHR is one of your major goals. Involve your practice staff and any other partners that you have to help streamline this process.
1. INFORMATION SECURITY MANAGEMENT PLAN (10%):
This Information Security Management Plan (ISMP) describes the ACE’s safeguards to protect confidential data and information.
2. SECURITY POLICY (20%):
The Information Security core policy concepts are maintained in the Privacy, Confidentiality and Security of Patient Proprietary Information Policy and the Computer Use and Electronic Information Security Policy. These policies are reviewed every 2 years.
3. ACCESS CONTROL: (20%):
Access to confidential information must follow the “need to know” guideline. Only those employees who have a business need to know the information shall have permission to utilize the data. Each employee is assigned a user name and password. Each employee is trained on developing a secure password. Passwords must be changed according to Password Security Policy.
4. MEDIA PROTECTION: (20%):
The ACE has established policies and procedures which clearly define where data can be stored and how the data stored on media is to be protected. The ACE highly discourages storage of data on any medium except for storage on network drives within the secured data center. However, in the case where data cannot be stored in the data center it must be stored on an encrypted medium.
5. PHYSICIAL AND ENVIRONMENTAL PROTECTION: (20%):
The ACE has multiple data centers.
Evaluation will be based on how clearly you respond to the above, in particular:
a) The precision with which you analyses the articles;
b) The complexity, possibility, and organization of your paper; and,
c) Your conclusions, including a description of the impact of these articles and Chapters on any Health Care Setting.