Need help with your Discussion

Get a timely done, PLAGIARISM-FREE paper
from our highly-qualified writers!

How It Works
Submit Your Assignment
glass
pen
clip
papers
heaphones

HIPAA regulations

Computer Science

Computer Science

HIPAA regulations

HIPAA regulations

Question Description

Case Study: HIPAA and IT Audits

Imagine you are the Information Security Officer at a medium-sized hospital chain. The CEO and the other senior leadership of the company want to ensure that all of their hospitals are and remain HIPAA compliant. They are concerned about the HIPAA Security and Privacy Rules and its impact on the organization. You begin looking at the information provided by the Department of Health and Human Services, located at http://www.hhs.gov/ocr/privacy/hipaa/enforcement/index.html. Specifically, you are asked to provide an analysis of two (2) of the cases found here with emphasis on what was done to resolve the compliance issues.

Section 1. Written Paper
Non-compliance with HIPAA regulations can result in significant fines and negative publicity. To help ensure that your organization remains in compliance with HIPAA regulations you have been asked to write a three to five (3-5) page paper in which you:

1a. Create an overview of the HIPAA Security Rule and Privacy Rule.
1b. Analyze the major types of incidents and breaches that occur based on the cases reported.
1c. Analyze the technical controls and the non-technical controls that are needed to mitigate the identified risks and vulnerabilities.
1d. Analyze and describe the network architecture that is needed within an organization, including a medium-sized hospital, in order to be compliant with HIPAA regulations.
1e. Analyze how a hospital is similar to and different from other organizations in regards to HIPAA compliance.
1f. List the IT audit steps that need to be included in the organization’s overall IT audit plan to ensure compliance with HIPAA rules and regulations.
1g. Use at least four (4) quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.

Your assignment must follow these formatting requirements:

  • Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; citations and references must follow APA. Check with your professor for any additional instructions.
  • Include a cover page containing the title of the assignment, the student’s name, the professor’s name, the course title, and the date. The cover page and the reference page are not included in the required assignment page length.

Section 2. Network Architecture

2a. Create a network architecture diagram (using Visio or an open-source equivalent to Visio for creating diagrams), based on the description of the network architecture that you defined above for the organization to be compliant with HIPAA regulations.
2b. Include in the diagram the switches, routers, firewalls, IDS / IPS, and any other devices needed for a compliant network architecture.

The specific course learning outcomes associated with this assignment are:

  • Describe the process of performing effective information technology audits and general controls.
  • Explain the role of cybersecurity privacy controls in the review of system processes.
  • Describe the various general controls and audit approaches for software and architecture to include operating systems, telecommunication networks, cloud computing, service-oriented architecture and virtualization.
  • Use technology and information resources to research issues in information technology audit and control.
  • Write clearly and concisely about topics related to information technology audit and control using proper writing mechanics and technical style conventions.

Grading for this assignment will be based on answer quality, logic / organization of the paper, and language and writing skills, using the following rubric.

Points: 125

Case Study 2: HIPAA and IT Audits

Criteria

Unacceptable

Below 70% F

Fair

70-79% C

Proficient

80-89% B

Exemplary

90-100% A

Section 1: Written Paper

1a. Create an overview of the HIPAA Security Rule and Privacy Rule.

Weight: 10%

Did not submit or incompletely created an overview of the HIPAA Security Rule and Privacy Rule.

Partially created an overview of the HIPAA Security Rule and Privacy Rule.

Satisfactorily created an overview of the HIPAA Security Rule and Privacy Rule.

Thoroughly created an overview of the HIPAA Security Rule and Privacy Rule.

1b. Analyze the major types of incidents and breaches that occur based on the cases reported.
Weight: 10%

Did not submit or incompletely analyzed the major types of incidents and breaches that occur based on the cases reported.

Partially analyzed the major types of incidents and breaches that occur based on the cases reported.

Satisfactorily analyzed the major types of incidents and breaches that occur based on the cases reported.

Thoroughly analyzed the major types of incidents and breaches that occur based on the cases reported.

1c. Analyze the technical controls and the non-technical controls that are needed to mitigate the identified risks and vulnerabilities.

Weight: 10%

Did not submit or incompletely analyzed the technical controls and the non-technical controls that are needed to mitigate the identified risks and vulnerabilities.

Partially analyzed the technical controls and the non-technical controls that are needed to mitigate the identified risks and vulnerabilities.

Satisfactorily analyzed the technical controls and the non-technical controls that are needed to mitigate the identified risks and vulnerabilities.

Thoroughly analyzed the technical controls and the non-technical controls that are needed to mitigate the identified risks and vulnerabilities.

1d. Analyze and describe the network architecture that is needed within an organization, including a medium-sized hospital, in order to be compliant with HIPAA regulations.

Weight: 10%

Did not submit or incompletely analyzed and described the network architecture that is needed within an organization, including a medium-sized hospital, in order to be compliant with HIPAA regulations.

Partially analyzed and described the network architecture that is needed within an organization, including a medium-sized hospital, in order to be compliant with HIPAA regulations.

Satisfactorily analyzed and described the network architecture that is needed within an organization, including a medium-sized hospital, in order to be compliant with HIPAA regulations.

Thoroughly analyzed and described the network architecture that is needed within an organization, including a medium-sized hospital, in order to be compliant with HIPAA regulations.

1e. Analyze how a hospital is similar to and different from other non-medical organizations in regards to HIPAA compliance.

Weight: 10%

Did not submit or incompletely analyzed how a hospital is similar to and different from other non-medical organizations in regards to HIPAA compliance.

Partially analyzed how a hospital is similar to and different from other non-medical organizations in regards to HIPAA compliance.

Satisfactorily analyzed how a hospital is similar to and different from other non-medical organizations in regards to HIPAA compliance.

Thoroughly analyzed how a hospital is similar to and different from other non-medical organizations in regards to HIPAA compliance.

1f. List the IT audit steps that need to be included in the organization’s overall IT audit plan to ensure compliance with HIPAA rules and regulations.

Weight: 10%

Did not submit or incompletely listed the IT audit steps that need to be included in the organization’s overall IT audit plan to ensure compliance with HIPAA rules and regulations.

Partially listed the IT audit steps that need to be included in the organization’s overall IT audit plan to ensure compliance with HIPAA rules and regulations.

Satisfactorily listed the IT audit steps that need to be included in the organization’s overall IT audit plan to ensure compliance with HIPAA rules and regulations.

Thoroughly listed the IT audit steps that need to be included in the organization’s overall IT audit plan to ensure compliance with HIPAA rules and regulations.

1g. 3 references

Weight: 5%

No references provided

Does not meet the required number of references; some or all references poor quality choices.

Meets number of required references; all references high quality choices.

Exceeds number of required references; all references high quality choices.

1h. Clarity, writing mechanics, and formatting requirements

Weight: 10%

More than 6 errors present

5-6 errors present

3-4 errors present

0-2 errors present

Section 2: Network Architecture

2a. Create a network architecture diagram based on the description of the network architecture that you defined above for the organization to be compliant with HIPAA regulations.

Weight: 15%

Did not submit or incompletely created a network architecture diagram based on the description of the network architecture that you defined above for the organization to be compliant with HIPAA regulations.

Partially created a network architecture diagram based on the description of the network architecture that you defined above for the organization to be compliant with HIPAA regulations.

Satisfactorily created a network architecture diagram based on the description of the network architecture that you defined above for the organization to be compliant with HIPAA regulations.

Thoroughly created a network architecture diagram based on the description of the network architecture that you defined above for the organization to be compliant with HIPAA regulations.

2b. Include in the diagram the switches, routers, firewalls, IDS/IPS, and any other devices needed for acompliant network architecture.
Weight: 10%

Did not submit or incompletely included in the diagram the switches, routers, firewalls, IDS/IPS, and any other devices needed for a compliant network architecture.

Partially included in the diagram the switches, routers, firewalls, IDS/IPS, and any other devices needed for a compliant network architecture.

Satisfactorily included in the diagram the switches, routers, firewalls, IDS/IPS, and any other devices needed for a compliant network architecture.

Thoroughly included in the diagram the switches, routers, firewalls, IDS/IPS, and any other devices needed for a compliant network architecture.

Have a similar assignment? "Place an order for your assignment and have exceptional work written by our team of experts, guaranteeing you A results."

Order Solution Now

Our Service Charter

1. Professional & Expert Writers: Eminence Papers only hires the best. Our writers are specially selected and recruited, after which they undergo further training to perfect their skills for specialization purposes. Moreover, our writers are holders of masters and Ph.D. degrees. They have impressive academic records, besides being native English speakers.

2. Top Quality Papers: Our customers are always guaranteed of papers that exceed their expectations. All our writers have +5 years of experience. This implies that all papers are written by individuals who are experts in their fields. In addition, the quality team reviews all the papers before sending them to the customers.

3. Plagiarism-Free Papers: All papers provided by Eminence Papers are written from scratch. Appropriate referencing and citation of key information are followed. Plagiarism checkers are used by the Quality assurance team and our editors just to double-check that there are no instances of plagiarism.

4. Timely Delivery: Time wasted is equivalent to a failed dedication and commitment. Eminence Papers are known for the timely delivery of any pending customer orders. Customers are well informed of the progress of their papers to ensure they keep track of what the writer is providing before the final draft is sent for grading.

5. Affordable Prices: Our prices are fairly structured to fit in all groups. Any customer willing to place their assignments with us can do so at very affordable prices. In addition, our customers enjoy regular discounts and bonuses.

6. 24/7 Customer Support: At Eminence Papers, we have put in place a team of experts who answer all customer inquiries promptly. The best part is the ever-availability of the team. Customers can make inquiries anytime.

Menu
Free resources
 
Dissertation help
 
Email
info@eminencepapers.com
Office Address: 2066 N Capitol Ave, San Jose, CA 95132, United States
eminencepapers.com ©2023 All rights reserved. Terms of usePrivacy Policy Revision PolicyMoney Back Guarantee | Plagiarism Free Guarantee
We Can Write It for You! Enjoy 20% OFF on This Order. Use Code SAVE20
Get my 20% OFF!

Stuck with your Assignment?

Continue Shopping
Enjoy 20% OFF Today
Use code SAVE20