User Account

All Pages

Describe the security and privacy requirements

Assignment Help Management Information Sys
Reference no: EM132256307

Here are weekly assignments to address for each week which will contribute to the Final Project: Each weekly assignment will between 250-350 words.

· Week 1 - Develop your network boundary based on the requirements provided, see Appendix A of the syllabus. Follow the assignment in Appendix A. You will need to draw the network boundary and provide a detailed network description of the network boundary.

· Week 2 - Describe the security and privacy requirements for the network boundary. This is a physician's office, so please describe the HIPAA security and privacy requirements you need to follow for your network boundary. Use the HIPAA, HiTech, and Omnibus Laws to help you create HIPAA security and privacy requirements.

· Week 3 - We need to ensure the physician's office is secure and the HIPAA data is protected. Read NIST SP 800-53 rev 4. How can this document help you ensure your physician's office is secure? Out of the 18 control families, pick two control families and address the controls in complete sentences for your network boundary.

· Week 4 - We need to ensure the network boundary is hardened. Please review the DOD STIG for Oracle 12. Select 20 controls and address how the Oracle server has been hardened in the physician's office.

· Week 5 - We are preparing for an audit of the system for HIPAA compliance. What are all of the documents we will need to have prepared for the upcoming audit? Please explain why each document is important. What scans should you run on the system, please describe the scan and on why systems the scan ought to be facilitated.

· Week 6 - The auditors have finished their assessment. In Appendix B, we have the findings from the audit. Please address in detail how each finding should be mitigated. Match up each control to the SP800-53 control family and control number.

· Week 7 - The physician's office now wants to add tele-medicine to the functionality of their network. Explain in great detail, 500 words or more how this will impact the physician's office and what we need to do from an information assurance perspective. Make sure you include change management in this discussion.

· Week 8 - Turn-in of FINAL PROJECT. Bring together your past 7 weeks of work. Add narrative transitions where appropriate and ensure you have addressed the instructor's feedback provided each week. Conclude your project with a 500 word narrative explaining why information security is important in the Healthcare field. Cite Scripture to demonstrate your understanding of how faith integrates with the information technology and healthcare fields. Check to ensure that APA format has been used and you have at least 14 peer-reviewed references.

APPENDIX A : Information Assurance Project

In order to understand the practical impact of Information Assurance, we will work on a project over the next 8 weeks. One of the major requirements in information assurance is documentation and being able to articulate your understanding of a security requirement or control. Please design a network for a hypothetical physician's office and provide a network description with the following:

1 Server with Scheduling software (pick one)

1 Server for billing (pick one)

1 Server with a data base for patient data - Oracle 12

1 Server for email - Microsoft Exchange Email

The office has 10 patient rooms with a desktop in each room running Windows 10 for the OS

The office is based on wireless networking with TCP/IP.

There are two doctors in this office.

This office has an Internet connection to the mother company.

The network boundary for this assignment is just this physician's office.

In your network description please provide the following:

Describe the purpose of this network.

Describe the network and equipment, the servers and the software in place.

Describe the security you have in place.

APPENDIX B

The auditors have completed their assessment. The following are the findings determined during the audit. Please address in detail how each finding should be mitigated.

Identified Vulnerability

Identify the Matching Control in the SP 800-53 - Control Family and Control Number

What would be the appropriate mitigations?

1. People can gain physical access to the physician's office without anyone checking ID.

2. The server room does not have a lock on the door.

3. There are default admin accounts with elevated privileges

4. The receptionist of the office provided the password to the server via an inbound phone call.

5. There are unused open ports on all of the servers.

6. The scheduling software shows verbose code.

7. There is no encryption on the network. PHI/PII data is sent over the wireless network in clear text.

8. The PHI/PII data on the database server resides on unencrypted drives.

9. In an interview with the Nurse, she stated there is no training for HIPAA Security or Privacy provided.

10. On the desktops, there are Microsoft vulnerabilities in the Windows 10 OS which have not been patched.

11. The auditor watched an employee make changes to the Oracle server without following change management.

Reference no: EM132256307

Questions Cloud

What information was relevant and why : How are the topics of the two articles related to the topic? What information was relevant and why?
What accounting problem that the Linbarger Company faces : Assignment - Ethics in Accounting. What is the accounting problem that the Linbarger Company faces? What are the ethical considerations in this case
Modify and complete the function : 1. Complete the function asn2_1() so it prints the string that is passed to it as a parameter.
Average number of voters in the system with voter booths : What is the average number of voters in the system with 5 voter booths?
Describe the security and privacy requirements : Describe the security and privacy requirements for the network boundary. hat are all of the documents we will need to have prepared for the upcoming audit?
Describe the disaster recovery and business continuity : Conduct a web search on organizations that were affected by Hurricane Katrina. Please select one business and cover the following.
Budgeting process for indirect costs and functional account : "The budgeting process for indirect costs and functional account expenses is more difficult than for direct costs and natural account expenses."
What are the three parameters needed : What are the three parameters needed in the Goal Seek section of What-if Analysis? Explain each of them and what they do.
Differences between a pivot chart and a line chart : What are the differences between a Pivot Chart and a Line Chart? Pivot charts automatically create a pivot table when added to a workbook.

Reviews

Write a Review

Management Information Sys Questions & Answers

  Information technology and the changing fabric

Illustrations of concepts from organizational structure, organizational power and politics and organizational culture.

  Case study: software-as-a-service goes mainstream

Explain the questions based on case study. case study - salesforce.com: software-as-a-service goes mainstream

  Research proposal on cloud computing

The usage and influence of outsourcing and cloud computing on Management Information Systems is the proposed topic of the research project.

  Host an e-commerce site for a small start-up company

This paper will help develop internet skills in commercial services for hosting an e-commerce site for a small start-up company.

  How are internet technologies affecting the structure

How are Internet technologies affecting the structure and work roles of modern organizations?

  Segregation of duties in the personal computing environment

Why is inadequate segregation of duties a problem in the personal computing environment?

  Social media strategy implementation and evaluation

Social media strategy implementation and evaluation

  Problems in the personal computing environment

What is the basic purpose behind segregation of duties a problem in the personal computing environment?

  Role of it/is in an organisation

Prepare a presentation on Information Systems and Organizational changes

  Perky pies

Information systems to adequately manage supply both up and down stream.

  Mark the equilibrium price and quantity

The demand schedule for computer chips.

  Visit and analyze the company-specific web-site

Visit and analyze the Company-specific web-site with respect to E-Commerce issues

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +91-977-207-8620

Phone: +91-977-207-8620

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd