Patient data is used in a variety of contexts by health care providers and organizations so continuous monitoring of user access to authorized parts of patient information is vital to securing this PHI and ensuring confidentiality. An example of how vulnerable patient information can be is outlined in the General Hospital Security Disaster Case Study which you should read in detail. As you will see from reading the case study, General Hospital is in desperate need of an Information Security (InfoSec) Document which you have been hired to create for the hospital.
Last week we looked at Goals, Strategy, and Roles of Responsibility of information security. This week we are focusing on Health Information Security Policy and Legislative Requirements.
To prepare for this Application Assignment, review the assigned readings, the case study, and write a 3 page paper that describes the health information security policy and legislative requirements for this section of GH’s InfoSec Security Policy Document. You should include an introductory section outlining the security issues in the case study that your recommendations will address and how they will help mitigate these concerns moving forward for General Hospital. This introductory section should be no more than 1 page in length. Summarize examples of federal laws and policies that affect healthcare and information as well as the security issues the hospital is facing. (1-2 pages). Be sure to explain how such national policies influence the Information security policy of an organization. (1-2 pages) The cover and reference pages do not count towards the required page length for the assignment.