you are an Information Security consultant for a small doctor’s office
consisting of three (3) doctors, two (2) nurses, and one (1)
receptionist. The office is physically located among several other
professional office spaces. The doctors utilize mobile devices over a
wireless network to document patient visits, with the electronic patient
records being stored on a server located within the building.
Additionally, each doctor’s office has a desktop computer that utilizes a
wired network to access the server and electronic patient records. The
receptionist station has a desktop computer that is used to schedule
appointments, but cannot access patient records. In 1996, Congress
enacted the Health Insurance Portability and Accountability Act (HIPAA)
to help citizens maintain their health insurance coverage and improve
the efficiency and effectiveness of the American health care system. You
have been hired to ensure HIPAA technical safeguards are appropriately
designed to preserve the integrity of protected health information
maintained in the doctor’s office.
Write a three to five (3-5) page paper in which you:
- Analyze proper physical access control safeguards and provide sound recommendations to be employed in the doctor’s office.
- Recommend the proper audit controls to be employed in the doctor’s office.
- Analyze methods and provide sound recommendations to ensure integrity of the electronic protected health information.
three (3) logical access control methods to restrict unauthorized
entities from accessing sensitive information, and explain why you
suggested each method.
the means in which data moves within the organization and identify
techniques that may be used to provide transmission security safeguard.
- Use at least three (3) quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.
Your assignment must follow these formatting requirements:
typed, double spaced, using Times New Roman font (size 12), with
one-inch margins on all sides; citations and references must follow APA
or school-specific format. Check with your professor for any additional
a cover page containing the title of the assignment, the student’s
name, the professor’s name, the course title, and the date. The cover
page and the reference page are not included in the required assignment
The specific course learning outcomes associated with this assignment are:
- Describe the role of information systems security (ISS) compliance and its relationship to U.S. compliance laws.
- Use technology and information resources to research issues in security strategy and policy formation.
clearly and concisely about topics related to information technology
audit and control using proper writing mechanics and technical style