Developing System Access Security Policies for Healthcare Organizations
Added on 2022-11-25
13 Pages3040 Words271 Views
Running head: ASSESSMENT ITEM 2 1
Assessment Item 2
Student
Tutor
Institutional Affiliations
Date
Assessment Item 2
Student
Tutor
Institutional Affiliations
Date
ASSESSMENT ITEM 2 2
Table of Contents
Table of Contents.................................................................................................... 2
Part 1: Plan, Develop and manage security policy.....................................................................3
Introduction.................................................................................................................... 3
The System Access Security Policy Plan...........................................................................3
System access security policies....................................................................................... 4
System administrator................................................................................................ 5
Doctors.................................................................................................................. 6
Nurses.................................................................................................................... 7
Managing a system security policy..................................................................................8
Part 2: Risk assessment................................................................................................... 8
The risks in Netflix’s system............................................................................................. 8
Consequences of the risks............................................................................................. 9
Mitigation strategies.................................................................................................. 10
Risk register............................................................................................................. 10
Conclusion.................................................................................................................. 10
Table of Contents
Table of Contents.................................................................................................... 2
Part 1: Plan, Develop and manage security policy.....................................................................3
Introduction.................................................................................................................... 3
The System Access Security Policy Plan...........................................................................3
System access security policies....................................................................................... 4
System administrator................................................................................................ 5
Doctors.................................................................................................................. 6
Nurses.................................................................................................................... 7
Managing a system security policy..................................................................................8
Part 2: Risk assessment................................................................................................... 8
The risks in Netflix’s system............................................................................................. 8
Consequences of the risks............................................................................................. 9
Mitigation strategies.................................................................................................. 10
Risk register............................................................................................................. 10
Conclusion.................................................................................................................. 10
ASSESSMENT ITEM 2 3
Part 1: Plan, Develop and manage security policy
Introduction
For healthcare organizations, information is a critical asset that demands a maximum
protection from unauthorized access. As a result, it is imperative that pertinent policies and
procedures are developed to guide how healthcare organization personnel access, use and
manage information. While there is an assumption that healthcare facilities may not necessarily
need a set of information governance policies like other organizations, the plan by the
Commonwealth Government of Australia to launch the “My Health Records” a secure online
summary of an individual’s health records requires them to do so. The “My Health Records” will
carry sensitive information that requires to be safeguarded from unauthorized access. In this
rationale, this document seek to develop a system access security policies that would govern the
access to the “My Health Records.”
The System Access Security Policy Plan
In this system security plan, we present an overview of the system access security
requirements for the “My Health Records” and it describes the policies planned to offer the level
of security that is required for the information to be secured from unauthorized access.
In the information security policy, we will focus on three personnel including the system
administrator, doctors and nurses. All of the personnel will have their status which will be
categorized with the level of sensitivity. The users’ privileges after authentication is shown in the
following table.
Part 1: Plan, Develop and manage security policy
Introduction
For healthcare organizations, information is a critical asset that demands a maximum
protection from unauthorized access. As a result, it is imperative that pertinent policies and
procedures are developed to guide how healthcare organization personnel access, use and
manage information. While there is an assumption that healthcare facilities may not necessarily
need a set of information governance policies like other organizations, the plan by the
Commonwealth Government of Australia to launch the “My Health Records” a secure online
summary of an individual’s health records requires them to do so. The “My Health Records” will
carry sensitive information that requires to be safeguarded from unauthorized access. In this
rationale, this document seek to develop a system access security policies that would govern the
access to the “My Health Records.”
The System Access Security Policy Plan
In this system security plan, we present an overview of the system access security
requirements for the “My Health Records” and it describes the policies planned to offer the level
of security that is required for the information to be secured from unauthorized access.
In the information security policy, we will focus on three personnel including the system
administrator, doctors and nurses. All of the personnel will have their status which will be
categorized with the level of sensitivity. The users’ privileges after authentication is shown in the
following table.
ASSESSMENT ITEM 2 4
Roles Privileges Level of sensitivity Duties
System administrator Full administrative
access
Moderate Will install, configure
and monitor software
Will get reports and
add patient data.
Will perform system
updates and file
backups.
Doctor Perform
administration
Limited Enter prescription
data through system
admin.
Monitor patient data.
Nurse Limited access Limited Acquire and monitor
patient records.
Monitor patient data
Table 1: Users privileges after authentication
The data flow is represented in figure 1 below.
Figure 1: The system architecture
System access security policies
To avoid the information security risks through unauthorized system access, pertinent
security policies and procedures must get formulated and adopted (Benferhat, Tolba, Tabia &
Roles Privileges Level of sensitivity Duties
System administrator Full administrative
access
Moderate Will install, configure
and monitor software
Will get reports and
add patient data.
Will perform system
updates and file
backups.
Doctor Perform
administration
Limited Enter prescription
data through system
admin.
Monitor patient data.
Nurse Limited access Limited Acquire and monitor
patient records.
Monitor patient data
Table 1: Users privileges after authentication
The data flow is represented in figure 1 below.
Figure 1: The system architecture
System access security policies
To avoid the information security risks through unauthorized system access, pertinent
security policies and procedures must get formulated and adopted (Benferhat, Tolba, Tabia &
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Security Access Policy Plan and Risk Assessment for Healthcare Organization and Facebooklg...
|12
|2961
|377
Planning and Formulation of Security Policy for Royal Melbourne Hospitallg...
|12
|3310
|420
Report on IT Risk Managementlg...
|9
|2558
|296
Healthcare Information Technology Trendslg...
|3
|448
|19
Security Policy and Risk Managementlg...
|14
|2587
|388
Health Promotion and Policy Tasklg...
|7
|1490
|18