Network Defense and Counter Measures
VerifiedAdded on  2023/04/20
|9
|1869
|92
AI Summary
This report focuses on the compliance of HIPPA standards and its effectiveness as well as recommends a technical solution for protecting patient health information data.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
[COMPANY NAME] | [COMPANY ADDRESS]
Network defense and Counter Measures
NAME OF STUDENT:
NAME OF COLLEGE:
AUTHORS NOTE:
Running head: INFORMATION TECHNOLOGY MANAGEMENT
Network defense and Counter Measures
NAME OF STUDENT:
NAME OF COLLEGE:
AUTHORS NOTE:
Running head: INFORMATION TECHNOLOGY MANAGEMENT
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
INFORMATION TECHNOLOGY MANAGEMENT
Contents
Introduction......................................................................................................................................2
Analysis...........................................................................................................................................2
Conclusion.......................................................................................................................................6
References........................................................................................................................................7
1
Contents
Introduction......................................................................................................................................2
Analysis...........................................................................................................................................2
Conclusion.......................................................................................................................................6
References........................................................................................................................................7
1
INFORMATION TECHNOLOGY MANAGEMENT
Introduction
The protection of health information of patients in healthcare sector is a very vital necessity for
healthcare organizations as it contains sensitive and confidential information regarding the health
of patients. The HIPPA act is considered as an effective act which helps in protecting
confidentiality of patient information though its effectiveness is hampered by several barriers and
challenges. This report focuses on the compliance of HIPPA standards and its effectiveness as
well as recommends a technical solution for protecting patient health information data.
Analysis
HIPPA compliance
The Health Insurance Portability and Accountability Act commonly termed as HIPPA helps in
setting standards regarding protection of sensitive patient data. The organizations which deal
with Protected Health Information must possess physical network and process security measures
accordingly to comply with them and ensure HIPPA compliance. As stated by Birnbaum,
Borycki, Karras, Denham & Lacroix (2015) the covered entity or anyone who provides
treatment, payment and operations in healthcare organizations and business associates or anyone
who currently has access to the information of the patients comes under HIPAA and should
accordingly provide the required support regarding treatment, payment and operations by abiding
to HIPPA compliance standards. Various other entities in the healthcare sector such as the
subcontractors or any other related business associates must also abide by the compliances of
HIPPA. According to the US Department of Health and Human Services, the HIPPA privacy
rule or Standards of Privacy of Individually Identifiable Health Information sets national
2
Introduction
The protection of health information of patients in healthcare sector is a very vital necessity for
healthcare organizations as it contains sensitive and confidential information regarding the health
of patients. The HIPPA act is considered as an effective act which helps in protecting
confidentiality of patient information though its effectiveness is hampered by several barriers and
challenges. This report focuses on the compliance of HIPPA standards and its effectiveness as
well as recommends a technical solution for protecting patient health information data.
Analysis
HIPPA compliance
The Health Insurance Portability and Accountability Act commonly termed as HIPPA helps in
setting standards regarding protection of sensitive patient data. The organizations which deal
with Protected Health Information must possess physical network and process security measures
accordingly to comply with them and ensure HIPPA compliance. As stated by Birnbaum,
Borycki, Karras, Denham & Lacroix (2015) the covered entity or anyone who provides
treatment, payment and operations in healthcare organizations and business associates or anyone
who currently has access to the information of the patients comes under HIPAA and should
accordingly provide the required support regarding treatment, payment and operations by abiding
to HIPPA compliance standards. Various other entities in the healthcare sector such as the
subcontractors or any other related business associates must also abide by the compliances of
HIPPA. According to the US Department of Health and Human Services, the HIPPA privacy
rule or Standards of Privacy of Individually Identifiable Health Information sets national
2
INFORMATION TECHNOLOGY MANAGEMENT
standards regarding the privacy and protection of certain health information. As stated by
Yaraghi (2014) in addition to that the Security Rule sets a national set of standards regarding
security in order to protect certain information regarding health which is either held or
transferred in electronic form. As opined by Graham (2010) the Security Rules helps in
operationalizing the protections set by the Privacy Rule by addressing the safeguards which are
both technical and non-technical in nature and the covered entities must follow standards to
secure and protect electronic Patient Health Information. Within the US Department of Health
and Human Services, the office of Civil Rights is responsible regarding the enforcement of
Security and Privacy Rules with compliance activities which are voluntary in nature and ensure
civil money penalties in case of non-compliance. As stated by Parks, Xu, Chu & Lowry (2017)
the US Department of Health and Human Services or HHS states that health care providers and
other entities deals with the health information of the patients and transform these in to
computerized operations which includes computerized physician order entry system, electronic
health records, all radiology, pharmacy and laboratory system to ensure compliance with the
HIPPA rules and regulations as these are very important. Also in various health plans care
providers provide access to various health claims made on behalf of the patients in addition to
care management and self-service applications to ensure HIPPA compliance. All the above
stated electronic methods help in providing increased mobility and efficiency to healthcare
organizations but at the same time they also significantly increase the security risks to data
related to healthcare. The requirement for data security has significantly grown with the increase
in use and sharing of patient data which are electronic in nature. Modern high quality health care
requires organizations in healthcare sector to meet this increased demand for data security while
complying with regulations of HIPPA so as to protect the health information of patients. As
3
standards regarding the privacy and protection of certain health information. As stated by
Yaraghi (2014) in addition to that the Security Rule sets a national set of standards regarding
security in order to protect certain information regarding health which is either held or
transferred in electronic form. As opined by Graham (2010) the Security Rules helps in
operationalizing the protections set by the Privacy Rule by addressing the safeguards which are
both technical and non-technical in nature and the covered entities must follow standards to
secure and protect electronic Patient Health Information. Within the US Department of Health
and Human Services, the office of Civil Rights is responsible regarding the enforcement of
Security and Privacy Rules with compliance activities which are voluntary in nature and ensure
civil money penalties in case of non-compliance. As stated by Parks, Xu, Chu & Lowry (2017)
the US Department of Health and Human Services or HHS states that health care providers and
other entities deals with the health information of the patients and transform these in to
computerized operations which includes computerized physician order entry system, electronic
health records, all radiology, pharmacy and laboratory system to ensure compliance with the
HIPPA rules and regulations as these are very important. Also in various health plans care
providers provide access to various health claims made on behalf of the patients in addition to
care management and self-service applications to ensure HIPPA compliance. All the above
stated electronic methods help in providing increased mobility and efficiency to healthcare
organizations but at the same time they also significantly increase the security risks to data
related to healthcare. The requirement for data security has significantly grown with the increase
in use and sharing of patient data which are electronic in nature. Modern high quality health care
requires organizations in healthcare sector to meet this increased demand for data security while
complying with regulations of HIPPA so as to protect the health information of patients. As
3
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
INFORMATION TECHNOLOGY MANAGEMENT
opined by Zackius-Shittu (2015) by possessing data protection strategy in place to protect the
health information of patients, healthcare organizations remain successful in maintaining privacy
and confidentiality of patient data. It also allows healthcare organizations to comply with
regulations of HIPPA during access and audit of data to ensure control and integrity during
transmission of data so as to ensure security. It also allows healthcare organizations to ensure
greater control and visibility of sensitive patient information and records throughout their
organization.
Effectiveness of HIPPA
The HIPPA regulations influences both personnel and healthcare organizations in covered entity
which includes health plans, healthcare clearing houses and also healthcare providers like
physicians, hospital and clinics who convey health information in electric forms with particular
transactions. HIPPA helps in governing the manner healthcare providers can use and disclose
personally identifiable information regarding health of the patients. As opined by Goreva,
Mishra, Draus, Bromall & Caputo (2016) HIPPA also helps in addressing rights of individuals
regarding protection of their own health information. Although HIPPA helps in protecting the
health information of individuals’ but it also possesses ability to obstruct the flow of information
regarding health that is required for providing and promoting high quality healthcare facilities in
a timely manner. The HIPPA privacy rules are considered to have both positive and negative
effects regarding the release of patient information by healthcare facilities. Even though, the sole
purpose of HIPPA is to protect the privacy of patient and promote security and confidentiality of
their information, it has unintended consequences for healthcare facilities. As opined by Roscoe
(2014) there are several perceived barriers regarding the release of private health information of
the patients which are associated with effective implementation of HIPPA. One of the greatest
4
opined by Zackius-Shittu (2015) by possessing data protection strategy in place to protect the
health information of patients, healthcare organizations remain successful in maintaining privacy
and confidentiality of patient data. It also allows healthcare organizations to comply with
regulations of HIPPA during access and audit of data to ensure control and integrity during
transmission of data so as to ensure security. It also allows healthcare organizations to ensure
greater control and visibility of sensitive patient information and records throughout their
organization.
Effectiveness of HIPPA
The HIPPA regulations influences both personnel and healthcare organizations in covered entity
which includes health plans, healthcare clearing houses and also healthcare providers like
physicians, hospital and clinics who convey health information in electric forms with particular
transactions. HIPPA helps in governing the manner healthcare providers can use and disclose
personally identifiable information regarding health of the patients. As opined by Goreva,
Mishra, Draus, Bromall & Caputo (2016) HIPPA also helps in addressing rights of individuals
regarding protection of their own health information. Although HIPPA helps in protecting the
health information of individuals’ but it also possesses ability to obstruct the flow of information
regarding health that is required for providing and promoting high quality healthcare facilities in
a timely manner. The HIPPA privacy rules are considered to have both positive and negative
effects regarding the release of patient information by healthcare facilities. Even though, the sole
purpose of HIPPA is to protect the privacy of patient and promote security and confidentiality of
their information, it has unintended consequences for healthcare facilities. As opined by Roscoe
(2014) there are several perceived barriers regarding the release of private health information of
the patients which are associated with effective implementation of HIPPA. One of the greatest
4
INFORMATION TECHNOLOGY MANAGEMENT
barriers which are perceived in this context is increase in misunderstanding among general
public regarding the release of patient information. Another perceived barrier which is associated
regarding effectiveness of HIPPA is absence of an umbrella policy or regulations that defines
infractions and enforcement which allows individual health care organizations for making their
own interpretations. The other perceived challenge or barrier which is associated regarding the
effectiveness of HIPPA are challenges to health information management professionals
regarding control and safeguards which are related to the release of patient information
considering transition in to health records which are electronic in nature. Another barrier is
increase attachment of Information Technology in maintaining and storing of health records. As
stated by Price (2014) therefore in order to increase effectiveness of HIPPA, additional
clarifications are required regarding regulations which govern HIPPA in the form of standardized
instructions. Moreover, health care institutions should also focus on providing extensive training
to their healthcare workers in order to increase effectiveness of HIPPA.
Recommendation regarding technical solution
Healthcare organizations must adopt adequate steps to protect Patient Health Information (PHI)
data due to increase in transmission of patients’ health records in to electronic form. With
transmission of health records of patients in to electronic form, the risk for cyber threats and data
breaches have increased manifold and therefore it remains prime responsibility of healthcare
organizations to ensure security and confidentiality of patient data and information. As opined by
Cal (2016) the first and foremost step that healthcare organizations should adopt to increase
cyber security measures in electronic health record system of organization to prevent cyber-
attacks and hacking of user data. Healthcare organizations should also focus on implementing
user and session reporting to capture details regarding log in and log out time of healthcare
5
barriers which are perceived in this context is increase in misunderstanding among general
public regarding the release of patient information. Another perceived barrier which is associated
regarding effectiveness of HIPPA is absence of an umbrella policy or regulations that defines
infractions and enforcement which allows individual health care organizations for making their
own interpretations. The other perceived challenge or barrier which is associated regarding the
effectiveness of HIPPA are challenges to health information management professionals
regarding control and safeguards which are related to the release of patient information
considering transition in to health records which are electronic in nature. Another barrier is
increase attachment of Information Technology in maintaining and storing of health records. As
stated by Price (2014) therefore in order to increase effectiveness of HIPPA, additional
clarifications are required regarding regulations which govern HIPPA in the form of standardized
instructions. Moreover, health care institutions should also focus on providing extensive training
to their healthcare workers in order to increase effectiveness of HIPPA.
Recommendation regarding technical solution
Healthcare organizations must adopt adequate steps to protect Patient Health Information (PHI)
data due to increase in transmission of patients’ health records in to electronic form. With
transmission of health records of patients in to electronic form, the risk for cyber threats and data
breaches have increased manifold and therefore it remains prime responsibility of healthcare
organizations to ensure security and confidentiality of patient data and information. As opined by
Cal (2016) the first and foremost step that healthcare organizations should adopt to increase
cyber security measures in electronic health record system of organization to prevent cyber-
attacks and hacking of user data. Healthcare organizations should also focus on implementing
user and session reporting to capture details regarding log in and log out time of healthcare
5
INFORMATION TECHNOLOGY MANAGEMENT
employees as well as to capture details of reporting of data which is accessed. As stated by Smith
(2016) another technical solution which healthcare organizations can implement to secure PHI is
enhancing breach notification process or alerting tools so as to get instant alerts regarding any
minute instances of breach so that prompt action can be taken on time by health care
organizations.
Conclusion
From the above report it can be stated that effectiveness of HIPPA is affected by various barriers
and challenges and therefore governing body of HIPPA should focus on addressing these barriers
and challenges faced by healthcare organizations to ensure effectiveness of HIPPA and
protection of patient information.
6
employees as well as to capture details of reporting of data which is accessed. As stated by Smith
(2016) another technical solution which healthcare organizations can implement to secure PHI is
enhancing breach notification process or alerting tools so as to get instant alerts regarding any
minute instances of breach so that prompt action can be taken on time by health care
organizations.
Conclusion
From the above report it can be stated that effectiveness of HIPPA is affected by various barriers
and challenges and therefore governing body of HIPPA should focus on addressing these barriers
and challenges faced by healthcare organizations to ensure effectiveness of HIPPA and
protection of patient information.
6
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
INFORMATION TECHNOLOGY MANAGEMENT
References
Birnbaum, D., Borycki, E., Karras, B. T., Denham, E., & Lacroix, P. (2015). Addressing public
health informatics patient privacy concerns. Clinical Governance, 20(2), 91-100.
doi:http://dx.doi.org/10.1108/CGIJ-05-2015-0013
Cal, A. (2016). Strategies among health care business professionals to increase productivity and
revenue. Business Premium Collection. Retrieved from
https://search.proquest.com/docview/1813320140?accountid=30552
Goreva, N., Mishra, S., Draus, P., Bromall, G., & Caputo, D. (2016). A study of the security of
electronic medical records utilizing six knowledge categories and subjects
demographics. International Journal of Management & Information Systems, 20(3), 51.
Retrieved from https://search.proquest.com/docview/1804900985?accountid=30552
Graham, C. M. (2010). HIPAA and HITECH Compliance: An Exploratory Study of Healthcare
Facilities Ability to Protect Patient Health Information. Proceedings of the Northeast
Business & Economics Association, 402-406. Retrieved from:
https://web.b.ebscohost.com/abstract?direct=true&profile=ehost&scope=site&authtype=c
rawler&jrnl=1936203X&AN=56100882&h=vmLnEzXFvrQSZcB0UP6q40Et7nOX%2f
DRUfXbZWLQfeks5n0fFhCq%2bdqIepCbVuZC3gBISwthnIsoCjuCWN1GqBQ%3d%3
d&crl=c&resultNs=AdminWebAuth&resultLocal=ErrCrlNotAuth&crlhashurl=login.asp
x%3fdirect%3dtrue%26profile%3dehost%26scope%3dsite%26authtype%3dcrawler%26j
rnl%3d1936203X%26AN%3d56100882
7
References
Birnbaum, D., Borycki, E., Karras, B. T., Denham, E., & Lacroix, P. (2015). Addressing public
health informatics patient privacy concerns. Clinical Governance, 20(2), 91-100.
doi:http://dx.doi.org/10.1108/CGIJ-05-2015-0013
Cal, A. (2016). Strategies among health care business professionals to increase productivity and
revenue. Business Premium Collection. Retrieved from
https://search.proquest.com/docview/1813320140?accountid=30552
Goreva, N., Mishra, S., Draus, P., Bromall, G., & Caputo, D. (2016). A study of the security of
electronic medical records utilizing six knowledge categories and subjects
demographics. International Journal of Management & Information Systems, 20(3), 51.
Retrieved from https://search.proquest.com/docview/1804900985?accountid=30552
Graham, C. M. (2010). HIPAA and HITECH Compliance: An Exploratory Study of Healthcare
Facilities Ability to Protect Patient Health Information. Proceedings of the Northeast
Business & Economics Association, 402-406. Retrieved from:
https://web.b.ebscohost.com/abstract?direct=true&profile=ehost&scope=site&authtype=c
rawler&jrnl=1936203X&AN=56100882&h=vmLnEzXFvrQSZcB0UP6q40Et7nOX%2f
DRUfXbZWLQfeks5n0fFhCq%2bdqIepCbVuZC3gBISwthnIsoCjuCWN1GqBQ%3d%3
d&crl=c&resultNs=AdminWebAuth&resultLocal=ErrCrlNotAuth&crlhashurl=login.asp
x%3fdirect%3dtrue%26profile%3dehost%26scope%3dsite%26authtype%3dcrawler%26j
rnl%3d1936203X%26AN%3d56100882
7
INFORMATION TECHNOLOGY MANAGEMENT
Parks, R., Xu, H., Chu, C., & Lowry, P. B. (2017). Examining the intended and unintended
consequences of organizational privacy safeguards. European Journal of Information
Systems, 26(1), 37-65. doi:http://dx.doi.org/10.1057/s41303-016-0001-6
Price, J. D. (2014). Reducing the risk of a data breach using effective compliance programs.
Business Premium Collection. . Retrieved from
https://search.proquest.com/docview/1536438339?accountid=30552
Roscoe, J. P. (2014). Privacy issues in mediated health care disputes and considerations for
advocates. Inside Counsel Breaking News, Retrieved from
https://search.proquest.com/docview/1622248642?accountid=30552
Smith, T. T. (2016). Examining data privacy breaches in healthcare. Business Premium
Collection . Retrieved from https://search.proquest.com/docview/1811614558?
accountid=30552
Yaraghi, N. (2014). Essays on health information exchange: Adoption, usage and patient
privacy. Business Premium Collection. Retrieved from
https://search.proquest.com/docview/1562520226?accountid=30552
Zackius-Shittu, K. (2015). The perceptions of baby boomer clinicians regarding the introduction
of electronic medical record technology. Business Premium Collection. Retrieved from
https://search.proquest.com/docview/1680016020?accountid=30552
8
Parks, R., Xu, H., Chu, C., & Lowry, P. B. (2017). Examining the intended and unintended
consequences of organizational privacy safeguards. European Journal of Information
Systems, 26(1), 37-65. doi:http://dx.doi.org/10.1057/s41303-016-0001-6
Price, J. D. (2014). Reducing the risk of a data breach using effective compliance programs.
Business Premium Collection. . Retrieved from
https://search.proquest.com/docview/1536438339?accountid=30552
Roscoe, J. P. (2014). Privacy issues in mediated health care disputes and considerations for
advocates. Inside Counsel Breaking News, Retrieved from
https://search.proquest.com/docview/1622248642?accountid=30552
Smith, T. T. (2016). Examining data privacy breaches in healthcare. Business Premium
Collection . Retrieved from https://search.proquest.com/docview/1811614558?
accountid=30552
Yaraghi, N. (2014). Essays on health information exchange: Adoption, usage and patient
privacy. Business Premium Collection. Retrieved from
https://search.proquest.com/docview/1562520226?accountid=30552
Zackius-Shittu, K. (2015). The perceptions of baby boomer clinicians regarding the introduction
of electronic medical record technology. Business Premium Collection. Retrieved from
https://search.proquest.com/docview/1680016020?accountid=30552
8
1 out of 9
Related Documents
![[object Object]](/_next/image/?url=%2F_next%2Fstatic%2Fmedia%2Flogo.6d15ce61.png&w=640&q=75){kind=small}
Your All-in-One AI-Powered Toolkit for Academic Success.
 +13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024  |  Zucol Services PVT LTD  |  All rights reserved.