Creating an HIT Privacy and Security Policy

Assignment 5

Assume that you have been hired as a Chief Information Security Officer (CISO) by a local healthcare organization which has no health information privacy and security policy yet. Thus, your assignment is to formulate a health information privacy and security policy for the organization in accordance with the HIPAA and HITECH Privacy and Security Rules. Before the development of the privacy and security policy document, your supervisor advises you to review the HIPPA and HITECH Privacy and Security regulations the organization is required to comply with.  (Key Word = “Before”)

In this assignment, address the following:

Outline of the specific policy you propose(Key word is “outline” so don’t write a policy – briefly state the sections that should be included in your policy based on best practices from your research)

The consequences of noncompliance with the applicable laws(the assignment asks for a review of the HIPAA and HITECH Privacy and Security Rules, so discuss the range of penalties associated with non-compliance/violations)  and

Measures to assure the correct application of Privacy and Security Rules. Make sure to consider all perspectives of the access controls. (discuss how these rules will apply to your organization…it’s okay to frame your response to an organization that you are familiar with such as a hospital, clinic, or physician practice)

Feel free to use graphics and/or diagrams in your submission for illustration or support your viewpoint. (this is okay, but graphic/diagram is not a substitute for a narrative discussion of the topics above…)

Include a title page and reference page (please use page breaks between your title page, body of your paper, and reference page)

Use appropriate APA-formatting(In-text citations must be used).

Use at least 2-3 credible sources of information as references and submit by Tuesday midnight (I would strongly suggest using four to six references this week – there is a lot of material to review and synthesize in responding to this assignment).

(Based on the assignment requirements, this paper will be 750 to 1,000 words in length) 

My suggested outline and APA headings for Assignment 4 are:

APA Title Page (No Running Head, Page Numbers Upper Right)

[Page Break]

Overview of Privacy and Security Laws for Healthcare Organizations  (APA Level 1 Heading, Centered and Bold)

Privacy Law Summary (APA Level 2 Heading, Flush Left and Bold)

Security Law Summary (APA Level 2 Heading, Flush Left and Bold)

HITECH Act Impact on Privacy and Security (APA Level 2 Heading, Flush Left and Bold)

Proposed Sections for Health Information Security and Privacy Policy (APA Level 1 Heading, Centered and Bold)

(Note: Use a APA Level 2 Headings (Flush Left and Bold) for each section you propose under this major heading)

Overview of Noncompliance with Privacy and Security Laws (APA Level 1 Heading, Centered and Bold)

Leave a Reply