Hospital Data Security

Select a hospital or healthcare organization to research. You may choose an organization you are familiar with or can readily obtain information about. To maintain confidentiality, you do not need to mention the name of the organization. You may also choose a hypothetical/fictitious healthcare organization.

Daily life requires us to have access to a lot of information, and information systems help us access that information. Desktop computers, laptops, and mobile devices keep us connected to the information we need through processes that work via hardware and software components. Information systems infrastructure makes this possible. However, our easy access to communication and information also creates security and privacy risks. Laws, regulations, policies, and guidelines exist to protect information and information owners. Cybersecurity ensures the confidentiality, integrity, and availability of the information. Identity management is a fundamental practice. Part of identity management is the governance of access, authorization, and authentication of users to information systems, Identity management is one part of a layered security defense strategy within the information systems infrastructure. Your work in this project will enable you to produce a technical report and nontechnical presentation that addresses these requirements.

There are six steps that will help you create your final deliverables. The deliverables for this project are as follows:

1. Nontechnical presentation: This is an 8-10 slide PowerPoint presentation for business executives and board members.
2. Technical report: Your report should be a 6-7 page double-spaced Word document with citations in APA format. The page count does not include figures, diagrams, tables or citations.
3. Executive summary: This should be a 2-3 page double-spaced Word document.
4. In a Word document, share your lab experience and provide screen prints to demonstrate that you performed the lab.

The technical report and the nontechnical presentation will identify compromises and vulnerabilities in the information systems infrastructure of the healthcare organization, and identify risks to the organization's data. You will propose a way to prioritize these risks and include possible remediation actions. 

The technical report: Provide recommendations for access control and authentication mechanisms to increase the security within the identity management system. After you have defined the roles within the organization, recommend the accesses, restrictions, and conditions for each role. Present these in a tabular format, as part of your list of recommendations. 

Provide a comparison of risk scenarios to include the following: 

1. What will happen if the CIO and the leadership do nothing, and decide to accept the risks?
2. Are there possible ways the CIO can transfer the risks?
3. Are there possible ways to mitigate the risks?
4. Are there possible ways to eliminate the risks? 
5. What are the projected costs to address these risks?

Provide an overall recommendation, with technical details to the director of IT. 

The executive summary: In addition to your technical report, also create a nontechnical report as an executive summary. 

The deliverables for this project are as follows: 

1. Nontechnical presentation: This is a 8-10 slide PowerPoint presentation for business executives and board members.
2. Technical report: Your report should be a 6-7 page double-spaced Word document with citations in APA format. The page count does not include figures, diagrams, tables or citations.
3. Executive summary: This should be a 2-3 page double-spaced Word document.
4. In a Word document, share your lab experience and provide screen prints to demonstrate that you performed the lab.

Submit your deliverables to the assignment folder.

Before you submit your assignment, review the competencies below, which your instructor will use to evaluate your work. A good practice would be to use each competency as a self-check to confirm you have incorporated all of them in your work.

• 1.1: Organize document or presentation in a manner that promotes understanding and meets the requirements of the assignment.
• 2.3: Evaluate the information in logical manner to determine value and relevance.
• 6.2: Create a roadmap for organizations to use in development of an IMA program (to address gaps in their current offerings).