[email protected]

New Order

Strategies For Securing Data Essay Assignment

Strategies For Securing Data Essay Assignment

Grand City Medical Center, as a healthcare organization, faces unique challenges in data protection and cybersecurity given the valuable information entrusted to them by patients. Legal liabilities, reputational damage, and financial losses are at risk if the organization’s data is breached by threat actors. Given the digitization of healthcare delivery presented by the EMR system, keeping sensitive information secure is no easy feat. The organization must find a way to protect patient privacy while simultaneously ensuring high-quality patient care (Pearlson et al., 2024). This essay explores data security and strategies for securing data in the EMR system. Strategies For Securing Data Essay Assignment

ORDER A PLAGIARISM-FREE PAPER HERE

Identify the items that you would include in your assessment and explain why.

A data security risk assessment helps to ensure the organization is compliant with the relevant technical, physical, and administrative safeguards. It reveals areas where protected health information could be at risk. The assessment is guided by the Health Insurance Portability and Accountability Act (HIPAA), a legislation that requires health organizations to conduct a risk assessment. The legislation presents the Security Risk Assessment (SRA) Tool that identifies five assessment items. First, the presence of documented security policies and procedures that are regularly updated to protect the confidentiality, integrity, and availability of electronic health information, including cybersecurity policies, procedures, and processes. Second, the presence of a data protection office and officer responsible for developing and implementing the information security policies and procedures with a focus on defining and managing access to systems and workforce training. Third, written physical and technical security procedures for access management and use of facilities explaining who can access what information from what point. Fourth, written procedures for managing third parties like security vendors and business associates detailing their evaluation for business associate agreement, expertise to perform operational and security tasks, and capability to augment practice capabilities. Fifth, the presence of a contingency plan to address emergencies, such as reporting suspicious activities and managing incident responses (HealthIT.gov, 2024)Strategies For Securing Data Essay Assignment.

Describe the policies that you would expect to find.

The policies are expected to secure data, systems, infrastructure, devices, and all users. First, a policy establishing a plan around information security. Second, a policy creating documentation around security measures and user access control. Third, a policy for tools to detect compromised devices and networks, misuse of data, and minimize the impact. Fourth, a policy that ensures compliance with regulatory and legal requirements, including HIPAA, the Family Educational Rights and Privacy Act (FERPA), the General Data Protection Regulation (GDPR), and the National Institutes of Standards and Technology (NIST). Fifth, a policy establishing plans to respond to data security risks. These policies help to keep health information safe, protect the patients, and preserve the facility’s reputation (Kim & Solomon, 2021)Strategies For Securing Data Essay Assignment.

Explain the network security challenges faced when facilities and database systems are merged.

A merger may present benefits in terms of operational synergies, expanded portfolio, and enhanced market share. However, it may also present network security challenges. First, data breaches and unauthorized access as vast amounts of information are shared. Cybercriminals can exploit vulnerabilities during the merger and gain unauthorized access to patient data. If not protected, this can compromise patient data, facility secrets, and financial records. Second, integration challenges as merging distinct database systems and information technology infrastructure is complex. A misconfigured integration can create security gaps that hackers exploit. In addition, a merger between facilities presents different security practices and cultures, causing a clash that makes it difficult to establish a strong, unified security posture (Harrington, 2016). Third, third-party and vendor risks as they may not adhere to the same level of security standards thereby introducing vulnerabilities. Fourth, loss of focus on cybersecurity amidst the flurry of activities during the merger. Resources and attention may be directed toward other challenges, leaving critical security measures neglected and vulnerable (Lessard, C. & Lessard, J., 2022)Strategies For Securing Data Essay Assignment.

Recommend two strategies for securing data and the network.

Securing data and the network requires that the challenges be addressed. First, early comprehensive due diligence that assesses security practices, vulnerabilities, and incident history. This identifies weaknesses early on and allows for the development of a risk mitigation strategy. Second, establishing a dedicated data security team composed of experts from the merging networks. The team would work together to check and address potential risks, develop integration plans, and ensure security practices are consistent. Third, security-focused integration planning that reviews and enhances security architecture, ensures consistent security policies, and conducts thorough testing to identify and rectify vulnerabilities. Fourth, third-party risk assessment to ensure third parties and vendors are aligned with the new security standards. Fifth, continuous monitoring and training to raise awareness about best practices and potential threats (Hardwood & Price, 2022)Strategies For Securing Data Essay Assignment.

In addition to the mentioned strategies, it is important to adopt data security measures that safeguard the data. This includes data encryption, erasure, masking, and resiliency. Data encryption hides the true meaning of data so that only the intended recipient can understand the data. Data erasure involves permanently removing any data that is no longer required, thereby removing liability and chances of data breach occurring. Data masking involves obscuring the data by replacing specific letters or numbers. Data resiliency involves by creating copies and backups against accidental data loss or destruction (Cherry, 2015)Strategies For Securing Data Essay Assignment.

Analyze the relationship between best practices for securing data and healthcare institutions.

Data security is important for any healthcare organization because it keeps data secure and builds confidence among the stakeholders. There are three best practices for securing data and healthcare institutions. First, securing data by encrypting the data and managing who has access. Only persons who need the data to perform essential functions should have access and all data should be encrypted as it is transferred between databases and devices. Second, preparing ahead of time for threats and potential security threats. This involves testing the systems, educating personnel, devising an incident management plan, and creating a data recovery plan. Third, deleting data that is not being used. Getting rid of both physical and digital copies of data that is no longer needed helps to reduce the chances of the data being accessed by unauthorized persons and used for profit (Cherry, 2015)Strategies For Securing Data Essay Assignment.

References

Cherry, D. (2015). Securing SQL Server: Protecting your Database from Attackers. Syngress.

Harrington, J. (2016). Relational database design and implementation (4th ed.). Morgan Kaufmann.

Harwood, M., & Price, R. (2022). Internet and Web Application Security (3rd ed.). Jones & Bartlett Learning.

HealthIT.gov (2024). Privacy, Security, and HIPAA. https://www.healthit.gov/topic/privacy-security-and-hipaa/security-risk-assessment-tool#:~:text=A%20risk%20assessment%20helps%20your,PHI)%20could%20be%20at%20risk Strategies For Securing Data Essay Assignment .

Kim, D., & Solomon, M. G. (2021). Fundamentals of Information Systems Security. Jones & Bartlett Learning.

Lessard, C., & Lessard, J. (2022). Project Management for Engineering Design. Springer International Publishing.

Pearlson, K. E., Saunders, C. S., & Galletta, D. F. (2024). Managing and Using Information Systems: A Strategic Approach (8th ed.). Wiley.

Review this scenario:

Your organization, the Grand City Medical Center, has secured a deal to merge with a smaller hospital, City Memorial, located in a neighboring town. Your informatics team is tasked with analyzing the EMR system that City Memorial has in place and reviewing the data security, policies for ensuring that the data is secure, and the facility’s network security. You will compile your findings in a report presented to the chief information officer next week.

ORDER TODAY

Based on the scenario above, identify the items that you would include in your assessment and explain why.
Describe the policies that you would expect to find.
Explain the network security challenges faced when facilities and database systems are merged.
Recommend two strategies for securing data and the network. Be specific and provide examples.
Analyze the relationship between best practices for securing data and healthcare institutions. Be specific and provide examples.
Support your work with references from this week’s Learning Resources and your articles found in the Walden Library Strategies For Securing Data Essay Assignment