You have recently been hired as the chief information security officer (CISO) for Big Sky Health System, the largest healthcare system in a predominantly rural state. When you were hired, the chief executive told you candidly that you were chosen in order to bridge the gap between the modern IT infrastructure used by Big Sky and the dated practices of your regional partners. For example, of the 16 critical access hospitals in your network, 20% still primarily chart on paper. Your state does not participate in a health information data exchange, making it difficult to electronically transfer medical information even for those 80% of providers who do use electronic medical records. Big Sky is the only trauma hospital within a 250-mile radius. It is vital for Big Sky to provide medical records back to the referring provider for continuity of care and to ensure referrals continue to come to Big Sky Health System.
After taking the last three months to investigate and assess your new organization’s information security posture, you have come to learn the following about Big Sky:
- Outside individuals have access to Big Sky’s electronic medical records (EMRs). This has resulted in 25 HIPAA breaches through inappropriate access over the last six months.
- Many records are faxed, including some being faxed to the incorrect fax number.
- Some records are never sent to the referring provider, causing agitation to referring providers who threaten to take their business elsewhere.
- Big Sky currently utilizes the following health information technologies:
- Cerner: This is a cloud-hosted EMR that contains all clinical and demographic data.
- Commonwell: This is an electronic health information exchange technology. Commonwell is purchased nationally by organizations attempting to connect EMRs across different organizations. This is a purchased solution that hasn’t been adopted by many providers in the state.
- Fairwarning: This is a cloud-hosted system that monitors user access to Cerner and flags for potential inappropriate access.
You are expected to brief the Big Sky executive leadership team, including the CEO and chief compliance officer, with the results of your investigation, including your plan for addressing the primary information availability and security issues facing your organization.
You must craft a presentation for the Big Sky executive leadership team that communicates your recommended solutions for assuring the availability of information for public health use without compromising the confidentiality, security, and integrity of Big Sky’s EMRs.
- First, walk your nontechnical audience through the underlying principles and guidelines governing healthcare information security best practices.
- Identify the governing organizations that apply to your organization. Be sure to address all who regulate data, information availability, and flow in the healthcare field.
- Then, explain the relevant data standards of those governing organizations by illustrating how they apply to the specific issues Big Sky faces.
- Finally, address any additional healthcare compliance regulations and policies relating to patient confidentiality.
- Present the results of your investigation. Specifically, you should outline and explain the unsafe technology conditions that pose a threat to patient information. Make sure that you go beyond recounting the information in the scenario by illustrating the implications and associated risks of each issue for your audience.
- Finally, propose reasonable big-picture solutions for addressing each of the identified issues. Be sure to specifically reference the standards, regulations, and policies discussed at the top of your presentation in your proposal. In other words, you should demonstrate that your solutions reflect and incorporate current views and trends in health information security.
What to Submit
Information Security Presentation
Craft an effective presentation that informs your audience of the regulatory landscape governing current health IT best practices. Then, propose solutions that assure the availability of information for public health use without compromising the confidentiality, security, and integrity of your organization’s EMRs. Your solutions should be informed by and in alignment with the same standards discussed at the top of your presentation. Your presentation must be 6 to 10 slides in length, include speaker notes, and cite any references.
Tips to help with presentation:
Brecher, N. D. (2017, May 1). Persuasive presentations: Leading people to rally to your call takes preparation. Journal of Property Management, 82(3).
Kathleen M. LaTour, & Shirley Eichenwald. (2013). Health Information Management: Concepts, Principles, and Practice, Fourth Edition: Vol. 4th ed. AHIMA Press. Chapter 6.
Kathleen M. LaTour, & Shirley Eichenwald. (2013). Health Information Management: Concepts, Principles, and Practice, Fourth Edition: Vol. 4th ed. AHIMA Press. Chapter 3 PP 49-57, 61-68. Chapter 12 PP 308-312, 328-329, 332-336. Chapter 13 PP 343-344.
Haque, S. N., Ebron, S., Bailey, R., & Blumenthal, B. (2018). Using Health Information Exchange to Support Community-based Innovations. Perspectives in Health Information Management, 1–11.
Kathleen M. LaTour, & Shirley Eichenwald. (2013). Health Information Management: Concepts, Principles, and Practice, Fourth Edition: Vol. 4th ed. AHIMA Press. Chapter 7 PP 172-175, 180, 183-185. Chapter 8 PP 195-199, 204-211. Chapter 9 PP 218-221, 222-224, 229-233.
Kathleen M. LaTour, & Shirley Eichenwald. (2013). Health Information Management: Concepts, Principles, and Practice, Fourth Edition: Vol. 4th ed. AHIMA Press. Chapter 4 PP 95-111, Chapter 11.
Rassam, M. A., Maarof, M. A., & Zainal, A. (2017). Big Data Analytics Adoption for Cybersecurity: A Review of Current Solutions, Requirements, Challenges and Trends. Journal of Information Assurance & Security, 12(4), 124–145.
Puhakainen, P., & Siponen, M. (2010). Improving Employees’ Compliance Through Information Systems Security Training: An Action Research Study. MIS Quarterly, 34(4), 757–778.
All papers are written by ENL (US, UK, AUSTRALIA) writers with vast experience in the field. We perform a quality assessment on all orders before submitting them.
We provide plagiarism reports for all our custom written papers. All papers are written from scratch.
Contact us anytime, any day, via any means if you need any help. You can use the Live Chat, email, or our provided phone number anytime.
Get your money back if your paper is not delivered on time or if your instructions are not followed.