SlideShare a Scribd company logo

Points 125Case Study 2 HIPAA and IT AuditsCriteriaUnaccept.docx

Download as DOCX, PDF
H
harrisonhoward80223

This document outlines the criteria for a case study assignment on HIPAA and IT audits. It provides weighting and evaluation criteria for multiple sections involving analyzing HIPAA regulations, describing necessary network architecture and controls, and creating a network diagram. Students would be evaluated on creating an overview of HIPAA rules, analyzing common incident types, describing technical and non-technical controls, comparing hospital to non-medical compliance, listing IT audit steps, including references, and drawing a network diagram demonstrating a compliant architecture.

Education
1 of 5
Points: 125 Case Study 2: HIPAA and IT Audits Criteria Unacceptable Below 70% F Fair 70-79% C Proficient 80-89% B Exemplary 90-100% A Section 1: Written Paper 1a. Create an overview of the HIPAA Security Rule and Privacy Rule. Weight: 10% Did not submit or incompletely created an overview of the HIPAA Security Rule and Privacy Rule. Partially created an overview of the HIPAA Security Rule and Privacy Rule. Satisfactorily created an overview of the HIPAA Security Rule and Privacy Rule. Thoroughly created an overview of the HIPAA Security Rule and Privacy Rule. 1b. Analyze the major types of incidents and breaches that occur based on the cases reported. Weight: 10% Did not submit or incompletely analyzed the major types of incidents and breaches that occur based on the cases reported. Partially analyzed the major types of incidents and breaches that occur based on the cases reported. Satisfactorily analyzed the major types of incidents and breaches that occur based on the cases reported. Thoroughly analyzed the major types of incidents and breaches that occur based on the cases reported.
1c. Analyze the technical controls and the non-technical controls that are needed to mitigate the identified risks and vulnerabilities. Weight: 10% Did not submit or incompletely analyzed the technical controls and the non-technical controls that are needed to mitigate the identified risks and vulnerabilities. Partially analyzed the technical controls and the non-technical controls that are needed to mitigate the identified risks and vulnerabilities. Satisfactorily analyzed the technical controls and the non- technical controls that are needed to mitigate the identified risks and vulnerabilities. Thoroughly analyzed the technical controls and the non- technical controls that are needed to mitigate the identified risks and vulnerabilities. 1d. Analyze and describe the network architecture that is needed within an organization, including a medium-sized hospital, in order to be compliant with HIPAA regulations. Weight: 10% Did not submit or incompletely analyzed and described the network architecture that is needed within an organization, including a medium-sized hospital, in order to be compliant with HIPAA regulations. Partially analyzed and described the network architecture that is needed within an organization, including a medium-sized hospital, in order to be compliant with HIPAA regulations. Satisfactorily analyzed and described the network architecture that is needed within an organization, including a medium-sized hospital, in order to be compliant with HIPAA regulations. Thoroughly analyzed and described the network architecture that is needed within an organization, including a medium-sized hospital, in order to be compliant with HIPAA regulations. 1e. Analyze how a hospital is similar to and different from other non-medical organizations in regards to HIPAA compliance. Weight: 10%
Did not submit or incompletely analyzed how a hospital is similar to and different from other non-medical organizations in regards to HIPAA compliance. Partially analyzed how a hospital is similar to and different from other non-medical organizations in regards to HIPAA compliance. Satisfactorily analyzed how a hospital is similar to and different from other non-medical organizations in regards to HIPAA compliance. Thoroughly analyzed how a hospital is similar to and different from other non-medical organizations in regards to HIPAA compliance. 1f. List the IT audit steps that need to be included in the organization’s overall IT audit plan to ensure compliance with HIPAA rules and regulations. Weight: 10% Did not submit or incompletely listed the IT audit steps that need to be included in the organization’s overall IT audit plan to ensure compliance with HIPAA rules and regulations. Partially listed the IT audit steps that need to be included in the organization’s overall IT audit plan to ensure compliance with HIPAA rules and regulations. Satisfactorily listed the IT audit steps that need to be included in the organization’s overall IT audit plan to ensure compliance with HIPAA rules and regulations. Thoroughly listed the IT audit steps that need to be included in the organization’s overall IT audit plan to ensure compliance with HIPAA rules and regulations. 1g. 3 references Weight: 5% No references provided Does not meet the required number of references; some or all references poor quality choices. Meets number of required references; all references high quality choices. Exceeds number of required references; all references high
quality choices. 1h. Clarity, writing mechanics, and formatting requirements Weight: 10% More than 6 errors present 5-6 errors present 3-4 errors present 0-2 errors present Section 2: Network Architecture 2a. Create a network architecture diagram based on the description of the network architecture that you defined above for the organization to be compliant with HIPAA regulations. Weight: 15% Did not submit or incompletely created a network architecture diagram based on the description of the network architecture that you defined above for the organization to be compliant with HIPAA regulations. Partially created a network architecture diagram based on the description of the network architecture that you defined above for the organization to be compliant with HIPAA regulations. Satisfactorily created a network architecture diagram based on the description of the network architecture that you defined above for the organization to be compliant with HIPAA regulations. Thoroughly created a network architecture diagram based on the description of the network architecture that you defined above for the organization to be compliant with HIPAA regulations. 2b. Include in the diagram the switches, routers, firewalls, IDS/IPS, and any other devices needed for a compliant network architecture. Weight: 10% Did not submit or incompletely included in the diagram the switches, routers, firewalls, IDS/IPS, and any other devices needed for a compliant network architecture. Partially included in the diagram the switches, routers, firewalls, IDS/IPS, and any other devices needed for a compliant network architecture.
Satisfactorily included in the diagram the switches, routers, firewalls, IDS/IPS, and any other devices needed for a compliant network architecture. Thoroughly included in the diagram the switches, routers, firewalls, IDS/IPS, and any other devices needed for a compliant network architecture.

Recommended

Points 100Case Study 1 HIPAA, CIA, and SafeguardsCriteria.docx
Points 100Case Study 1 HIPAA, CIA, and SafeguardsCriteria.docxPoints 100Case Study 1 HIPAA, CIA, and SafeguardsCriteria.docx
Points 100Case Study 1 HIPAA, CIA, and SafeguardsCriteria.docx
harrisonhoward80223
 
Term Paper Security Regulation ComplianceDue Week 10 and worth 10.docx
Term Paper Security Regulation ComplianceDue Week 10 and worth 10.docxTerm Paper Security Regulation ComplianceDue Week 10 and worth 10.docx
Term Paper Security Regulation ComplianceDue Week 10 and worth 10.docx
johniemcm5zt
 
Business Associates: How to become HIPAA compliant, increase revenue, and gai...
Business Associates: How to become HIPAA compliant, increase revenue, and gai...Business Associates: How to become HIPAA compliant, increase revenue, and gai...
Business Associates: How to become HIPAA compliant, increase revenue, and gai...
Compliancy Group
 
Overview Imagine you are the information security officer at a.docx
Overview Imagine you are the information security officer at a.docxOverview Imagine you are the information security officer at a.docx
Overview Imagine you are the information security officer at a.docx
sdfghj21
 
HIM 500 Milestone One Gu
HIM 500 Milestone One GuHIM 500 Milestone One Gu
HIM 500 Milestone One Gu
SusanaFurman449
 
HIPAA 101- What all Doctors NEED to know
HIPAA 101- What all Doctors NEED to knowHIPAA 101- What all Doctors NEED to know
HIPAA 101- What all Doctors NEED to know
Compliancy Group
 
Text book title and AuthorMoeller, Robert R. IT audit, cont.docx
Text book title and AuthorMoeller, Robert R. IT audit, cont.docxText book title and AuthorMoeller, Robert R. IT audit, cont.docx
Text book title and AuthorMoeller, Robert R. IT audit, cont.docx
mehek4
 
How to prepare for OCR's upcoming phase 2 audits
How to prepare for OCR's upcoming phase 2 auditsHow to prepare for OCR's upcoming phase 2 audits
How to prepare for OCR's upcoming phase 2 audits
Compliancy Group
 

Recommended

Points 100Case Study 1 HIPAA, CIA, and SafeguardsCriteria.docx
Points 100Case Study 1 HIPAA, CIA, and SafeguardsCriteria.docxPoints 100Case Study 1 HIPAA, CIA, and SafeguardsCriteria.docx
Points 100Case Study 1 HIPAA, CIA, and SafeguardsCriteria.docx
harrisonhoward80223
 
Term Paper Security Regulation ComplianceDue Week 10 and worth 10.docx
Term Paper Security Regulation ComplianceDue Week 10 and worth 10.docxTerm Paper Security Regulation ComplianceDue Week 10 and worth 10.docx
Term Paper Security Regulation ComplianceDue Week 10 and worth 10.docx
johniemcm5zt
 
Business Associates: How to become HIPAA compliant, increase revenue, and gai...
Business Associates: How to become HIPAA compliant, increase revenue, and gai...Business Associates: How to become HIPAA compliant, increase revenue, and gai...
Business Associates: How to become HIPAA compliant, increase revenue, and gai...
Compliancy Group
 
Overview Imagine you are the information security officer at a.docx
Overview Imagine you are the information security officer at a.docxOverview Imagine you are the information security officer at a.docx
Overview Imagine you are the information security officer at a.docx
sdfghj21
 
HIM 500 Milestone One Gu
HIM 500 Milestone One GuHIM 500 Milestone One Gu
HIM 500 Milestone One Gu
SusanaFurman449
 
HIPAA 101- What all Doctors NEED to know
HIPAA 101- What all Doctors NEED to knowHIPAA 101- What all Doctors NEED to know
HIPAA 101- What all Doctors NEED to know
Compliancy Group
 
Text book title and AuthorMoeller, Robert R. IT audit, cont.docx
Text book title and AuthorMoeller, Robert R. IT audit, cont.docxText book title and AuthorMoeller, Robert R. IT audit, cont.docx
Text book title and AuthorMoeller, Robert R. IT audit, cont.docx
mehek4
 
How to prepare for OCR's upcoming phase 2 audits
How to prepare for OCR's upcoming phase 2 auditsHow to prepare for OCR's upcoming phase 2 audits
How to prepare for OCR's upcoming phase 2 audits
Compliancy Group
 
PSOW 2016 - HIPAA Compliance for EMS Community
PSOW 2016 - HIPAA Compliance for EMS CommunityPSOW 2016 - HIPAA Compliance for EMS Community
PSOW 2016 - HIPAA Compliance for EMS Community
PSOW
 
Points 50Project Deliverable 1 Project Plan InceptionCriteri.docx
Points 50Project Deliverable 1 Project Plan InceptionCriteri.docxPoints 50Project Deliverable 1 Project Plan InceptionCriteri.docx
Points 50Project Deliverable 1 Project Plan InceptionCriteri.docx
harrisonhoward80223
 
HealthCare Compliance - HIPAA and HITRUST
HealthCare Compliance - HIPAA and HITRUSTHealthCare Compliance - HIPAA and HITRUST
HealthCare Compliance - HIPAA and HITRUST
Kimberly Simon MBA
 
HIPAA Workloads on AWS - Pop-up Loft Tel Aviv
HIPAA Workloads on AWS - Pop-up Loft Tel AvivHIPAA Workloads on AWS - Pop-up Loft Tel Aviv
HIPAA Workloads on AWS - Pop-up Loft Tel Aviv
Amazon Web Services
 
Hi paa and eh rs
Hi paa and eh rsHi paa and eh rs
Hi paa and eh rs
supportc2go
 
HealthCare Compliance - HIPAA & HITRUST
HealthCare Compliance - HIPAA & HITRUSTHealthCare Compliance - HIPAA & HITRUST
HealthCare Compliance - HIPAA & HITRUST
Kimberly Simon MBA
 
HIM 500 .docx
HIM 500 .docxHIM 500 .docx
HIM 500 .docx
pauline234567
 
Hipaa checklist for healthcare software
Hipaa checklist for healthcare softwareHipaa checklist for healthcare software
Hipaa checklist for healthcare software
Concetto Labs
 
Health care compliance webinar may 10 2017
Health care compliance webinar may 10 2017Health care compliance webinar may 10 2017
Health care compliance webinar may 10 2017
Kimberly Simon MBA
 
Maninging Risk Exposure in Meaningful Use Stage 2
Maninging Risk Exposure in Meaningful Use Stage 2Maninging Risk Exposure in Meaningful Use Stage 2
Maninging Risk Exposure in Meaningful Use Stage 2
Compliancy Group
 
What Covered Entities Need to Know about OCR HIPAA Audit​s
What Covered Entities Need to Know about OCR HIPAA Audit​sWhat Covered Entities Need to Know about OCR HIPAA Audit​s
What Covered Entities Need to Know about OCR HIPAA Audit​s
Iatric Systems
 
Prepare a workplace brief (8-10 double-spaced pages) to address a .docx
Prepare a workplace brief (8-10 double-spaced pages) to address a .docxPrepare a workplace brief (8-10 double-spaced pages) to address a .docx
Prepare a workplace brief (8-10 double-spaced pages) to address a .docx
harrisonhoward80223
 
Popquiz slide
Popquiz slidePopquiz slide
Popquiz slide
Gettins' Law LLC
 
Guide to hipaa compliance for containers
Guide to hipaa compliance for containersGuide to hipaa compliance for containers
Guide to hipaa compliance for containers
Abhishek Sood
 
HIPAA Compliance Testing In Software Applications.pdf
HIPAA Compliance Testing In Software Applications.pdfHIPAA Compliance Testing In Software Applications.pdf
HIPAA Compliance Testing In Software Applications.pdf
Zoe Gilbert
 
Rubic_Print_FormatCourse CodeClass CodeNRS-451VNNRS-451VN-O502Heal.docx
Rubic_Print_FormatCourse CodeClass CodeNRS-451VNNRS-451VN-O502Heal.docxRubic_Print_FormatCourse CodeClass CodeNRS-451VNNRS-451VN-O502Heal.docx
Rubic_Print_FormatCourse CodeClass CodeNRS-451VNNRS-451VN-O502Heal.docx
daniely50
 
Redspin & Phyllis and Associates Webinar- HIPAA,HITECH,Meaninful Use,IT Security
Redspin & Phyllis and Associates Webinar- HIPAA,HITECH,Meaninful Use,IT SecurityRedspin & Phyllis and Associates Webinar- HIPAA,HITECH,Meaninful Use,IT Security
Redspin & Phyllis and Associates Webinar- HIPAA,HITECH,Meaninful Use,IT Security
Redspin, Inc.
 
Barbara Silva is the CIO for Peachtree Community Hospital in Atlanta.docx
Barbara Silva is the CIO for Peachtree Community Hospital in Atlanta.docxBarbara Silva is the CIO for Peachtree Community Hospital in Atlanta.docx
Barbara Silva is the CIO for Peachtree Community Hospital in Atlanta.docx
wilcockiris
 
Understanding HIPAA / HITECH as a Mail Service Provider
Understanding HIPAA / HITECH as a Mail Service ProviderUnderstanding HIPAA / HITECH as a Mail Service Provider
Understanding HIPAA / HITECH as a Mail Service Provider
Karla Humphrey
 
Points 120Case Study 1 Cyber Security in Business Organization.docx
Points 120Case Study 1 Cyber Security in Business Organization.docxPoints 120Case Study 1 Cyber Security in Business Organization.docx
Points 120Case Study 1 Cyber Security in Business Organization.docx
harrisonhoward80223
 
© 2006 Thomson-Wadsworth© 2006 Thomson-Wadsworth.docx
© 2006 Thomson-Wadsworth© 2006 Thomson-Wadsworth.docx© 2006 Thomson-Wadsworth© 2006 Thomson-Wadsworth.docx
© 2006 Thomson-Wadsworth© 2006 Thomson-Wadsworth.docx
harrisonhoward80223
 
§ 6.01 IntroductionBackground checks are an important component .docx
§ 6.01 IntroductionBackground checks are an important component .docx§ 6.01 IntroductionBackground checks are an important component .docx
§ 6.01 IntroductionBackground checks are an important component .docx
harrisonhoward80223
 

More Related Content

Similar to Points 125Case Study 2 HIPAA and IT AuditsCriteriaUnaccept.docx

Points 50Project Deliverable 1 Project Plan InceptionCriteri.docx
Points 50Project Deliverable 1 Project Plan InceptionCriteri.docxPoints 50Project Deliverable 1 Project Plan InceptionCriteri.docx
Points 50Project Deliverable 1 Project Plan InceptionCriteri.docx
harrisonhoward80223
 
Hi paa and eh rs
Hi paa and eh rsHi paa and eh rs
Hi paa and eh rs
supportc2go
 
HIM 500 .docx
HIM 500 .docxHIM 500 .docx
HIM 500 .docx
pauline234567
 
Prepare a workplace brief (8-10 double-spaced pages) to address a .docx
Prepare a workplace brief (8-10 double-spaced pages) to address a .docxPrepare a workplace brief (8-10 double-spaced pages) to address a .docx
Prepare a workplace brief (8-10 double-spaced pages) to address a .docx
harrisonhoward80223
 
Rubic_Print_FormatCourse CodeClass CodeNRS-451VNNRS-451VN-O502Heal.docx
Rubic_Print_FormatCourse CodeClass CodeNRS-451VNNRS-451VN-O502Heal.docxRubic_Print_FormatCourse CodeClass CodeNRS-451VNNRS-451VN-O502Heal.docx
Rubic_Print_FormatCourse CodeClass CodeNRS-451VNNRS-451VN-O502Heal.docx
daniely50
 
Barbara Silva is the CIO for Peachtree Community Hospital in Atlanta.docx
Barbara Silva is the CIO for Peachtree Community Hospital in Atlanta.docxBarbara Silva is the CIO for Peachtree Community Hospital in Atlanta.docx
Barbara Silva is the CIO for Peachtree Community Hospital in Atlanta.docx
wilcockiris
 
Understanding HIPAA / HITECH as a Mail Service Provider
Understanding HIPAA / HITECH as a Mail Service ProviderUnderstanding HIPAA / HITECH as a Mail Service Provider
Understanding HIPAA / HITECH as a Mail Service Provider
Karla Humphrey
 
Points 120Case Study 1 Cyber Security in Business Organization.docx
Points 120Case Study 1 Cyber Security in Business Organization.docxPoints 120Case Study 1 Cyber Security in Business Organization.docx
Points 120Case Study 1 Cyber Security in Business Organization.docx
harrisonhoward80223
 

Similar to Points 125Case Study 2 HIPAA and IT AuditsCriteriaUnaccept.docx (20)

PSOW 2016 - HIPAA Compliance for EMS Community
PSOW 2016 - HIPAA Compliance for EMS CommunityPSOW 2016 - HIPAA Compliance for EMS Community
PSOW 2016 - HIPAA Compliance for EMS Community
 
Points 50Project Deliverable 1 Project Plan InceptionCriteri.docx
Points 50Project Deliverable 1 Project Plan InceptionCriteri.docxPoints 50Project Deliverable 1 Project Plan InceptionCriteri.docx
Points 50Project Deliverable 1 Project Plan InceptionCriteri.docx
 
HealthCare Compliance - HIPAA and HITRUST
HealthCare Compliance - HIPAA and HITRUSTHealthCare Compliance - HIPAA and HITRUST
HealthCare Compliance - HIPAA and HITRUST
 
HIPAA Workloads on AWS - Pop-up Loft Tel Aviv
HIPAA Workloads on AWS - Pop-up Loft Tel AvivHIPAA Workloads on AWS - Pop-up Loft Tel Aviv
HIPAA Workloads on AWS - Pop-up Loft Tel Aviv
 
Hi paa and eh rs
Hi paa and eh rsHi paa and eh rs
Hi paa and eh rs
 
HealthCare Compliance - HIPAA & HITRUST
HealthCare Compliance - HIPAA & HITRUSTHealthCare Compliance - HIPAA & HITRUST
HealthCare Compliance - HIPAA & HITRUST
 
HIM 500 .docx
HIM 500 .docxHIM 500 .docx
HIM 500 .docx
 
Hipaa checklist for healthcare software
Hipaa checklist for healthcare softwareHipaa checklist for healthcare software
Hipaa checklist for healthcare software
 
Health care compliance webinar may 10 2017
Health care compliance webinar may 10 2017Health care compliance webinar may 10 2017
Health care compliance webinar may 10 2017
 
Maninging Risk Exposure in Meaningful Use Stage 2
Maninging Risk Exposure in Meaningful Use Stage 2Maninging Risk Exposure in Meaningful Use Stage 2
Maninging Risk Exposure in Meaningful Use Stage 2
 
What Covered Entities Need to Know about OCR HIPAA Audit​s
What Covered Entities Need to Know about OCR HIPAA Audit​sWhat Covered Entities Need to Know about OCR HIPAA Audit​s
What Covered Entities Need to Know about OCR HIPAA Audit​s
 
Prepare a workplace brief (8-10 double-spaced pages) to address a .docx
Prepare a workplace brief (8-10 double-spaced pages) to address a .docxPrepare a workplace brief (8-10 double-spaced pages) to address a .docx
Prepare a workplace brief (8-10 double-spaced pages) to address a .docx
 
Popquiz slide
Popquiz slidePopquiz slide
Popquiz slide
 
Guide to hipaa compliance for containers
Guide to hipaa compliance for containersGuide to hipaa compliance for containers
Guide to hipaa compliance for containers
 
HIPAA Compliance Testing In Software Applications.pdf
HIPAA Compliance Testing In Software Applications.pdfHIPAA Compliance Testing In Software Applications.pdf
HIPAA Compliance Testing In Software Applications.pdf
 
Rubic_Print_FormatCourse CodeClass CodeNRS-451VNNRS-451VN-O502Heal.docx
Rubic_Print_FormatCourse CodeClass CodeNRS-451VNNRS-451VN-O502Heal.docxRubic_Print_FormatCourse CodeClass CodeNRS-451VNNRS-451VN-O502Heal.docx
Rubic_Print_FormatCourse CodeClass CodeNRS-451VNNRS-451VN-O502Heal.docx
 
Redspin & Phyllis and Associates Webinar- HIPAA,HITECH,Meaninful Use,IT Security
Redspin & Phyllis and Associates Webinar- HIPAA,HITECH,Meaninful Use,IT SecurityRedspin & Phyllis and Associates Webinar- HIPAA,HITECH,Meaninful Use,IT Security
Redspin & Phyllis and Associates Webinar- HIPAA,HITECH,Meaninful Use,IT Security
 
Barbara Silva is the CIO for Peachtree Community Hospital in Atlanta.docx
Barbara Silva is the CIO for Peachtree Community Hospital in Atlanta.docxBarbara Silva is the CIO for Peachtree Community Hospital in Atlanta.docx
Barbara Silva is the CIO for Peachtree Community Hospital in Atlanta.docx
 
Understanding HIPAA / HITECH as a Mail Service Provider
Understanding HIPAA / HITECH as a Mail Service ProviderUnderstanding HIPAA / HITECH as a Mail Service Provider
Understanding HIPAA / HITECH as a Mail Service Provider
 
Points 120Case Study 1 Cyber Security in Business Organization.docx
Points 120Case Study 1 Cyber Security in Business Organization.docxPoints 120Case Study 1 Cyber Security in Business Organization.docx
Points 120Case Study 1 Cyber Security in Business Organization.docx
 

More from harrisonhoward80223

© 2006 Thomson-Wadsworth© 2006 Thomson-Wadsworth.docx
© 2006 Thomson-Wadsworth© 2006 Thomson-Wadsworth.docx© 2006 Thomson-Wadsworth© 2006 Thomson-Wadsworth.docx
© 2006 Thomson-Wadsworth© 2006 Thomson-Wadsworth.docx
harrisonhoward80223
 
§ 6.01 IntroductionBackground checks are an important component .docx
§ 6.01 IntroductionBackground checks are an important component .docx§ 6.01 IntroductionBackground checks are an important component .docx
§ 6.01 IntroductionBackground checks are an important component .docx
harrisonhoward80223
 
©  Dr.  Curtis  Odom.  All  Rights  Reserved.  [.docx
©  Dr.  Curtis  Odom.  All  Rights  Reserved.  [.docx©  Dr.  Curtis  Odom.  All  Rights  Reserved.  [.docx
©  Dr.  Curtis  Odom.  All  Rights  Reserved.  [.docx
harrisonhoward80223
 
© 2013 The McGraw-Hill Companies, Inc. All rights reserved. .docx
© 2013 The McGraw-Hill Companies, Inc. All rights reserved. .docx© 2013 The McGraw-Hill Companies, Inc. All rights reserved. .docx
© 2013 The McGraw-Hill Companies, Inc. All rights reserved. .docx
harrisonhoward80223
 
© 2013 Laureate Education, Inc. 1 Adolescence” Program .docx
© 2013 Laureate Education, Inc. 1 Adolescence” Program .docx© 2013 Laureate Education, Inc. 1 Adolescence” Program .docx
© 2013 Laureate Education, Inc. 1 Adolescence” Program .docx
harrisonhoward80223
 
© 2013 Laureate Education, Inc. 1 Young Adulthood” Prog.docx
© 2013 Laureate Education, Inc. 1 Young Adulthood” Prog.docx© 2013 Laureate Education, Inc. 1 Young Adulthood” Prog.docx
© 2013 Laureate Education, Inc. 1 Young Adulthood” Prog.docx
harrisonhoward80223
 
© 2013 Laureate Education, Inc. 1 NURS 6441 Indivi.docx
© 2013 Laureate Education, Inc. 1 NURS 6441 Indivi.docx© 2013 Laureate Education, Inc. 1 NURS 6441 Indivi.docx
© 2013 Laureate Education, Inc. 1 NURS 6441 Indivi.docx
harrisonhoward80223
 
© 2013 Laureate Education, Inc. 1 NURS 6441 Work .docx
© 2013 Laureate Education, Inc. 1 NURS 6441 Work .docx© 2013 Laureate Education, Inc. 1 NURS 6441 Work .docx
© 2013 Laureate Education, Inc. 1 NURS 6441 Work .docx
harrisonhoward80223
 
© 2013 Laureate Education, Inc. 1 Comprehensive Write-u.docx
© 2013 Laureate Education, Inc. 1 Comprehensive Write-u.docx© 2013 Laureate Education, Inc. 1 Comprehensive Write-u.docx
© 2013 Laureate Education, Inc. 1 Comprehensive Write-u.docx
harrisonhoward80223
 
© 2011 The McGraw-Hill Companies, Inc. All rights reserved.Mc.docx
© 2011 The McGraw-Hill Companies, Inc. All rights reserved.Mc.docx© 2011 The McGraw-Hill Companies, Inc. All rights reserved.Mc.docx
© 2011 The McGraw-Hill Companies, Inc. All rights reserved.Mc.docx
harrisonhoward80223
 
© 2011 The McGraw-Hill Companies, Inc. All rights reserved..docx
© 2011 The McGraw-Hill Companies, Inc. All rights reserved..docx© 2011 The McGraw-Hill Companies, Inc. All rights reserved..docx
© 2011 The McGraw-Hill Companies, Inc. All rights reserved..docx
harrisonhoward80223
 
© 2010 by The Johns Hopkins University PressConflicting Va.docx
© 2010 by The Johns Hopkins University PressConflicting Va.docx© 2010 by The Johns Hopkins University PressConflicting Va.docx
© 2010 by The Johns Hopkins University PressConflicting Va.docx
harrisonhoward80223
 
© 2009 • Journal of Sport Administration & Supervision • Vol. .docx
© 2009 • Journal of Sport Administration & Supervision • Vol. .docx© 2009 • Journal of Sport Administration & Supervision • Vol. .docx
© 2009 • Journal of Sport Administration & Supervision • Vol. .docx
harrisonhoward80223
 
© 2009 John Wiley and Sons AustraliaDistribution (place).docx
© 2009 John Wiley and Sons AustraliaDistribution (place).docx© 2009 John Wiley and Sons AustraliaDistribution (place).docx
© 2009 John Wiley and Sons AustraliaDistribution (place).docx
harrisonhoward80223
 
© 2003 Applied Scholastics International. All Rights Reser.docx
© 2003 Applied Scholastics International. All Rights Reser.docx© 2003 Applied Scholastics International. All Rights Reser.docx
© 2003 Applied Scholastics International. All Rights Reser.docx
harrisonhoward80223
 
© 2005 Chris Thompson and Katarina Weslien PAJ 82 (2006), pp. .docx
© 2005 Chris Thompson and Katarina Weslien PAJ 82 (2006), pp. .docx© 2005 Chris Thompson and Katarina Weslien PAJ 82 (2006), pp. .docx
© 2005 Chris Thompson and Katarina Weslien PAJ 82 (2006), pp. .docx
harrisonhoward80223
 
© 2002, The Ripple Effect 1 permission granted to use for.docx
© 2002, The Ripple Effect 1 permission granted to use for.docx© 2002, The Ripple Effect 1 permission granted to use for.docx
© 2002, The Ripple Effect 1 permission granted to use for.docx
harrisonhoward80223
 
© 2005 Society for the Study of Addiction doi10.1111j.1360-.docx
© 2005 Society for the Study of Addiction doi10.1111j.1360-.docx© 2005 Society for the Study of Addiction doi10.1111j.1360-.docx
© 2005 Society for the Study of Addiction doi10.1111j.1360-.docx
harrisonhoward80223
 
¡A Presentar en Español!Prepare To prepare for this activit.docx
¡A Presentar en Español!Prepare To prepare for this activit.docx¡A Presentar en Español!Prepare To prepare for this activit.docx
¡A Presentar en Español!Prepare To prepare for this activit.docx
harrisonhoward80223
 
You are the Human Resource Director for a 500-.docx
You are the Human Resource Director for a 500-.docxYou are the Human Resource Director for a 500-.docx
You are the Human Resource Director for a 500-.docx
harrisonhoward80223
 

More from harrisonhoward80223 (20)

© 2006 Thomson-Wadsworth© 2006 Thomson-Wadsworth.docx
© 2006 Thomson-Wadsworth© 2006 Thomson-Wadsworth.docx© 2006 Thomson-Wadsworth© 2006 Thomson-Wadsworth.docx
© 2006 Thomson-Wadsworth© 2006 Thomson-Wadsworth.docx
 
§ 6.01 IntroductionBackground checks are an important component .docx
§ 6.01 IntroductionBackground checks are an important component .docx§ 6.01 IntroductionBackground checks are an important component .docx
§ 6.01 IntroductionBackground checks are an important component .docx
 
©  Dr.  Curtis  Odom.  All  Rights  Reserved.  [.docx
©  Dr.  Curtis  Odom.  All  Rights  Reserved.  [.docx©  Dr.  Curtis  Odom.  All  Rights  Reserved.  [.docx
©  Dr.  Curtis  Odom.  All  Rights  Reserved.  [.docx
 
© 2013 The McGraw-Hill Companies, Inc. All rights reserved. .docx
© 2013 The McGraw-Hill Companies, Inc. All rights reserved. .docx© 2013 The McGraw-Hill Companies, Inc. All rights reserved. .docx
© 2013 The McGraw-Hill Companies, Inc. All rights reserved. .docx
 
© 2013 Laureate Education, Inc. 1 Adolescence” Program .docx
© 2013 Laureate Education, Inc. 1 Adolescence” Program .docx© 2013 Laureate Education, Inc. 1 Adolescence” Program .docx
© 2013 Laureate Education, Inc. 1 Adolescence” Program .docx
 
© 2013 Laureate Education, Inc. 1 Young Adulthood” Prog.docx
© 2013 Laureate Education, Inc. 1 Young Adulthood” Prog.docx© 2013 Laureate Education, Inc. 1 Young Adulthood” Prog.docx
© 2013 Laureate Education, Inc. 1 Young Adulthood” Prog.docx
 
© 2013 Laureate Education, Inc. 1 NURS 6441 Indivi.docx
© 2013 Laureate Education, Inc. 1 NURS 6441 Indivi.docx© 2013 Laureate Education, Inc. 1 NURS 6441 Indivi.docx
© 2013 Laureate Education, Inc. 1 NURS 6441 Indivi.docx
 
© 2013 Laureate Education, Inc. 1 NURS 6441 Work .docx
© 2013 Laureate Education, Inc. 1 NURS 6441 Work .docx© 2013 Laureate Education, Inc. 1 NURS 6441 Work .docx
© 2013 Laureate Education, Inc. 1 NURS 6441 Work .docx
 
© 2013 Laureate Education, Inc. 1 Comprehensive Write-u.docx
© 2013 Laureate Education, Inc. 1 Comprehensive Write-u.docx© 2013 Laureate Education, Inc. 1 Comprehensive Write-u.docx
© 2013 Laureate Education, Inc. 1 Comprehensive Write-u.docx
 
© 2011 The McGraw-Hill Companies, Inc. All rights reserved.Mc.docx
© 2011 The McGraw-Hill Companies, Inc. All rights reserved.Mc.docx© 2011 The McGraw-Hill Companies, Inc. All rights reserved.Mc.docx
© 2011 The McGraw-Hill Companies, Inc. All rights reserved.Mc.docx
 
© 2011 The McGraw-Hill Companies, Inc. All rights reserved..docx
© 2011 The McGraw-Hill Companies, Inc. All rights reserved..docx© 2011 The McGraw-Hill Companies, Inc. All rights reserved..docx
© 2011 The McGraw-Hill Companies, Inc. All rights reserved..docx
 
© 2010 by The Johns Hopkins University PressConflicting Va.docx
© 2010 by The Johns Hopkins University PressConflicting Va.docx© 2010 by The Johns Hopkins University PressConflicting Va.docx
© 2010 by The Johns Hopkins University PressConflicting Va.docx
 
© 2009 • Journal of Sport Administration & Supervision • Vol. .docx
© 2009 • Journal of Sport Administration & Supervision • Vol. .docx© 2009 • Journal of Sport Administration & Supervision • Vol. .docx
© 2009 • Journal of Sport Administration & Supervision • Vol. .docx
 
© 2009 John Wiley and Sons AustraliaDistribution (place).docx
© 2009 John Wiley and Sons AustraliaDistribution (place).docx© 2009 John Wiley and Sons AustraliaDistribution (place).docx
© 2009 John Wiley and Sons AustraliaDistribution (place).docx
 
© 2003 Applied Scholastics International. All Rights Reser.docx
© 2003 Applied Scholastics International. All Rights Reser.docx© 2003 Applied Scholastics International. All Rights Reser.docx
© 2003 Applied Scholastics International. All Rights Reser.docx
 
© 2005 Chris Thompson and Katarina Weslien PAJ 82 (2006), pp. .docx
© 2005 Chris Thompson and Katarina Weslien PAJ 82 (2006), pp. .docx© 2005 Chris Thompson and Katarina Weslien PAJ 82 (2006), pp. .docx
© 2005 Chris Thompson and Katarina Weslien PAJ 82 (2006), pp. .docx
 
© 2002, The Ripple Effect 1 permission granted to use for.docx
© 2002, The Ripple Effect 1 permission granted to use for.docx© 2002, The Ripple Effect 1 permission granted to use for.docx
© 2002, The Ripple Effect 1 permission granted to use for.docx
 
© 2005 Society for the Study of Addiction doi10.1111j.1360-.docx
© 2005 Society for the Study of Addiction doi10.1111j.1360-.docx© 2005 Society for the Study of Addiction doi10.1111j.1360-.docx
© 2005 Society for the Study of Addiction doi10.1111j.1360-.docx
 
¡A Presentar en Español!Prepare To prepare for this activit.docx
¡A Presentar en Español!Prepare To prepare for this activit.docx¡A Presentar en Español!Prepare To prepare for this activit.docx
¡A Presentar en Español!Prepare To prepare for this activit.docx
 
You are the Human Resource Director for a 500-.docx
You are the Human Resource Director for a 500-.docxYou are the Human Resource Director for a 500-.docx
You are the Human Resource Director for a 500-.docx
 

Recently uploaded

Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
PECB
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
kauryashika82
 

Recently uploaded (20)

Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SD
 
Energy Resources. ( B. Pharmacy, 1st Year, Sem-II) Natural Resources
Energy Resources. ( B. Pharmacy, 1st Year, Sem-II) Natural ResourcesEnergy Resources. ( B. Pharmacy, 1st Year, Sem-II) Natural Resources
Energy Resources. ( B. Pharmacy, 1st Year, Sem-II) Natural Resources
 
ComPTIA Overview | Comptia Security+ Book SY0-701
ComPTIA Overview | Comptia Security+ Book SY0-701ComPTIA Overview | Comptia Security+ Book SY0-701
ComPTIA Overview | Comptia Security+ Book SY0-701
 
Class 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdfClass 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdf
 
How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptx
 
On National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsOn National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan Fellows
 
Role Of Transgenic Animal In Target Validation-1.pptx
Role Of Transgenic Animal In Target Validation-1.pptxRole Of Transgenic Animal In Target Validation-1.pptx
Role Of Transgenic Animal In Target Validation-1.pptx
 
ICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptxICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptx
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
 
Python Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docxPython Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docx
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.
 
General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and Mode
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104
 
Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin ClassesMixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
 
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
 
Sociology 101 Demonstration of Learning Exhibit
Sociology 101 Demonstration of Learning ExhibitSociology 101 Demonstration of Learning Exhibit
Sociology 101 Demonstration of Learning Exhibit
 

Points 125Case Study 2 HIPAA and IT AuditsCriteriaUnaccept.docx

  • 1. Points: 125 Case Study 2: HIPAA and IT Audits Criteria Unacceptable Below 70% F Fair 70-79% C Proficient 80-89% B Exemplary 90-100% A Section 1: Written Paper 1a. Create an overview of the HIPAA Security Rule and Privacy Rule. Weight: 10% Did not submit or incompletely created an overview of the HIPAA Security Rule and Privacy Rule. Partially created an overview of the HIPAA Security Rule and Privacy Rule. Satisfactorily created an overview of the HIPAA Security Rule and Privacy Rule. Thoroughly created an overview of the HIPAA Security Rule and Privacy Rule. 1b. Analyze the major types of incidents and breaches that occur based on the cases reported. Weight: 10% Did not submit or incompletely analyzed the major types of incidents and breaches that occur based on the cases reported. Partially analyzed the major types of incidents and breaches that occur based on the cases reported. Satisfactorily analyzed the major types of incidents and breaches that occur based on the cases reported. Thoroughly analyzed the major types of incidents and breaches that occur based on the cases reported.
  • 2. 1c. Analyze the technical controls and the non-technical controls that are needed to mitigate the identified risks and vulnerabilities. Weight: 10% Did not submit or incompletely analyzed the technical controls and the non-technical controls that are needed to mitigate the identified risks and vulnerabilities. Partially analyzed the technical controls and the non-technical controls that are needed to mitigate the identified risks and vulnerabilities. Satisfactorily analyzed the technical controls and the non- technical controls that are needed to mitigate the identified risks and vulnerabilities. Thoroughly analyzed the technical controls and the non- technical controls that are needed to mitigate the identified risks and vulnerabilities. 1d. Analyze and describe the network architecture that is needed within an organization, including a medium-sized hospital, in order to be compliant with HIPAA regulations. Weight: 10% Did not submit or incompletely analyzed and described the network architecture that is needed within an organization, including a medium-sized hospital, in order to be compliant with HIPAA regulations. Partially analyzed and described the network architecture that is needed within an organization, including a medium-sized hospital, in order to be compliant with HIPAA regulations. Satisfactorily analyzed and described the network architecture that is needed within an organization, including a medium-sized hospital, in order to be compliant with HIPAA regulations. Thoroughly analyzed and described the network architecture that is needed within an organization, including a medium-sized hospital, in order to be compliant with HIPAA regulations. 1e. Analyze how a hospital is similar to and different from other non-medical organizations in regards to HIPAA compliance. Weight: 10%
  • 3. Did not submit or incompletely analyzed how a hospital is similar to and different from other non-medical organizations in regards to HIPAA compliance. Partially analyzed how a hospital is similar to and different from other non-medical organizations in regards to HIPAA compliance. Satisfactorily analyzed how a hospital is similar to and different from other non-medical organizations in regards to HIPAA compliance. Thoroughly analyzed how a hospital is similar to and different from other non-medical organizations in regards to HIPAA compliance. 1f. List the IT audit steps that need to be included in the organization’s overall IT audit plan to ensure compliance with HIPAA rules and regulations. Weight: 10% Did not submit or incompletely listed the IT audit steps that need to be included in the organization’s overall IT audit plan to ensure compliance with HIPAA rules and regulations. Partially listed the IT audit steps that need to be included in the organization’s overall IT audit plan to ensure compliance with HIPAA rules and regulations. Satisfactorily listed the IT audit steps that need to be included in the organization’s overall IT audit plan to ensure compliance with HIPAA rules and regulations. Thoroughly listed the IT audit steps that need to be included in the organization’s overall IT audit plan to ensure compliance with HIPAA rules and regulations. 1g. 3 references Weight: 5% No references provided Does not meet the required number of references; some or all references poor quality choices. Meets number of required references; all references high quality choices. Exceeds number of required references; all references high
  • 4. quality choices. 1h. Clarity, writing mechanics, and formatting requirements Weight: 10% More than 6 errors present 5-6 errors present 3-4 errors present 0-2 errors present Section 2: Network Architecture 2a. Create a network architecture diagram based on the description of the network architecture that you defined above for the organization to be compliant with HIPAA regulations. Weight: 15% Did not submit or incompletely created a network architecture diagram based on the description of the network architecture that you defined above for the organization to be compliant with HIPAA regulations. Partially created a network architecture diagram based on the description of the network architecture that you defined above for the organization to be compliant with HIPAA regulations. Satisfactorily created a network architecture diagram based on the description of the network architecture that you defined above for the organization to be compliant with HIPAA regulations. Thoroughly created a network architecture diagram based on the description of the network architecture that you defined above for the organization to be compliant with HIPAA regulations. 2b. Include in the diagram the switches, routers, firewalls, IDS/IPS, and any other devices needed for a compliant network architecture. Weight: 10% Did not submit or incompletely included in the diagram the switches, routers, firewalls, IDS/IPS, and any other devices needed for a compliant network architecture. Partially included in the diagram the switches, routers, firewalls, IDS/IPS, and any other devices needed for a compliant network architecture.
  • 5. Satisfactorily included in the diagram the switches, routers, firewalls, IDS/IPS, and any other devices needed for a compliant network architecture. Thoroughly included in the diagram the switches, routers, firewalls, IDS/IPS, and any other devices needed for a compliant network architecture.