This document discusses the importance of confidentiality and privacy in healthcare and outlines the key aspects of HIPAA and HITECH regulations. It also addresses an organization's security and privacy policies, risk assessment procedures, and various security measures related to physical, technical, network, communication, training, and data breach protocols. The document references guidelines for security and management training and a textbook on health care information systems.

1. Carmela Arino
MHA690: Health Care Capstone
(MFQ1602A)
Professor Jared Rutledge
January 7, 2016

2. I. Importance of Confidentiality
II. Overview of HIPAA Rules and HITECH Act
a. HIPAA Privacy Rules
b. HIPAA Security Rules
c. HITECH Act
d. Violations and penalties
III. Organization’s Security and privacy Policies
IV. Risk Assessment
a. identify threats and vulnerabilities
 Human threats: intentional or unintentional human tampering
 Natural and Environmental Threats such as floods
 Technology malfunctions (Wager, Lee, and Glaser, 2013, p. 354)

3.  V. Physical, Technical , and Network Security
a. Physical Security (e.g. lock doors, don’t
leave the files unattended, and etc.).
 b. Technical Security (e.g. access controls
such as using user name and passwords).
c. Network Security (e.g. secure data exchange)

4.  VI. Appropriate practices related to the use any
online communication such as emails and
internet.
 Data Security Breach Notifications Protocols

5. Security and Management Training: Best Practice
Considerations. Retrieved from
http://ptac.ed.gov/sites/default/files/issue
-brief-security-training.pdf
Wager, K., Lee, F., & Glaser, J. (2013). Wager, K.
A., Lee, F. W., & Glaser, J. P. (2013). Health
care information systems: A practical
approach for health care management (3rd
ed.). San Francisco, CA: Jossey-Bass.