Points: 100
Case Study 1: HIPAA, CIA, and Safeguards
Criteria
Unacceptable
Below 60% F
Meets Minimum Expectations
60-69% D
Fair
70-79% C
Proficient
80-89% B
Exemplary
90-100% A
Section 1: Written Paper
1a. Describe the security issues of BCBST in regard to confidentiality, integrity, availability, and privacy based on the information provided in the BCBST case.
Weight: 15%
Did not submit or incompletely described the security issues of BCBST in regard to confidentiality, integrity, availability, and privacy based on the information provided in the BCBST case.
Insufficiently described the security issues of BCBST in regard to confidentiality, integrity, availability, and privacy based on the information provided in the BCBST case.
Partially described the security issues of BCBST in regard to confidentiality, integrity, availability, and privacy based on the information provided in the BCBST case.
Satisfactorily described the security issues of BCBST in regard to confidentiality, integrity, availability, and privacy based on the information provided in the BCBST case.
Thoroughly described the security issues of BCBST in regard to confidentiality, integrity, availability, and privacy based on the information provided in the BCBST case.
1b. Describe the HIPPA security requirement that could have prevented each security issue identified if it had been enforced.
Weight: 10%
Did not submit or incompletely described the HIPPA security requirement that could have prevented each security issue identified if it had been enforced.
Insufficiently described the HIPPA security requirement that could have prevented each security issue identified if it had been enforced.
Partially described the HIPPA security requirement that could have prevented each security issue identified if it had been enforced.
Satisfactorily described the HIPPA security requirement that could have prevented each security issue identified if it had been enforced.
Thoroughly described the HIPPA security requirement that could have prevented each security issue identified if it had been enforced.
1c. Analyze the corrective actions taken by BCBST that were efficient and those that were not adequate.
Weight: 15%
Did not submit or incompletely analyzed the corrective actions taken by BCBST that were efficient and those that were not adequate.
Insufficiently analyzed the corrective actions taken by BCBST that were efficient and those that were not adequate.
Partially analyzed the corrective actions taken by BCBST that were efficient and those that were not adequate.
Satisfactorily analyzed the corrective actions taken by BCBST that were efficient and those that were not adequate.
Thoroughly analyzed the corrective actions taken by BCBST that were efficient and those that were not adequate.
1d. Analyze the security issues and the HIPAA security requirements and describe the safeguards that the organization needs to implement in order to mitigate the security risks. Ensure that you describ.
APM Welcome, APM North West Network Conference, Synergies Across Sectors
Points 100Case Study 1 HIPAA, CIA, and SafeguardsCriteria.docx
1. Points: 100
Case Study 1: HIPAA, CIA, and Safeguards
Criteria
Unacceptable
Below 60% F
Meets Minimum Expectations
60-69% D
Fair
70-79% C
Proficient
80-89% B
Exemplary
90-100% A
Section 1: Written Paper
1a. Describe the security issues of BCBST in regard to
confidentiality, integrity, availability, and privacy based on the
information provided in the BCBST case.
Weight: 15%
Did not submit or incompletely described the security issues of
BCBST in regard to confidentiality, integrity, availability, and
privacy based on the information provided in the BCBST case.
Insufficiently described the security issues of BCBST in regard
to confidentiality, integrity, availability, and privacy based on
the information provided in the BCBST case.
Partially described the security issues of BCBST in regard to
confidentiality, integrity, availability, and privacy based on the
information provided in the BCBST case.
Satisfactorily described the security issues of BCBST in regard
to confidentiality, integrity, availability, and privacy based on
the information provided in the BCBST case.
2. Thoroughly described the security issues of BCBST in regard to
confidentiality, integrity, availability, and privacy based on the
information provided in the BCBST case.
1b. Describe the HIPPA security requirement that could have
prevented each security issue identified if it had been enforced.
Weight: 10%
Did not submit or incompletely described the HIPPA security
requirement that could have prevented each security issue
identified if it had been enforced.
Insufficiently described the HIPPA security requirement that
could have prevented each security issue identified if it had
been enforced.
Partially described the HIPPA security requirement that could
have prevented each security issue identified if it had been
enforced.
Satisfactorily described the HIPPA security requirement that
could have prevented each security issue identified if it had
been enforced.
Thoroughly described the HIPPA security requirement that
could have prevented each security issue identified if it had
been enforced.
1c. Analyze the corrective actions taken by BCBST that were
efficient and those that were not adequate.
Weight: 15%
Did not submit or incompletely analyzed the corrective actions
taken by BCBST that were efficient and those that were not
adequate.
Insufficiently analyzed the corrective actions taken by BCBST
that were efficient and those that were not adequate.
Partially analyzed the corrective actions taken by BCBST that
were efficient and those that were not adequate.
Satisfactorily analyzed the corrective actions taken by BCBST
that were efficient and those that were not adequate.
Thoroughly analyzed the corrective actions taken by BCBST
that were efficient and those that were not adequate.
1d. Analyze the security issues and the HIPAA security
3. requirements and describe the safeguards that the organization
needs to implement in order to mitigate the security risks.
Ensure that you describe the safeguards in terms of
administrative, technical, and physical safeguards.
Weight: 15%
Did not submit or incompletely analyzed the security issues and
the HIPAA security requirements and did not submit or
incompletely described the safeguards that the organization
needed to implement in order to mitigate the security risks; did
not submit or incompletely described the safeguards in terms of
administrative, technical, and physical safeguards.
Insufficiently analyzed the security issues and the HIPAA
security requirements and insufficiently described the
safeguards that the organization needed to implement in order to
mitigate the security risks. Insufficiently described the
safeguards in terms of administrative, technical, and physical
safeguards.
Partially analyzed the security issues and the HIPAA security
requirements and partially described the safeguards that the
organization needed to implement in order to mitigate the
security risks. Partially described the safeguards in terms of
administrative, technical, and physical safeguards.
Satisfactorily analyzed the security issues and the HIPAA
security requirements and satisfactorily described the
safeguards that the organization needed to implement in order to
mitigate the security risks. Satisfactorily described the
safeguards in terms of administrative, technical, and physical
safeguards.
Thoroughly analyzed the security issues and the HIPAA security
requirements and thoroughly described the safeguards that the
organization needed to implement in order to mitigate the
security risks. Thoroughly described the safeguards in terms of
administrative, technical, and physical safeguards.
1e. 5 references
Weight: 5%
No references provided
4. Does not meet the required number of references; all references
poor quality choices.
Does not meet the required number of references; some
references poor quality choices.
Meets number of required references; all references high quality
choices.
Exceeds number of required references; all references high
quality choices.
1f. Clarity, writing mechanics, and formatting requirements
Weight: 10%
More than 8 errors present
7-8 errors present
5-6 errors present
3-4 errors present
0-2 errors present
Section 2: PowerPoint Presentation
2i. Provide an overview of the security issues at BCBST.
Weight: 5%
Did not submit or incompletely provided an overview of the
security issues at BCBST.
Insufficiently provided an overview of the security issues at
BCBST.
Partially provided an overview of the security issues at BCBST.
Satisfactorily provided an overview of the security issues at
BCBST.
Thoroughly provided an overview of the security issues at
BCBST.
2ii. Provide the HIPAA security requirements that could have
prevented the incident.
Weight: 5%
Did not submit or incompletely provided the HIPAA security
requirements that could have prevented the incident.
Insufficiently provided the HIPAA security requirements that
could have prevented the incident.
Partially provided the HIPAA security requirements that could
5. have prevented the incident.
Satisfactorily provided the HIPAA security requirements that
could have prevented the incident.
Thoroughly provided the HIPAA security requirements that
could have prevented the incident.
2iii. Provide the positive and negative corrective actions taken
by BCBST.
Weight: 10%
Did not submit or incompletely provided the positive and
negative corrective actions taken by BCBST.
Insufficiently provided the positive and negative corrective
actions taken by BCBST.
Partially provided the positive and negative corrective actions
taken by BCBST.
Satisfactorily provided the positive and negative corrective
actions taken by BCBST.
Thoroughly provided the positive and negative corrective
actions taken by BCBST.
2iv. Provide the safeguards needed to mitigate the security
risks.
Weight: 10%
Did not submit or incompletely provided the safeguards needed
to mitigate the security risks.
Insufficiently provided the safeguards needed to mitigate the
security risks.
Partially provided the safeguards needed to mitigate the security
risks.
Satisfactorily provided the safeguards needed to mitigate the
security risks.
Thoroughly provided the safeguards needed to mitigate the
security risks.