(Answered)-5/5/16, 6:48 AM Grading for this assignment will be based on - (2025 Updated Original AI-Free Solution

Discipline:

Type of Paper:

Academic Level: Undergrad. (yrs 3-4)

Paper Format: APA

Pages: 5 Words: 1375

Question

This assignment consists of two (2) sections: a written paper and a PowerPoint presentation. You must submit both sections as separate files for the completion of this assignment. Label each file name according to the section of the assignment it is written for.? ? Health Information Technology (HIT) is a growing field within health services organizations today; additionally, health information security is a major concern among health organizations, as they are required to maintain the security and privacy of health information. The Department of Health and Human Services (HHS) provides extensive information about the Health Insurance Portability and Accountability Act (HIPAA). Visit the HHS Website, at?www.hhs.gov/ocr/privacy, for more information about HIPAA requirements. In March 2012, the HHS settled a HIPAA case with the Blue Cross Blue Shield of Tennessee (BCBST) for $1.5 million. Read more about this case at?www.hhs.gov/ocr/privacy/hipaa/enforcement/examples/bcbstagrmnt.html. As an IT security manager at a regional health services organization, your CIO has asked for the following: an analysis of this incident, an overview of the HIPAA security requirements necessary to prevent this type of an incident, and a briefing for management on the minimum security requirements to be HIPAA complaint. ? Section1: Written Paper 1.Write a three to five (3-5) page paper in which you:

a.?Describe the security issues of BCBST in regard to confidentiality, integrity, availability, and privacy based on the information provided in the BCBST case.? b.?Describe the HIPPA security requirement that could have prevented each security issue identified if it had been enforced. c.?Analyze the corrective actions taken by BCBST that were efficient and those that were not adequate. d.?Analyze the security issues and the HIPAA security requirements and describe the safeguards that the organization needs to implement in order to mitigate the security risks. ?Ensure that you describe the safeguards in terms of administrative, technical, and physical safeguards. e.?Use at least three (3) quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.?

Your written paper must follow these formatting requirements:

  • Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; references must follow APA or school-specific format. Check with your professor for any additional instructions.
  • Include a cover page containing the title of the assignment, the student?s name, the professor?s name, the course title, and the date. The cover page and the reference page are not included in the required page length.?

Section 2: PowerPoint Presentation 2.Create a six to eight (6-8) slide PowerPoint presentation in which you:

a.??Provide the following on the main body slides:
i.?An overview of the security issues at BCBST
ii.?HIPAA security requirements that could have prevented the incident
iii.?Positive and negative corrective actions taken by BCBST
iv.?Safeguards needed to mitigate the security risks

? Your PowerPoint presentation must follow these formatting requirements:

  • Include a title slide, four to six (4-6) main body slides, and a conclusion slide.

The specific course learning outcomes associated with this assignment are:

  • Summarize the legal aspects of the information security triad: availability, integrity, and confidentiality.?
  • Use technology and information resources to research legal issues in information security.
  • Write clearly and concisely about information security legal issues and topics using proper writing mechanics and technical style conventions.

Click?here?to view the grading rubric for this assignment.


5/5/16, 6:48 AM

Grading for this assignment will be based on answer quality, logic / organization of the paper, and language
and writing skills, using the following rubric.
Points: 100

Case Study 1: HIPAA, CIA, and Safeguards

Criteria

Meets
Minimum
Expectations
60-69% D

Fair
70-79% C

Proficient
80-89% B

Exemplary
90-100% A

Did not submit or
incompletely
described the
security issues of
BCBST in regard
to confidentiality,
integrity,
availability, and
privacy based on
the information
provided in the
BCBST case.

Insufficiently
described the
security issues
of BCBST in
regard to
confidentiality,
integrity,
availability, and
privacy based
on the
information
provided in the
BCBST case.

Partially
described the
security issues
of BCBST in
regard to
confidentiality,
integrity,
availability, and
privacy based
on the
information
provided in the
BCBST case.

Satisfactorily
described the
security issues
of BCBST in
regard to
confidentiality,
integrity,
availability, and
privacy based
on the
information
provided in the
BCBST case.

Thoroughly
described the
security issues
of BCBST in
regard to
confidentiality,
integrity,
availability, and
privacy based
on the
information
provided in the
BCBST case.

1b. Describe the
HIPPA security
requirement that
could have
prevented each
security issue
identified if it had
been enforced.
Weight: 10%

Did not submit or
incompletely
described the
HIPPA security
requirement that
could have
prevented each
security issue
identified if it had
been enforced.

Insufficiently
described the
HIPPA security
requirement that
could have
prevented each
security issue
identified if it
had been
enforced.

Partially
described the
HIPPA security
requirement that
could have
prevented each
security issue
identified if it
had been
enforced.

Satisfactorily
described the
HIPPA security
requirement
that could have
prevented each
security issue
identified if it
had been
enforced.

Thoroughly
described the
HIPPA security
requirement
that could have
prevented each
security issue
identified if it
had been
enforced.

1c. Analyze the
corrective actions
taken by BCBST
that were efficient
and those that
were not
adequate.

Did not submit or
incompletely
analyzed the
corrective actions
taken by BCBST
that were efficient
and those that
were not
adequate.

Insufficiently
analyzed the
corrective
actions taken by
BCBST that
were efficient
and those that
were not
adequate.

Partially
analyzed the
corrective
actions taken by
BCBST that
were efficient
and those that
were not
adequate.

Satisfactorily
analyzed the
corrective
actions taken
by BCBST that
were efficient
and those that
were not
adequate.

Thoroughly
analyzed the
corrective
actions taken by
BCBST that
were efficient
and those that
were not
adequate.

Did not submit or
incompletely
analyzed the
security issues
and the HIPAA
security
requirements and
did not submit or
incompletely
described the
safeguards that
the organization
needed to

Insufficiently
analyzed the
security issues
and the HIPAA
security
requirements
and
insufficiently
described the
safeguards that
the organization
needed to
implement in

Partially
analyzed the
security issues
and the HIPAA
security
requirements
and partially
described the
safeguards that
the organization
needed to
implement in
order to mitigate

Satisfactorily
analyzed the
security issues
and the HIPAA
security
requirements
and
satisfactorily
described the
safeguards that
the organization
needed to
implement in

Thoroughly
analyzed the
security issues
and the HIPAA
security
requirements
and thoroughly
described the
safeguards that
the organization
needed to
implement in
order to mitigate

Unacceptable
Below 60% F
Section 1: Written Paper
1a. Describe the
security issues of
BCBST in regard
to confidentiality,
integrity,
availability, and
privacy based on
the information
provided in the
BCBST case.
Weight: 15%

Weight: 15%
1d. Analyze the
security issues
and the HIPAA
security
requirements and
describe the
safeguards that
the organization
needs to
implement in order
to mitigate the
security risks.
Ensure that you

https://blackboard.strayer.edu/bbcswebdav/institution/CIS/438/1128/Week2-1128/Week%202%20Case%20Study%201%20Rubric.html

Page 1 of 2

5/5/16, 6:48 AM

describe the
safeguards in
terms of
administrative,
technical, and
physical
safeguards.
Weight: 15%

implement in
order to mitigate
the security risks;
did not submit or
incompletely
described the
safeguards in
terms of
administrative,
technical, and
physical
safeguards.

order to mitigate
the security
risks.
Insufficiently
described the
safeguards in
terms of
administrative,
technical, and
physical
safeguards.

the security
risks. Partially
described the
safeguards in
terms of
administrative,
technical, and
physical
safeguards.

order to
mitigate the
security risks.
Satisfactorily
described the
safeguards in
terms of
administrative,
technical, and
physical
safeguards.

the security
risks.
Thoroughly
described the
safeguards in
terms of
administrative,
technical, and
physical
safeguards.

1e. 3 references

No references
provided

Does not meet
the required
number of
references; all
references poor
quality choices.

Does not meet
the required
number of
references;
some
references poor
quality choices.

Meets number
of required
references; all
references high
quality choices.

Exceeds
number of
required
references; all
references high
quality choices.

More than 8
errors present

7-8 errors
present

5-6 errors
present

3-4 errors
present

0-2 errors
present

Did not submit or
incompletely
provided an
overview of the
security issues at
BCBST.

Insufficiently
provided an
overview of the
security issues at
BCBST.

Partially provided
an overview of
the security
issues at BCBST.

Satisfactorily
provided an
overview of the
security issues at
BCBST.

Thoroughly
provided an
overview of the
security issues at
BCBST.

Did not submit or
incompletely
provided the HIPAA
security
requirements that
could have
prevented the
incident.

Insufficiently
provided the
HIPAA security
requirements that
could have
prevented the
incident.

Partially provided
the HIPAA
security
requirements that
could have
prevented the
incident.

Satisfactorily
provided the
HIPAA security
requirements that
could have
prevented the
incident.

Thoroughly
provided the
HIPAA security
requirements that
could have
prevented the
incident.

2iii. Provide the
positive and
negative corrective
actions taken by
BCBST.
Weight: 10%

Did not submit or
incompletely
provided the
positive and
negative corrective
actions taken by
BCBST.

Insufficiently
provided the
positive and
negative
corrective actions
taken by BCBST.

Partially provided
the positive and
negative
corrective actions
taken by BCBST.

Satisfactorily
provided the
positive and
negative
corrective actions
taken by BCBST.

Thoroughly
provided the
positive and
negative
corrective actions
taken by BCBST.

2iv. Provide the
safeguards
needed to mitigate
the security risks.
Weight: 10%

Did not submit or
incompletely
provided the
safeguards needed
to mitigate the
security risks.

Insufficiently
provided the
safeguards
needed to
mitigate the
security risks.

Partially provided
the safeguards
needed to
mitigate the
security risks.

Satisfactorily
provided the
safeguards
needed to
mitigate the
security risks.

Thoroughly
provided the
safeguards
needed to
mitigate the
security risks.

Weight: 5%

1f. Clarity, writing
mechanics, and
formatting
requirements
Weight: 10%

Section 2: PowerPoint Presentation
2i. Provide an
overview of the
security issues at
BCBST.
Weight: 5%

2ii. Provide the
HIPAA security
requirements that
could have
prevented the
incident.
Weight: 5%

https://blackboard.strayer.edu/bbcswebdav/institution/CIS/438/1128/Week2-1128/Week%202%20Case%20Study%201%20Rubric.html

Page 2 of 2