Premium Essay

Security Paper

In: Business and Management

Submitted By marissapookita
Words 285
Pages 2
HCS 533 WEEK 4 Security and Privacy Paper
Security and Privacy Paper

As an information systems manager, you will need to consider a very important aspect of your operation—patient information, privacy, and security. Review the following case scenarios and select one to use for your management plan for security and privacy.

Case Scenario 1 (Security Breach)

The administration at St. John’s Hospital takes pride in its sound policies and procedures for the protection of confidential client information. In fact, it serves as a model for other institutions in the area, however, printouts discarded in the restricted-access IS department are not shredded. On numerous occasions, personnel working late have observed the cleaning staff reading discarded printouts. What actions, if any, should these personnel take toward the actions of the cleaning staff? What actions, if any, should be taken by IS administration?

Case Scenario 2 (Natural Disaster):

Living on the Gulf Coast is a benefit that many residents of this small Southern town enjoy, however, natural disasters are a concern. The town has just been struck by a hurricane and the entire basement of your operation is flooded by the storm surge. Patient files were destroyed or washed away with the receding water. What actions do you take when patients ask for their health records? What processes did you have in place to protect your records in anticipation of such an event?

Choose one of the scenarios above and develop a process for maintaining patient privacy and security.

Include a detailed management plan in the case of a security breach (Case Scenario 1) or a natural disaster (Case Scenario 2). In your plan, address the following questions:

• How can you respond to these...

Similar Documents

Premium Essay

Term Paper -Mercy Securities Corp -Survey Report

...Term paper -Mercy Securities Corp -Survey Report Click Link Below To Buy: Each student will prepare both a 5 -7 page written report. Outline Background: You have recently been hired as part of annual class of trainees at a major brokerage firm, Mercy Securities Corp. After a few days of orientation, you begin its trainee “rotation” through several departments across the firm. The first unit you are assigned to is the ___________________ Department where, as an initial project, you are asked to research and study the processes and controls of that department. Your job is to fully explain how that department works and what controls are or should be in place. Your manager wants you to prepare a written report analyzing the chosen department. In addition, he asks you to give him an oral presentation of your findings and conclusions once you have completed your analysis. Selection of the Department: Each student will choose a department of interest from within a brokerage firm. Research will show dozens of potential departments. The students may choose any department that interests them. Format for Written Report: The written report should be organized in the following order: Section I: Executive Summary (1 page) Section II: Detailed Analysis (4 to 6 pages) Section III: Attached Addenda (bibliography, copy of financial statements, comparisons, charts,......

Words: 303 - Pages: 2

Premium Essay

Physical Security Paper

...recognizes errors most commonly made by university students in academic essays. The system embeds comments into your paper and suggests possible changes in grammar and style. Please evaluate each comment carefully to ensure that the suggested change is appropriate for your paper, but remember that your instructor's preferences for style and format prevail. You will also need to review your own citations and references since WritePoint capability in this area is limited. NOTE: WritePoint comments are computer-generated writing and grammar suggestions inviting the consideration and analysis of the writer; they are not infallible statements of right/wrong, and they should not be used as grading elements. Also, at present, WritePoint cannot detect quotations or block-quotes, so comments in those areas should be ignored. For additional assistance, please visit our WritePoint Lab to speak with a tutor. During the lab, the tutor addresses common WritePoint grammar and style errors, offers editing advice for students who use WritePoint, and takes student questions. A link to the lab is located on the Live Labs homepage, which is accessible by logging into eCampus and pasting the following URL ( into the address bar. Physical Security Paper [This title could be more inspiring. Labeling it a "paper" or an "essay" is redundant (what else could it be?), and only a few words as a title are not very explanatory......

Words: 2103 - Pages: 9

Premium Essay

Common Information Security Threats Paper

...Common Information Security Threats Paper Courtney Gardner CMGT/400 2-25, 2013 Terry Green Common Information Security Threats Paper The growing number of security treats an organization faces from day to day grows substantially as each day passes. Even the failed attempts to access secure data bear fruit of some kind in the form of another vulnerability being discovered or a different tactic is used that the company wasn’t prepared for. One organization that can’t afford not to be prepared is the Chase Bank organization. This financial institution is very accustomed to fending off skilled cyber thieves. It gets hit every day by thousands if not tens of thousands of attacks on their infrastructure and networks I will discuss three major threats that Chase faces DDoS attacks, Mobile Banking and Phishing. Transferring funds out of users' accounts is a major security treat they face. This can be achieved many ways which makes it an active job for the security admins of banks. Online banking has opened the banks to a wide variety of vulnerabilies that much be patched or mitigated to the lowest degree possible. Being the victim of a DDoS attack is always a possibility for Chase as they contact a large amount of online tractions and overseas money handling. Attackers can employee DDoS attacks, or distributed denial of service attacks, named for denial of customer service by aiming large capacities of network traffic to a website until it forced to or collapse. To help......

Words: 1188 - Pages: 5

Premium Essay

Security Risk Management Course Paper

...developed to safeguard the data that is stored and used by information systems, as well as the protection of the hardware that runs the information system. Therefore, a proper understanding of risk management and all that it entails is of the utmost importance for every IT professional, regardless of specialization. The purpose of this paper is to identify what risk management is and give an overview of the three phases or undertakings that make up the risk management process and then conclude with a discussion and explanation of the six-step Risk Management Framework (RMF) developed by the Department of Defense and the National Institute of Standards and Technology (NIST) (National Institute of Standards and Technology, 2010). “Risk management is the process of Identifying risks, as represented by vulnerabilities, to an organization’s information assets and infrastructure, and taking steps to reduce this risk to an acceptable level” (Michael E. Whitman, Herbert J. Mattord, 2012, p. 119.). Thus, risk management is merely the ability of a person or organization to implement due diligence and identify any potential issue and develop policies and security measures to combat these risks. Risk management is comprised of three phases: risk identification, risk assessment, and risk control (Michael E. Whitman, Herbert J. Mattord, 2012, p. 119.). Risk Identification Risk identification is simply the identification and documentation of the assets and the threats to those......

Words: 2778 - Pages: 12

Premium Essay

Information Security White Paper

...Information Security White Paper UMUC In business, an information security is a set of policies to protect the companies and small businesses infrastructure, physical and information technology assets, and to ensure that all information technology users within the domain of the companies and small businesses comply with the rules and guidelines related to the security of the information stored digitally at any network within the boundaries of authority. In short, it can protect data from the outside and even inside threat. The data and information, which the companies and small businesses have, are arguably the most important assets. They should ensure the data confidentiality, integrity, availability, non-repudiation, authentication, and authorization. Most small businesses and companies must have information security to ensure their business and information assets. Information security protects data and controls how it should be distributed within or without the businesses boundaries. This means that information should be encrypted and may have restrictions placed on its distribution to the third party. Information security should protect the data from the outside threats such as: Threats |Confidentiality |Integrity |Availability | |Denial of Service Attack |Low |Medium |High | |Power Supply Failure |Low |Low |High | |Malicious Code Infection |High |High |High | |Theft and Fraud |High |Medium |High | |Website Intrusion |High |High |High |......

Words: 697 - Pages: 3

Free Essay

Social Security Paper

...10/08/12 Social Security Paper A brief introduction to the topic of United States Social Security program tells us that it came from the “Old-Age, Survivors, & Disability Insurance” federal program and is meant to provide welfare. There were actually a few similar precursors to what we know as social security, one example being a pension program following the American Civil War. After the Civil War there were hundreds of thousands of widows, orphans, and disabled vets. Even before this, an article informed me that the first national pension program began in early 1776; prior to the signing of our declaration. Not long after the Civil War had ended, America began to rapidly change. This had a lot to do with the Industrial Revolution and the urbanization of the population. This led us to stray from an extensive agrarian family unit that could support their elders to a more condensed American family living in cities. Combining demographic and social changes (including the increase of life expectancy by roughly 10 years), America had fewer and fewer people living on the land, and more of its population in the cities. Unfortunately, this led to a “fragile” provision of economic security. Social Security itself was created on August 14, 1935, when President Roosevelt signed the Social Security Act. Not only did this new legislature help with the general welfare of the public, but it also provided a way for retirees over 65 years of age to receive a continued form of......

Words: 666 - Pages: 3

Premium Essay

Paper on Private Security Against Government Personnel

...Paper on private security against government personnel University of Phoenix The paper of private security against government personnel The various roles of the government versus, the private security personnel compare, as they are both. Trying to protect employees and keep them safe, from harm’s way within a work environment and policy and guidelines done correctly. The contrast with private security personnel and various roles, of government is that some of them do not follow their policy and make their rules and regulations that are different from the government. In this paper, it will be discussed A comparison of the legal, ethical, managerial, and economic issues of public and private agencies, An evaluation of public and private company daily also practices A discussion of the future merging of government and private security firms also the conclusion on both of them as well. It helps to understand comparison and contrasts the differing roles of government versus private security employees within this paper. Compare parts and goals of government workers versus private security The public and private agencies have the same functions doing their daily task, which include writing reports, the task that has to do with investigating, also patrol areas as well. The different roles that they do are public agencies,......

Words: 1590 - Pages: 7

Free Essay

Social Security Paper

...History The U.S. Social Security program is designed to aid residents in need through welfare subsidies. The programs are provided by organizations on federal, state, local, and private levels; and help to provide eligible residents with food, shelter, healthcare, education and money. Aid is provided through financial aid for college education, unemployment disability insurance, food stamps, pensions for eligible low-wage workers, subsidies for housing, and health insurance programs for public employees (Feldstein, 2005; Krugman, 2007). President Franklin D. Roosevelt enacted the Social Security Act on August 14, 1935 as a means to battle the Great Depression of the 1930’s. Beginning in 1932, the government had started providing loans and grants to States to pay for direct relief and work relief, since States, local communities, and private charities did not have the financial resources to cope with the growing needs of the American people. Then in 1935, when the Social Security Act was created, two social insurance programs were established on a national level for the American people. One of these Federal systems provided benefits for the elderly and retired workers who had been employed in industry or commerce. The second was a Federal-State system that would provide insurance to the unemployed (Historical Development, n.d.). Since its conception, the Social Security Administration has grown and developed programs shaped by America’s changing economic and social......

Words: 987 - Pages: 4

Premium Essay

Cis438 - Term Paper - Security Regulation Compliance

...Term Paper: Security Regulation Compliance Giancarlos Guerra Strayer University CIS 438 - Information Security Legal Issues Abstract: In this paper I shall provide an overview that will be delivered to senior management of regulatory requirements the agency needs to be aware of, including: i. FISMA; ii. Sarbanes-Oxley Act; iii. Gramm-Leach-Bliley Act; iv. PCI DSS; v. HIPAA; vi. Intellectual Property Law. Describe the security methods and controls that need to be implemented in order to ensure compliance with these standards and regulatory requirements. Describe the guidance provided by the Department of Health and Human Services, the National Institute of Standards and Technology (NIST), and other agencies for ensuring compliance with these standards and regulatory requirements. Term Paper: Security Regulation Compliance Introduction In the day-to-day operations of information security, security professionals often focus the majority of their time dealing with employee access issues, implementing security methods and measures, and other day-to-day tasks. They often neglect legal issues that affect information security. As a result, organizations often violate security-related regulations and often have to pay heavy fines for their non-compliance.” A Chief Information Officer in a government agency should realize the need to educate for senior leadership on some of the primary regulatory requirements, and realize the need to ensure that the employees in the......

Words: 2284 - Pages: 10

Premium Essay


...application software system software development tools utilities Information assets (owned by Manager or MIS) ‘Information’ means information held by the Company on its own behalf and that entrusted to it by others. The following are examples of the media which may contain or comprise information assets. • • • • • • • • • • databases and data files system documentation user manuals training material operational or support procedures continuity plans and fallback arrangements back-up media on-line magnetic media off-line magnetic media paper Services • • computing and communications services (owned by MIS) heating, lighting and power (owned by Manager or Building Services Manager) 1 17/01/03 First•Base Technologies Town Hall Chambers High Street Shoreham-by-Sea West Sussex BN43 5DD UK Tel: +44 (01273 454 525 Fax: +44 (0)1273 454 526 Guidance on Information Classification Categories for classifying document security Category 1 : Routine (non-confidential) documents Description: All documents of a routine nature. Effects of disclosure: No measurable damage to the company or a department. Examples: Normal memos, routine reports, circulars. Estimated occurrence of this classification: More than 80% of all documents would be within this class. Recommended marking of document: This is the default class. Therefore, there should be no need to mark non-confidential material, and all unmarked material would normally be expected to fall in......

Words: 2760 - Pages: 12

Premium Essay

Mba Term Paper

...There are many types of MBA papers that are required in most MBA institutions. The most common of these are the MBA term papers. The MBA term paper is one of the most basic of all MBA papers. You can write an MBA term paper on any topic, as long as it is connected with what you are learning in your course. However, it is not everyone who finds it easy to write a good term paper and hand it over to his lecturer on time. This is mainly because many MBA students have no time to do all the research required in an MBA term paper. If you are one of those having trouble writing and finishing a good business term paper, then you should ask for assistance. Instantly calculate the price for your order! Type of Paper Needed Please note that any orders related to thesis and dissertation papers, as well as their parts/chapters, are only available for University (College 3-4) academic level and higher. Academic Level Pagesinfo Deadlineinfo Select Academic Level first! Total Price Select type of paper first! The price for any of the additional services, such as progressive delivery, writer's samples and/or any extra charge for selecting a particular category of writer will be calculated and added automatically as you fill in the order form. Buy custom MBA term papers online There are many places from where you can get assistance to write your MBA term paper. For instance, you can ask someone in your college to do the paper for you for a certain fee. However,......

Words: 680 - Pages: 3

Free Essay

Orchid Products

...27MAR201319523653 ORCHIDS PAPER PRODUCTS COMPANY 2013 ANNUAL REPORT To Stockholders Dear Stockholders, In 2013, Orchids Paper Products Company experienced record converted product net sales and total net sales levels for the second consecutive year. We continued to broaden our product offerings and experienced additional penetration into the mid/premium tier product markets. Net sales of converted products exceeded $100 million for the first time in the Company’s history. During 2013, we focused on continuing to increase sales of converted product to fully consume our parent roll capacity. Our efforts centered on new product development in both paper making and converting and combining those efforts with an effective sales and marketing plan. As a result, we continued to expand our converted product offerings into the mid/premium tier market, creating new sales opportunities which resulted in shipments of 8.2 million cases, or approximately 53,000 tons, an increase of 16.2% over case shipments in 2012. More specifically, during 2013, our net sales increased 15.4% to $116.4 million compared to $100.8 million in 2012. This included a 21.1% increase in converted product sales. Our sales of mid-tier and premium tier products comprised 37.9% of our unit net sales in 2013, compared to 15.0% in 2012 and 6.8% in 2011. We also focused considerable efforts on controlling production costs while improving quality attributes to supplement the high quality production capabilities of...

Words: 35963 - Pages: 144

Free Essay

Vissy Tumit

...VISY PULP AND PAPER PTY LTD ENVIRONMENTAL ASSESSMENT FOR A MAJOR PROJECT TUMUT MILL EXPANSION 436 Gadara Road, Tumut, New South Wales January 2007 H:\Environmental\VPP9 Stage 2\Stage 2\FINAL EA SUBMISSION\Main Report\Visy Tumut Final Env Assessment Main Report.doc Environmental Assessment Submission Under Part 3A of the Environmental Planning and Assessment Act 1979 Statement by Authors Environmental Assessment Prepared By: Name Ms Leanne Hayes Company Visy Pulp and Paper Pty Ltd Position Project Environmental Engineer Qualifications BSc Environmental Biology Address 436 Gadara Road, Tumut, New South Wales, 2720 Co-authored and Reviewed By: Name Ms Alison McRae Company Peter J Ramsay and Associates Pty Ltd Position Associate Qualifications Bachelor of Engineering (Environmental), Bachelor of Commerce Address 3/538 Gardeners Road, Alexandria, New South Wales, 2015 Project Under Part 3A: Application Number 06_0195 Development Visy Pulp and Paper Tumut, Mill Expansion Development Location 436 Gadara Road, Tumut, New South Wales, 2720 Proponent Visy Pulp and Paper Pty Ltd PO Box 98 Tumut, New South Wales, 2720 Certification: I certify that I have prepared this Environmental Assessment report and that to the best of my knowledge: it has been prepared in accordance with Part 3A of the Environmental Planning and Assessment Act and Regulations; and the......

Words: 18834 - Pages: 76

Free Essay

How to Write a White Paper

...Steps to writing a proper white paper… Use a Linear, Logical Approach: a white paper must be educational, not promotional in tone. And should posses the following objectives: It must attract the right audience. White papers are highly audience specific, it is better to write white papers tailored toward different groups of stakeholders. Must engage the reader; engage by showing them that you understand their problem and that you can “relate”. Or by quickly showing mastery of the subject, through good clear writing. It must inform your reader. Written more like an objective magazine article than a sales brochure. they should objectively present a problem, the business case for solving the problem, and alternative ways of solving the problem. Therefore, the reader gains knowledge from having invested the time to read the paper. Ultimately the reader feels informed, not sold. It must convince your reader; to convince reader to give your organisation consideration based information that you have presented. Example, if your product has a high up-front cost but lower maintenance costs, your paper might include an analysis of ongoing “hidden” costs and a ROI model that shows how a high initial investment might actually be more cost-effective over the life of the purchase. Your Title Is Key to Success of Paper: A creative, meaningful title drives readership, whether you promote your paper online, distribute it at a conference, or pitch it to trade magazine editors. The......

Words: 854 - Pages: 4

Free Essay

Cri Assignment

...Executive Summary A new idea has been developed to create a new product. The name of the proposed product is Multipurpose Paper shredder. This product is an upgrade version of paper shredder which is used in the offices for shredding purposes. This ‘Multipurpose’ Paper has upgraded into double functions such as shredding and briquetting.. The main target market of this product is adults.. One of the objectives of using Multipurpose Paper is to encourage Malaysian Citizens to work in the safe and convenience environment and to use at home and office. Problem Statements, idea generation, product concept description, idea evaluation are made to defining problems in specific ways and how to develop idea to generate a new product. The idea evaluation also helps to maximize the supporting factors and minimize the restricting factors (scribd, 2014). Part 1 A. Problem Statement In today’s office, a lot of sensitive information handling daily from one hand to another hand.. One of the problems that will be faced by the employee is their fingers will be shredded together with the paper in the shredding machine. Cleanliness and maintenance are also an issue because they found difficulties to clean after the shredding process. Another constraint which faced by the employees is maintenance. The employees should send to the authorized technical center to repair this shredder machine. The negative impact is, employees work will be delayed and the secret data will be stole by......

Words: 2680 - Pages: 11