security_P

Running Head: IT SECURITY POLICIES 1

IT SECURITY POLICIES 4

IT SECURITY POLICIES

Name

Institution Affiliation

Date

The IT security policies are associated with controls and procedures for protecting information and assets of the healthcare organization. The guiding principle of different types of securities policies maintains availability, integrity, and confidentiality of security control systems (Ghai, Sharma, & Jain, 2015). Security policy is formed by different categories and standards applicable to laws. 10 security policy categories in a group of physicians practices involve; management programs on information securities, risk assessment, risk treatments, statements of applicability, documents review and adoption policy, information security in a healthcare organization, assets management, , and human resource security, compliance and maintenances (Andersson & Pettersson, 2015).

Management programs on information security: The system represents different controls and policies used in the implementation process (Ghai, Sharma, & Jain, 2015). It helps an organization to form some effective management by understanding key goals.

Risk Assessment: They help in quantifying identified risk on IT security system and prioritizing operations based on control objectives (Andersson & Pettersson, 2015). The IT resource system helps in identifying potential threats and evaluating the probability of occurring.

Risk Treatment: In this policy, agencies are required to monitor security objectives. The implementation plan of these factors allocates appropriate controls system based on IT security system (Ghai, Sharma, & Jain, 2015). This policy helps in justifying and identifying different security control tools in the implementation plan.

Statement of Applicability: The adopted policies are controlled lists of entities information in the IT security system. Agencies are supposed to manage different programs based on the statement of applicability provisions (Andersson & Pettersson, 2015). Such statement helps in understanding application of different IT resources in control and security objectives.

Document Review and Adoption Policy: A comprehensive statement in the security policy is prepared to address effectiveness, adequacy, and suitability (Ghai, Sharma, & Jain, 2015). It makes some significant change in healthcare IT management that does not conflict with enterprises securities policies.

Information Security in Organization: Agencies in healthcare institution are required to communicate, process, access, and maintain security issues in the organization (Andersson & Pettersson, 2015). The policy provides specific responsibility for supporting security implementation programs.

Asset Management: The maintain practices provides protection programs of individual assets based on data classification and inventory classification. The implementation designs some appropriate tagging of policy on enforcement (Ghai, Sharma, & Jain, 2015). Therefore, it forms some acceptable additional procedures in issuing better entities within IT resources.

Human Resources Security: Contractors and employees are given the responsibility of requisitions on knowledge and skills (Andersson & Pettersson, 2015). As such, there help in allowing authorized access to IT resources to avoid misuse of property, fraud, and thefts.

Compliance: The security policy defines some requirements of contractual obligation in federal laws (Ghai, Sharma, & Jain, 2015). The compliance plan helps in protecting confidential information and privacy of Patient Health Records.

Maintenance: The ongoing programs of implementation are driven based on the schedule of security policies. They help in monitoring and evaluating key components of change strategies (Andersson & Pettersson, 2015). The maintenance procedures help in approving and review every IT security implementation policy.

 Identified 10 appropriate security policies - I am not sure you found a good reference for this assignment. This was for a physician practice and should be considering HIPAA factors.   (5/10), explained the need for each policy (10/10), scope of each policy is comprehensive (5/10), spelling/grammar (5/5).    

Please open this link below and see the example to redo this assignment.

https://www.joneswallace.com/sites/default/files/downloads/HIPAA%20Security%20Risk%20Assessment%20-%20Small%20Physician%20Practice.pdf

References

Andersson, S. M., & Pettersson, M. G. (2015). U.S. Patent No. 9,191,822. Washington, DC: U.S. Patent and Trademark Office.

Ghai, V., Sharma, S., & Jain, A. (2015). U.S. Patent No. 9,111,088. Washington, DC: U.S. ssPatent and Trademark Office.