1 / 32100%
Name
Strayer University
Assignment 2: Designing HIPAA Technical Safeguards for a Healthcare Clinic
CIS 349 – Information Technology Audit and Control
Assignment 2: Designing HIPAA Technical Safeguards for a Healthcare Clinic
Imagine you are an Information Security consultant for a small healthcare clinic. The clinic has
electronic health records (EHRs) for patients, and they need to ensure compliance with the
Health Insurance Portability and Accountability Act (HIPAA). Write a three to five-page paper
in which you:
1. Analyze proper physical access control safeguards and provide sound recommendations for
securing EHRs in the clinic.
2. Recommend the proper audit controls to be employed in the clinic to monitor access to patient
records.
3. Suggest three logical access control methods to restrict unauthorized access to patient EHRs,
and explain why you suggested each method.
4. Analyze how patient data is transmitted within the clinic and identify techniques that may be
used to provide transmission security safeguards.
Your assignment must follow these formatting requirements:
Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides;
citations and references must follow APA or school-specific format. Check with your professor for any
additional instructions.
Include a cover page containing the title of the assignment, the student’s name, the professor’s name,
the course title, and the date. The cover page and the reference page are not included in the required
assignment page length.
The specific course learning outcomes associated with this assignment are:
Describe the role of information systems security (ISS) compliance and its relationship to U.S.
compliance laws.
Use technology and information resources to research issues in security strategy and policy
formation.
Write clearly and concisely about topics related to information technology audit and control
using proper writing mechanics and technical style conventions.
Clickhereto view the grading rubric.
Grading for this assignment will be based on answer quality, logic / organization of the paper, and
language and writing skills, using the following rubric.
Points: 50 Assignment 2: Designing HIPAA Technical Safeguards for a Healthcare Clinic
Criteria Unacceptable
Below 60% F
Meets Minimum
Expectations
60-69% D
Fair
70-79% C
Proficient
80-89% B
Exemplar
90-100%
1. Analyze proper
physical access
control
safeguards and
provide sound
recommendation
s to be employed
in the registrar's
office.
Weight: 21%
Did not submit or
incompletely analyzed
proper physical access
control safeguards and did
not submit or incompletely
provided sound
recommendations to be
employed in the registrar's
office.
Insufficientlyanalyze
d proper physical
access control
safeguards and
insufficientlyprovided
sound
recommendations to
be employed in the
registrar's office.
Partially analyzed
proper physical
access control
safeguards and
partiallyprovided
sound
recommendation
s to be employed
in the registrar's
office.
Satisfactorily
analyzed proper
physical access
control safeguards
and satisfactorily
provided sound
recommendations to
be employed in the
registrar's office.
Thoroughlyana
proper physica
access control
safeguards an
thoroughlyprov
sound
recommendati
to be employed
the registrar's o
2. Recommend
the proper audit
Students also viewed