SEC 402– Cyber security
Week 8
25th October
Assignment 8: Cybersecurity for a National Healthcare Information Exchange
Due Week 8 and worth 75 points
Instructions: You have been appointed as a cybersecurity consultant for a national healthcare
information exchange (HIE) responsible for securely sharing patient health records among
healthcare providers. Write a seven to nine-page paper addressing the following questions:
1. Discuss the challenges and importance of achieving interoperability in healthcare data
exchange while maintaining robust security. Propose strategies to ensure secure sharing
of patient health records among diverse healthcare providers.
2. Recommend encryption methods and privacy measures to safeguard patient health
records during transmission and storage within the healthcare information exchange.
Discuss the role of encryption in protecting sensitive healthcare data.
3. Propose access control measures and identity management strategies to ensure that
only authorized healthcare professionals have access to patient health records. Discuss
the importance of role-based access and secure user authentication.
4. Develop a security awareness program for healthcare professionals participating in the
information exchange. Discuss the unique challenges of healthcare cybersecurity and
the role of training in preventing data breaches and ensuring compliance.
5. Develop an incident response plan for cybersecurity incidents affecting the healthcare
information exchange. Discuss coordination efforts with healthcare providers, regulatory
authorities, and communication strategies to minimize the impact on patient care.
Ensure that your papers provide practical recommendations and considerations for the specified
scenarios. Use relevant industry standards, best practices, and case studies to support your analysis and
suggestions.
Your assignment must follow these formatting requirements:
Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all
sides; citations and references must follow APA or school-specific format. Check with your
professor for any additional instructions.
Include a cover page containing the title of the assignment, the student’s name, the professor’s
name, the course title, and the date. The cover page and the reference page are not included in
the required assignment page length.
The specific course learning outcomes associated with this assignment are:
Compare and contrast the methods of disaster recovery and business continuity.
Explain risk management in the context of information security.
Use technology and information resources to research issues in disaster recovery.
Write clearly and concisely about disaster recovery topics using proper writing mechanics and
technical style conventions.
Grading for this assignment will be based on answer quality, logic / organization of the paper, and
language and writing skills, using the following rubric.
Points: 75 Assignment 8: Cybersecurity for a National Healthcare Information
Exchange
Criteria Unacceptable
Below 60% F
Meets
Minimum
Expectations
60-69% D
Fair
70-79% C
Proficient
80-89% B
Exemplary
90-100% A
1. Explain the basic
primary tasks, ongoing
evaluations, and major
policy and procedural
changes that would be
needed to perform as
the BC lead / manager.
Weight: 20%
Did not submit or
incompletely
explained the
basic primary
tasks, ongoing
evaluations, and
major policy and
procedural
changes that
would be needed
to perform as the
BC lead /
manager.
Insufficiently
explained the
basic primary
tasks, ongoing
evaluations,
and major
policy and
procedural
changes that
would be
needed to
perform as the
BC lead /
manager.
Partially
explained the
basic primary
tasks, ongoing
evaluations,
and major
policy and
procedural
changes that
would be
needed to
perform as the
BC lead /
manager.
Satisfactorily
explained the
basic primary
tasks, ongoing
evaluations,
and major
policy and
procedural
changes that
would be
needed to
perform as the
BC lead /
manager.
Thoroughly
explained the
basic primary
tasks, ongoing
evaluations,
and major
policy and
procedural
changes that
would be
needed to
perform as the
BC lead /
manager.
2. Provide insight on
