Privacy Compliant Systems Design

Draw an annotated DFM diagram for the following ER scenario. Use annotations from the list in  Week 3 documents. 

Upon your arrival at the Department of Emergency Medicine, you will need to register at the reception desk located at the waiting room. You have to complete a paper form with the requested information and deliver the form to the clerk at the admission desk. The clerk may ask you few follow up questions based on the information you provide in the form. Your information is entered by the admission clerk in a computer systems and the paper form is filed in a cabinet. Our hospital systems have five locations in Texas, Louisiana, Arkansas, Mississippi and Missouri. You can receive services at all these locations in the future since they will have access to your electronic admission records which is stored in in amazon cloud. All communications between Amazon cloud and the local systems use secure protocols.  While patients’ name, SSN, address and telephone number, and dates of visits are stored in Amazon cloud as plain texts, patients’ health and insurance related information are saved in encrypted form. Admission clerks have access to unencrypted data, but the doctors, hospital administrators, and billing personnel have access to all data. Treatment category (not specific disease information) information is shared with the specified insurance companies for the billing purposes. Copies of the health records are made available to the medical researchers after removing patients’ name, SSN, address and telephone numbers.