Instructions
Course Objective for Assignment:
Examine the implications of ethical, legal, and regulatory policy issues on health care
information systems
Assume that you have been hired as a Chief Information Security Officer (CISO) by a local
healthcare organization which has no health information privacy and security policy yet. Thus,
your first assignment is to formulate a health information privacy and security policy for the
organization in accordance with the HIPAA and HITECH Privacy and Security Rules. Before the
development of the privacy and security policy document, your supervisor advises you to review
the HIPAA and HITECH Privacy and Security regulations the organization is required to comply
with.
In this assignment, address the following:
Outline of the specific policy you propose,
The consequences of noncompliance with the applicable laws, and
Measures to assure the correct application of Privacy and Security Rules. Make sure to consider
all perspectives of the user authentication and access controls.
Your 3-4 pages double-spaced APA formatted assignment excluding the Title and References
pages and containing 2-3 credible sources
