StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

Relevant Regulations for Information Security - Assignment Example

Cite this document
Summary
This paper 'Relevant Regulations for Information Security' tells us that Information Technology in the 20th and the 21st centuries has exponentially risen and has been terrific in improving lives generally. Technological advancement has seen communications made easier through the internet, mobile phones, fax, and the likes…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER92.9% of users find it useful
Relevant Regulations for Information Security
Read Text Preview

Extract of sample "Relevant Regulations for Information Security"

Relevant Regulations for Information Security s March 21, Relevant Regulations for Information Security Information Technology in the 20th and the 21st centuries has exponentially risen and has been terrific in improving lives generally. Technological advancement has seen communications made easier through the internet, mobile phones, fax and the likes. Interaction has been made easier, while making the world look like a global village. Businesses have not been left behind however, with technology bringing about exquisite innovations and this has made business operation easier. Emerging trends like globalization has been characterized by virtual teams, more efficient communications in the business and coordination and overall running of businesses has been admittedly made easier (Cuff, 2014). Innovation can generally be defined as changing or creating more effective and efficient processes, products and ideas that increase the likelihood of business succeeding. For the business, innovation could mean implementing new ideas, creation of more dynamic products and improving the already existing products. Businesses that employ technology create more effective and efficient work processes and have better performance and productivity (Brotby, 2009). Technology can catalyze the growth and success of the business and enable the adaptation of business in the marketplace. For a business to compete strongly in the market, the ability to come up with new strategies, products or even services play an important role in ensuring that the business forge onwards. This creativity is usually deemed to produce products of higher quality, smarter and more enticing to the clients (Cuff, 2014). In this study, however, we discuss the impact of technology as far as regulation for information security is concerned. In the healthcare security, technology has an undisputable crucial role to play, otherwise known as the Electronic protected health information (ePHI). However, ePHI is run by the HIPAA (Health Insurance Portability and Accountability Act), which specifically focuses on safeguarding it (Khansa, Cook, James & Bruyaka, 2012). All the entities covered by the HIPAA, which includes a number of federal agencies must comply with the security regulation; which primarily deals with the safeguarding of the confidentially, integrity and the presence of ePHI as outlined in the security rule or regulation. Some of the regulations covered by the HIPAA for information security are outlined below (Khansa, Cook, James & Bruyaka, 2012). The first one is the security standards or the general rules. This is an explanation of all the requirements that all covered entities must meet, establishes the flexibility of approach as well as identifying standards and the implementations specifications. Additionally, it is in the general rules where decisions a covered entity must make in regards to addressable implementations specifications are outlined. Second, there are the Administrative safeguards which are defined in the regulation as the administrative actions and policies and procedures that used to manage the selection, development, the implementation and the maintenance of the stipulated security measures for the protection of electronic health information (Box & Pottas, 2013). Physical safeguards are another regulation for HIPAA which can be defined as the physical measures and procedures followed to safeguard a covered entity’s electronic health information from unauthorized access. Technical safeguards are other regulations on the HIPAA and are the technology and the policy that are used to protect the covered entity’s electronic health information from illegal accessibility (Fetzer & West, 2008). Apart from these four regulations, there are also organizational requirements which include contracts and other arrangements such as the memoranda of understanding and the requirements for group health plans. Furthermore, policies and procedures and documentation requirements are other regulations for HIPAA. These are the written policies, procedures, actions, activities and assessments of the security rule and are an important component as far as the HIPAA is concerned (Brotby, 2009). Review and Description of the Regulations Although the various relevant regulations for information security in the healthcare have been mentioned in the above section, this section will endeavor in explaining and giving more information for each one of the regulation. To begin with, the study identified general security standards and rules as one of the regulations. This is where the general information and the requirements of the security are outlined, in detail and requires maintenance of measures pertaining to security to continue enhancing reasonable and ideal protection of electronically protected healthcare information. The responsibilities and the roles that the covered entities should play in the course of security implementation are found here and the issue of addressable implementations is covered in this regulation. It is in this very regulation where flexibility of approach and the standards of implementation are identified. In fact, this is the summary of all other regulation of the HIPAA. It is therefore a very crucial regulation in the HIPAA (Shoaf, 2003). The other regulation is the administrative safeguards, which are the administrative procedures, actions, policies and the like. This is to imply that, this regulation covers the administrative obligations as far as the HIPAA is concerned and it is in this regulation where security measures are selected, that is to say, the measures concerning the security breaches; the implications and the punishment of the perpetrators are found (Johnston & Warkentin, 2008). The criteria for implementing these measures as well as the implementation of the same are contained in this regulation. It is the “processing factory” of the HIPAA so to say as all the crucial activities are done here. Some of the key activities of administrative safeguards are identifying the relevant information systems, conducting the risk management, implementing the risk management program; among other tasks. It is evident that it is a crucial component (Brotby, 2009). On the front of physical safeguards, this regulation covers the physical measures to be taken in the event of the covered entity’s health information is compromised or by the environmental and natural perpetrators. Moreover, procedures to protect the covered entity’s electronic information systems and the corresponding buildings and equipment from unauthorized physical intrusion are found in this regulation. It covers the tangible front in the management of the healthcare information. Ultimately, it can be considered very crucial as it outlines the procedures for dealing with physical hazards to the electronically managed healthcare information (Cooper, Collmann & Neidermeier, 2008). The technical safeguards deals with the technology and the procedures and policies to be applied in safeguarding the health information and ways of accessing it. This regulation is typically concerned with the technological issues as far as the whole issue of information safeguarding is concerned. It is responsible for the technical health of the appliances to ensure that access and retrieval of the healthcare information is as easy as possible; while also maintaining the computers and the general IT systems used for the storage, transfer, access and access of the healthcare information (Conklin & McLeod, 2010). One of the most important things in the HIPAA is the presence of organizational requirement. This regulation is amazingly crucial in ePHI because all the standards for the business associate contracts are found here, amongst other arrangements. An important document like the memorandum of understanding is found in this very regulation, between the covered entities and business associates. Organizational requirements are very vital in the HIPAA especially in keeping the memoranda of association and other necessary arrangements between the parties involved and therefore it should be regarded a crucial regulation in the information regulation security in the healthcare (Box & Pottas, 2014). Policies and procedures and documentation requirement is the last segment that will be discussed in this study. This regulation requires that the implementation of appropriate policies and reasonable procedures comply with the set standards, the set implementation specifications and other requirements of the HIPAA. More importantly the written documentations about the information security which includes the policies, assessments, procedures and even activities concerning the rule are found in this regulation. Additionally, any updates on the rule, the retention or the availability of the rule are catered for by this regulation. In other words, this regulation seeks to substantiate the rule in a manner that it can be retrieved easily due to the availability of the documentation (Conklin & McLeod, 2010). In conclusion, technology has been magnificent in the lives of people in the society. Besides making life easier and evolving businesses and all the activities in general, technology has also been instrumental in medicine and the security of the pharmaceutical globally. As discussed in this paper, technology has made the information security possible and now the healthcare information about the patients, diseases and the flow of drugs can be monitored without constraints. The ePHI under the stewardship of HIPAA has made this endeavor of keeping, protecting and retrieving healthcare information the easiest of tasks than before. References Box, D., & Pottas, D. (2013). Improving Information Security Behaviour in the Healthcare Context. Procedia Technology, 9, 1093-1103. doi:10.1016/j.protcy.2013.12.122 Box, D., & Pottas, D. (2014). A Model for Information Security Compliant Behaviour in the Healthcare Context. Procedia Technology, 16, 1462-1470. doi:10.1016/j.protcy.2014.10.166 Chung, W., & Hershey, L. (2012). Enhancing Information Privacy and Data Sharing in a Healthcare IT Firm: The Case of Ricerro Communications. Journal Of Information Privacy And Security, 8(4), 56-78. doi:10.1080/15536548.2012.10845666 Coleman, J. (2004). Assessing information security risk in healthcare organizations of different scale. International Congress Series, 1268, 125-130. doi:10.1016/j.ics.2004.03.136 Conklin, W., & McLeod, A. (2010). Information security foundations for the interoperability of electronic health records. IJHTM, 11(1/2), 104. doi:10.1504/ijhtm.2010.033278 Cooper, T., Collmann, J., & Neidermeier, H. (2008). Organizational Repertoires and Rites in Health Information Security. Cambridge Q. Healthcare Ethics, 17(04). doi:10.1017/s0963180108080560 Cuff, E. (2014). The Effect and Importance of Technology in the Research Process. Journal Of Educational Technology Systems, 43(1), 75-97. doi:10.2190/et.43.1.f Fetzer, D., & West, O. (2008). The HIPAA Privacy Rule and Protected Health Information. Academic Radiology, 15(3), 390-395. doi:10.1016/j.acra.2007.11.008 Johnston, A., & Warkentin, M. (2008). Information privacy compliance in the healthcare industry. Information Management & Computer Security, 16(1), 5-19. doi:10.1108/09685220810862715 Khansa, L., Cook, D., James, T., & Bruyaka, O. (2012). Impact of HIPAA provisions on the stock market value of healthcare institutions, and information security and other information technology firms. Computers & Security, 31(6), 750-770. doi:10.1016/j.cose.2012.06.007 Krag Brotby. (2009). Information Security Governance. John Wiley & Sons Shoaf, H. (2003). Health Insurance Portability and Accountability Act (HIPAA). Plastic Surgical Nursing, 23(2), 75-77. doi:10.1097/00006527-200323020-00009 Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(“ASSIGNMENT - List relevant regulations for information security in an”, n.d.)
ASSIGNMENT - List relevant regulations for information security in an. Retrieved from https://studentshare.org/information-technology/1684124-assignment-list-relevant-regulations-for-information-security-in-an-industry-segment-of-your-choice-healthcare-hippa
(ASSIGNMENT - List Relevant Regulations for Information Security in an)
ASSIGNMENT - List Relevant Regulations for Information Security in an. https://studentshare.org/information-technology/1684124-assignment-list-relevant-regulations-for-information-security-in-an-industry-segment-of-your-choice-healthcare-hippa.
“ASSIGNMENT - List Relevant Regulations for Information Security in an”, n.d. https://studentshare.org/information-technology/1684124-assignment-list-relevant-regulations-for-information-security-in-an-industry-segment-of-your-choice-healthcare-hippa.
  • Cited: 0 times

CHECK THESE SAMPLES OF Relevant Regulations for Information Security

Information Security Program

This paper "information security Program" points out what information security governance is in a banking software company, its implementation.... The paper gives an information security policy that provides total control, hence compliance, to ensure effective information security governance.... It has also affirmed the degree of completeness of the security measures that were implemented and provided consultation services on information security particularly monitoring of threats from the internet....
14 Pages (3500 words) Case Study

What Works in Securities Laws

?? examines the influence of the security regulation in the stock market.... Also the article provides the results interpretations made in accordance with corresponding theories of security regulation (LaPorta et al, 2004).... These experts pay attention to the fact of information disclosure that is provoked by security regulation “Issuers of securities have an incentive to disclose all available information to obtain higher prices simply because failure to disclose would cause investors to assume the worst” (LaPorta et al, 2004)....
2 Pages (500 words) Essay

Investment Risk Management

Financial institutions like banks and security trading companies have components of risk management within their structures.... Financial volatility and associated risks became pronounced with adoption of electronic trading in security markets.... Allen (2012) agrees that despite risk trends suggesting an increase in security breaches, financial companies do not put enough measures to counteract data theft.... These departments should acquire relevant information concerning the level of risk faced by that company within its business environment....
5 Pages (1250 words) Essay

Critical Evaluation on the Extent of Financial Reporting Regulation

Over the years, there has been concern with regard to the problem of financial disclosure, some arguing that there is excessive regulation while others maintain that most of the firms do not disclose and such guidelines are unnecessary.... The increased growth in regulation.... ... ... on the fact that when possible defects in the world markets are identified such as the crash of the stock market in the year 1929, it is often easy to assume that regulatory measures are required to make the situation right....
7 Pages (1750 words) Essay

Economic Liberalism

Capitalism promotes freedom in such a scenario by facilitating the sale of goods and services on a competitive market where all players have full information.... These entities therefore interfere with the government's work making the regulations inefficient.... Government regulations have put in industries such as airlines, communication, truckers, and railroads to make it very difficult for competitors to penetrate through the market....
5 Pages (1250 words) Essay

The Development of Accounting and Finance Regulation

Accounting regulations are crucial to the functioning of any economy.... Various literature reviews conducted on the accounting theory and regulation shed light on the actual position on the matter of the validity of accounting regulations.... regulations create a lot of competitive distortions in the financial sector.... 'With the current highly competitive and dynamic environment, existing regulations may be too statically oriented or narrowly defined, inviting regulatory arbitrage and potentially causing competitive distortions that prevent a level playing field' (Eisenbeis, et al, 2000, P....
7 Pages (1750 words) Coursework

Information Security: Law and Policy

The need for information security is to primarily protect information from any unauthorized party.... information security is critical and necessary within any organization.... The aim of the The paper "information security: Law and Policy" is a worthy example of a term paper on information technology.... information security is critical and necessary within any organization.... information security in an organization involves ensuring that only people with rights to read, change, broadcast and use it have access to it....
4 Pages (1000 words) Case Study

Reporting in Accounting Field

There have been proponents supporting free-market regulation along with pro-regulation in the market especially for developed countries that have a well-established security market.... There have been proponents supporting free-market regulation along with pro-regulation in the market especially for developed countries that have a well-established security market.... There have been proponents supporting free-market regulation along with pro-regulation in the market especially for developed countries that have a well-established security market....
15 Pages (3750 words) Research Paper
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us