ComputerScienceExpert

(11)

$18/per page/

About ComputerScienceExpert

Levels Tought:
Elementary,Middle School,High School,College,University,PHD

Expertise:
Applied Sciences,Calculus See all
Applied Sciences,Calculus,Chemistry,Computer Science,Environmental science,Information Systems,Science Hide all
Teaching Since: Apr 2017
Last Sign in: 12 Weeks Ago, 5 Days Ago
Questions Answered: 4870
Tutorials Posted: 4863

Education

  • MBA IT, Mater in Science and Technology
    Devry
    Jul-1996 - Jul-2000

Experience

  • Professor
    Devry University
    Mar-2010 - Oct-2016

Category > Programming Posted 04 May 2017 My Price 8.00

Information Assurance and Security

Two Discussion questions about Information Assurance and Security.

 

 

1.Case Study: At a teaching hospital, many medical students may be assigned to a single patient to review and learn from the cases that are present in the hospital with hands on experience. However, access to medical records is only allowed if you are actually assigned to the case. It is a policy that is reviewed at the start of each clinical rotation, and violations of this policy are monitored through the IT access logs. Violations
of this policy are taken very seriously, up to an including expulsion from med school. There was a patient who was bit by a bat and developed rabies. Rabies is common in animals, but nearly always fatal in humans. A physician proposed a very unconventional treatment, and the patient lived. This made
medical history and became a medical case study that was reviewed in many medical forums, including grand rounds (where many physicians come to hear about new technologies and treatments). After this particular grand round, the IT performed a medical records access audit. Even through the information about the case was already shared with everyone in grand rounds, there was a spike in the number of medical students accessing the patient's chart. Over 50 unauthorized accesses were discovered shortly in the week following the presentation.
When confronted about their privacy violations of the medical records, students were often genuinely surprised, and felt that this was a legitimate reason for accessing a patient's chart ­ to learn more about the case (after all, they were there to learn!) The access policies were re­written to include this as a specific example of violations, and the students were given a severe warning in their student files. A second violation would result in their
expulsion from medical school.
Were the students right or wrong to access the chart? Was the access audit effective? Was the policy effective? What other types of situations lead to violations of a privacy policy? Are audits the best way to manage these? When you know that a person may lose their job as a result of the audit that you perform but you know more of the reasoning why they did the
violation, does this create an ethical dilemma for you? 2. Discuss how IT staff and general users view downtimes differently. How can you communicate the need for periodic downtimes so that users will be
less antagonistic to your company's security needs? Discuss how this message would differ if you had to take the system down for a crisis response

Attachments:

Answers

ComputerScienceExpert
(11)
Status NEW Posted 04 May 2017 02:05 AM My Price 8.00

-----------

Not Rated(0)
Relevent Questions