Instructions

Course Objective for Assignment:

Examine the implications of ethical, legal, and regulatory policy issues on health care

information systems

Assume that you have been hired as a Chief Information Security Officer (CISO) by a local

healthcare organization which has no health information privacy and security policy yet. Thus,

your first assignment is to formulate a health information privacy and security policy for the

organization in accordance with the HIPAA and HITECH Privacy and Security Rules. Before the

development of the privacy and security policy document, your supervisor advises you to review

the HIPAA and HITECH Privacy and Security regulations the organization is required to comply

with.

In this assignment, address the following:

Outline of the specific policy you propose,

The consequences of noncompliance with the applicable laws, and

Measures to assure the correct application of Privacy and Security Rules. Make sure to consider

all perspectives of the user authentication and access controls.

Your 3-4 pages double-spaced APA formatted assignment excluding the Title and References

pages and containing 2-3 credible sources