Choose one of the Security Risk Assessment Videos to watch
Summarize the main points of the video
Share your plan to improve your knowledge of security basic.
REPLY TO 2 OF MY CLASSMATES DISCUSSION TO THE ABOVE QUESTIONS AND EXPLAIN WHY YOU AGREE. MINIMUM OF 150 WORDS EACH
CLASSMATE POST 1
I watched the “Security 101: Security Risk Analysis” video for this week’s discussion post. A risk-management system strengthens how an organization identifies potential risks and how to prevent them from happening (., 2018). The first step in managing a risk-management system is to perform a security risk analysis. In a security risk analysis, it is crucial to identify how information is stored (i.e. hard drives, CDs, mobile devices), where the information goes (i.e. providers within and outside the organization, backup hard drives), and how information is transmitted (i.e. e-mail, fax, shared network drives). Once this data is collected, the next step is to identify and document possible threats, such as hackers, natural disasters, and power outages, and weaknesses in the security controls. After assessing current security measures and calculating probabilities of potential risks, strategies are developed to prevent those threats from occurring and to correct such actions should those threats occur. (The Office of the National Coordinator for Health Information Technology, 2014)
To improve my knowledge of security basics, I will continue to watch the other videos provided by the HealthIT.gov website and explore other resources that the website has to offer. I will also review chapters in our class textbook that discuss information security in the healthcare setting.
Hebda, T. L., Czar, P., & Hunter, K. (2018). Handbook of Informatics for Nurses & Healthcare Professionals (6th ed.). Pearson Education (US). https://ambassadored.vitalsource.com/books/9780134748436
The Office of the National Coordinator for Health Information Technology. (2014, April 17). Security 101: Security risk analysis. HealthIT.gov. Retrieved October 9, 2022, from https://www.youtube.com/watch?v=hNUBMLVr9z4&t=429s
CLASSMATE POST 2
The video Security 101: Contingency Planning discusses designing a course of action for organizations to effectively respond to an unexpected event or future event that may or may not happen. In healthcare, it is designed to help protect electronically protected health information (ePHI) (Office of the National Coordinator for Health IT, 2014). The unpredictable nature of life and business shows the need for a contingency plan which is also a requirement of the HIPAA Security Rule. The plan also outlines methods to restore data. It involves five essential elements: data backup, disaster recovery, , testing and revision procedures, applications, and data criticality analysis; where the first three are a requirement for all health institutions under the HIPAA rule, while the other two are addressable (Office of the National Coordinator for Health IT, 2014). A contingency plan is crucial to improve healthcare provision and comply with HIPAA regulations.
Security information is always evolving and requires an elaborate plan to gain knowledge continuously. I plan to enroll in a short course covering security to provide the foundation for my security knowledge. It will inform me of the basics and allow more focused learning on complex issues. There are several free online courses on security that I can enroll into implement the first stage of my plan (Mohamed Shakeel et al., 2018). Secondly, I will engage in online research of journals and articles relating to security in healthcare to improve my knowledge further. Several platforms, such as HealthIT.gov, provide recent articles on healthcare security that would allow me to remain updated with trends and new information (Mohamed Shakeel et al., 2018). Next, I will assess the in one healthcare organization to understand the application of the knowledge learned and to gain some practical knowledge on how various elements work. I believe my plan will significantly improve my knowledge of security and privacy.