Details of this Paper

devry him370 full course [ all discussions all quizes all assignments and course project except final]




Question;Week 1 discussionPrivacy and Security Officer (graded)Compare and contrast the difference between the Privacy, Security, and Compliance Officer.HIPAA (graded)What was the intent behind HIPAA?Week 2 disnNotice of Privacy Practices (graded)What patient rights are identified in a Notice of Privacy Practices? Which right under HIPAA do you consider the most important?HIPAA Privacy Rule (graded)Our tutorial this week discusses PHI, PII, and DII. What are the differences between the three, and when might you use them?This section lists options that can be used to view responses.Week 3Policies and Procedures (graded)What are policies, procedures, standards, and guidelines? When might you use policies, procedures, standards, or guidelines?Enforcement (graded)Within the organization, who should be responsible for enforcing policies? Should this be an individual or a team?This section lists options that can be used to view responses.Week 4Risk Assessment and Analysis (graded)Define a risk assessment and a risk analysis. What are the benefits of both to the organization?Organizational Threats (graded)Of the three organizational threats, natural, human, and environmental, what is the most common threat, and why?Week 5Securing Information (graded)What critical elements should be included on a checklist for securing information? How might you ensure that the organization is in compliance with the checklist?Compliance (graded)How frequently should a compliance audit of a healthcare organization be completed? Who should conduct the audits?Week 6Security & Privacy Complaints & Incidents (graded)What is the difference between a breech, a complaint, and an incident? Provide an example for each.Contingency Planning (graded)What is the difference between a disaster recovery plan and a contingency plan? When might you use a disaster recovery plan versus a contingency plan?Week 7 discussionLearning Styles (graded)What are the different learning types, and how might they impact the types of privacy and security training that an organization provides?Educating, Training, & Creating Awareness (graded)Compare and contrast the differences between two of the following: training, education, and awareness. In your opinion, which is more effective and why?quizes(TCO 1) "The implementation of reasonable policies, processes, steps, and tools used to maintain confidentiality" best describes:Student Answer: 2. Question:(TCO 1) ___ enables patients to find out how their information may be used and what disclosures of their information have been made.Student Answer: ConfidentialityPrivacySecurityTechnologyAuthorizationQuestion 3. Question:(TCO 1) What does the acronym PHI stand for?Student Answer: Protective Healthcare InitiativePublic Health InformationPortable Health InsuranceProtected Health InformationPortable Health InformationComments:Question 4. Question:(TCO 2) The HIPAA Privacy Rule effective date is?Student Answer: April 14, 2001April 14, 2003August 14, 2002August 12, 1998February 20, 2003Question 5. Question:(TCO 2) Which of the following is the BEST example of an incidental disclosure?Student Answer overhearing a discussion between a physician and a patientunlocked and unattended computers or workstationsPHI on a printerreleasing information without an authorizationmedical records on the counter in the nurses stationQuestion 6. Question:(TCO 2) The Privacy Rule safeguards PHI by which of the following?Student Answer: giving individuals the right to correct mistakestelling patients how their information will be usedlimiting the use and disclosure of informationAll of the aboveNone of the aboveTCO 4) A gap analysis and risk analysis should be performed to:determine current and baseline compliance status.determine baseline and monetary compliance.determine PHI standards.INCORRECT determine risk level.None of the aboveQuestion 2. Question:(TCO 4) The Security Rule requires healthcare managers to perform an initial risk analysis to determine which of the following?Specific unauthorized usesDisclosuresData integrity losses that could occur to PHIAll of the aboveNone of the above:Question 3. Question:(TCO 4) The outcome of a risk analysis is dependent upon which of the following?Results that the organization wants in returnThe management of the organization?s risksEfforts to maintain reasonable security measuresWhat an organization wants to protectNone of the aboveInstructor Explanation: Chapter 12, page 183Question 4. Question:(TCO 3) Which item is most appropriate to develop checklist items to determine security violations for computer log-in monitoring?: Procedures for creating, changing, and safeguarding passwordsProcedures for monitoring log-in attempts and reporting discrepanciesPeriodic security updatesAll of the aboveNone of the aboveQuestion 5. Question:(TCO 3) What is a standard?provides fewer supporting details for meeting policy requirementsprovides supporting details for meeting policy requirementsprovides details on how the policy will be implementedprovides details on the organization's positionNone of the aboveInstructor Explanation: Chapter 13, Page 186Points Received: 5 of 5Comments:Question 6. Question:(TCOS 3 and 7) Select the appropriate guideline for dealing with medical information requests.Make sure it is an unsecured telephone line.Verify caller?s medical information.Do not supply information unless there is written patient consent.Provide medical information without patient consent.None of the above(TCO 9) Which of the following should be included within your training and awareness strategy?A strategy to use marketing techniques to raise training budget.An identification of states to create preemption procedures.A procedure for measuring the overall effectiveness of the awareness and education program.A procedure for answering complaints related to HIPAA compliance.None of the aboveQuestion 2. Question:(TCO 5) Access controls consist of:identification.authentication.authorization.All of the aboveNone of the aboveQuestion 3. Question:(TCO 6) What is the order HIPAA recommends an organization follow when responding to and reporting a security incident?Identify and respond to incidents, mitigate harmful effects, and document incidents and outcomes.Document incidents and outcomes, identify and respond to incidents, and mitigate harmful effects.Mitigate harmful effects, document incidents and outcomes, identify and respond to incidents.None of the aboveQuestion 4. Question:(TCO 6) What should be in place prior to responding to an incident?A disaster recovery plan and an expert teamA formal response procedure and an expert teamA contingency plan and an expert teamNone of the above:Question 5. Question:(TCO 6) What is the difference between an incremental and differential backup?Incremental does not mark the files as being backed up.Differential does not mark the files as being backed up.Incremental backs up files that have not changed.Differential backs up files that have not changed.None of the aboveQuestion 6. Question:(TCO 5) To address backup and storage requirements, an organization should:implement procedures for removal of electronic protected health information from electronic media before the media are made available for reuse.develop policies and procedures to address the final disposition of electronic protected health information and/or hardware of electronic media.create a retrievable, exact copy of electronic protected health information, when needed, before movement of equipment.determine appropriate storage requirements for the media.None of the aboveassignmentsAssignment: Position Description AnalysisYour homework for this week will be a Position Description Analysis (30 points).Using outside resources, such as AHIMA (, IAPP (, or a local or national newspaper (,, etc.), find either position descriptions or vacancy announcements.You should find a position description or vacancy announcement for both a Privacy Officer and a Security Officer (Information Security). If you are unable to find either, please contact your instructor for additional resources or help.Please feel free to reference the sample position descriptions for a Privacy Officer and Security Officer, available on pages 362 and 364 of your textbook, for comparison.Write a 1,000?1,500 word, APA-formatted paper summarizing each job description. Be sure to compare and contrast the positions, and include a comparison of the required credentials, education, and responsibilities and duties.Attach to this assignment the position description or vacancy announcement, or provide a link in the reference section of the paper.You will be graded on the following elements.summary of each job description (10 points)compare and contrasting of positions, including a discussion of the credentials, education, and responsibilities and duties (10 points)references and APA formatting (5 points)attachments of position description or vacancy announcement (5 points)Submit your assignment to the Dropbox located on the silver tab at the top of this page. For instructions on how to use the Dropbox,See the Syllabus section "Due Dates for Assignments & Exams" for due date informatioAssignment: Policy AnalysisYou will be given a policy format and some security issues which should be addressed by a policy. Based on your review, you will rewrite the policy, develop a plan for addressing the security issues through policy, and develop a plan for communicating the policy. For more instructions and to view policy, review the Policy and Security Analysis Assignment document. You can also find the instructions in Doc Sharing.Submit your assignment to the Dropbox located on the silver tab at the top of this page.Assignment: Risk AnalysisYou will be given a set of anticipated threats. You will then be asked to discuss potential controls and any breach of confidentiality activities. Based on this information, you will create a risk analysis and plan. For more instructions, view the Risk Analysis Assignment document. You can also find the instructions in Doc Sharing.Submit your assignment to the Dropbox located on the silver tab at the top of this pageAssignment: Risk AnalysisYou will be given a set of anticipated threats. You will then be asked to discuss potential controls and any breach of confidentiality activities. Based on this information, you will create a risk analysis and plan. For more instructions, view the Risk Analysis Assignment document. You can also find the instructions in Doc Sharing.Submit your assignment to the Dropbox located on the silver tab at the top of this pageAssignment: Privacy Compliance ChecklistThis week, you will develop a checklist for the Privacy Officer to use during walkthroughs of the healthcare organization. Upon implementing this new process, you will also need to convey this process to the employees. For more instructions on this assignment, view the Privacy Compliance Checklist. You can also find the instructions in Doc Sharing.Checklist (15 points)Evaluation Criteria (15 points)Submit your assignment to the Dropbox located on the silver tab at the top of this pageAssignment: Standard Operation Procedure - Emergency PreparednessWhat will you do in the event of a disaster? This week, you will examine your home environment to identify what types of disasters can affect your life. To find out how to create your Emergency Preparedness Standard Operating Procedures, view theEmergency Preparedness document. You can also find the instructions in Doc Sharing.Submit your assignment to the Dropbox located on the silver tab at the top of this page. For instructions on how to use the Dropbox,Course Project: Privacy Officer AssessmentObjectiveProject RequirementsThe objective of the course project is to tie together all the TCOs in a comprehensive manner, while giving students the chance to take on the role of Privacy Officer.Hospital BackgroundFor your course project, you will play the role of a Privacy Officer. You have been asked by management to develop the content of an organization?s security and privacy training and awareness program. You will select privacy and security topics that need to be communicated to all workforce members, and you will develop a plan. In addition, you will create a presentation to introduce your proposal.Medical Center of DeVry is a leading healthcare organization specializing in pediatric healthcare and has an expanded network of physicians and pediatric specialists. It is the beginning of the fiscal budgetary year, and all assessments, improvement projects, and proposals are due within the next 30 days. As Privacy Officer, you will have to create a privacy and security plan. This process will consist of three components: an assessment of the organization, a training and awareness program, and a communication plan.The purpose of the assessment is to review the current condition and the effectiveness of your privacy and security program in order to move forward with HIPAA?s privacy and security requirements.Once the assessment is complete, you will use the results to make a decision about improvement tools, and you will create a training and awareness plan. The purpose of the training and awareness plan is to bring awareness to the organization for a collaborative effort in improving the privacy and security of the facility. The plan will, preferably, focus on areas that need special attention, such as issues related to HIPAA compliance, including physical safeguards.Once both the assessment and the training and awareness plan are complete, you will then need to develop communication tools to convey to the rest of the organization.Assessment FindingsYou completed your assessment and found that several policies are out of date or are missing critical elements. You submitted a plan to management, and management has approved your proposed actions to implement two new policies, to create two reporting tools to ensure easy compliance with the new policies, and to train employees on the new policies and tools. Following the directions below, create the new policies, reporting tools, and inform staff of training. Once you have completed these three elements, compile all the information into a fifteen minute presentation that you will give to management discussing your overall findings, policies, tools, and the training conducted.Required ElementsA. PoliciesBased on your review, you determined that specific polices related to incident reporting and physical safeguards need revising. Develop two separate policies, using the template below, to address the following topics.Incident ReportingAddress what types of incidents should be reported to include:Inappropriate use of a computerRelease of information to patients and outside agencies or individuals without authorizationAddress the expectations for reporting to include:Time Frame in which employees need to reportHow employees will reportOutline the procedures for reporting incidents to include:Who receives complaintsHow complaints are investigatedHow notification to affected individuals occursPhysical SafeguardsSecuring workstations to include:Auto lock featureSecuring equipment, such as laptopsRecord disposal to include:Electronic media such as hard drives and CDsPaper documentsUse the following template:B. Reporting ToolsAfter completing the policies and procedures, you determine that it will be useful to develop some new tools to reinforce compliance of the revised policies and procedures.Your reporting tools should consist of the following:An incident reporting form that includes the following elements:Date of incident,Type of complaint or incident,Complaint details, andStaff questioned or involved.A checklist for security staff to use for audits and compliance that includes the following elements:Document disposal,Media disposal, andUnsecured workstations.C. Communication ToolsCommunicate the new policies and tools to employees of the organization. This will be helpful in training employees in order to have direction on privacy and security efforts for the year.Your two communication tools could be in the following format:A flyer, brochure, intranet announcement, e-mail, handout, poster, or other form of communication.In addition, your communication tools need to address:Why training is being provided,Dates of training, andLocation of training.D. PresentationYou now have to prepare a presentation of your findings and overall evaluation of the privacy and security program for the executive leaders. The presentation should be 15 minutes in length, with approximately 15-20 slides. Your presentation should include privacy and security plan details such asthe purpose of plan,what your assessment revealed, that is, problems identified,the policies created,the reporting tools developed, andthe communication tools. GuidelinesMilestonesProjects must follow APA formatting, including 12-point font, double spaced lines, a cover page, and a works cited.Use at least six authoritative, outside references (anonymous authors or web pages are not acceptable), one reference may be the textbook. These should be listed on the last page titled "Works Cited."Appropriate citations are required.All DeVry University policies are in effect, including the plagiarism policy.Projects are due during Week 7 of this course.Any questions about this project may be discussed in the weekly Q & A discussion topic.This paper is worth 230 total points and will be graded on documentation and formatting, policies and procedures, creation of reporting tools, communication tools, and presentation.Grading RubricsComplete Policies and Procedures by Week 2Complete Creation of Reporting Tool One by Week 3Complete Creation of Reporting Tool Two by Week 4Complete Communication Tool One by Week 5Complete Communication Tool Two by Week 6Complete all remaining components, including compilation of assignment by Week 7CategoryPoints%DescriptionDocumentation & Formatting105Use APA formatting, including cover page, 12-point font, 1 inch margins, and works cited.Policies and Procedures6026Create a policy using the standardized format provided.Creation of Reporting Tools6026Create two unique tools to enforce the policy created.Communication Tools4017Create two tools, and discuss the training being provided on the new policy and tools.Presentation6026Provide a 15-slide presentation discussing new changes, that is, policy, tools, and communication efforts.Total230100A quality paper will meet or exceed all of the above requirements.Best PracticesCover Page -Include who you prepared the paper for, who prepared the paper, and the date.The following are the best practices in preparing for the final project.Policies and Procedures -Use the standard format provided in assignment 2 (Week 3) to ensure that all elements are addressed.Creation of Reporting Tools -Use the format provided in assignment four (Week 5) to ensure that the appropriate information is provided for the checklist tool.Communication Tools -Creation of these tools can be done through a variety of media, most students use Word or Publisher to create flyers, brochures, posters, and e-mails.Presentation -The presentation should be created using PowerPoint, ensure that background information is supplied as well as all three elements, including policies and procedures, tools, and communication tools.Work Cited -Use the citation format specified in the Syllabus.


Paper#58613 | Written in 18-Jul-2015

Price : $132