[Solved] 6-1 Discussion Nine Domains of Privacy and Security
Authorization
and Access Control
Authorization
is the function of specifying access rights/privileges to resources related to
information security and computer security in general and access control in
particular (HHS, 2020). Ideally, it is any mechanism by which a system grants
or revokes the right to access some data or perform some action. Often, a user
must log in to a system by using some form of authentication. On the other
hand, access control provides subject-to-object
segregation according to a security policy implementation at a given healthcare
system (De Carvalho Junior & Bandiera-Paiva, 2018). Access control
mechanisms determine which operations the user can or cannot do by comparing
the user s identity to an access control list (ACL). It mainly controls
encompass file permissions (the right to create, read, edit or delete a file),
program permissions (the right to execute a program), and data permissions (the
right to retrieve or update information in a database).
According
to AHIMA Position Statement (2007), HIM professionals establish and maintain
organizational privacy policies and procedures, develop processes for
appropriate access to PHI, author and present confidentiality education and
training programs, and develop compliant authorization processes and practices
that respond to individual privacy and security concerns.
Click to view the full document!
View Document