[Solved] 9-2 Final Project Part II Submission: Security Plan
Introduction
The data breach at
the Utah Department of Health (UDOH) impacted more than 780,000 patients. Several
security vulnerabilities caused the breach, including lack of appropriate
security measures and lack of appropriate staff training on protecting
sensitive patients’ health information against unauthorized access. Besides,
the DOTS staff were not sufficiently trained and ready to manage cyber risks
and vulnerabilities. Specifically, they were less conversant with access
controls, secure internet connections, secure password management. Consequently,
UDOH had financial problems, which limited its efforts to manage the breach and
prevent future similar cyber-attacks. This security plan will assess the UDOH
breach and present significant measures to ensure the security and privacy of PHI
in the institution’s health systems.
Project Plan: Training Initiatives
To control
cybersecurity risks in the future, both UDOH and DOTS staff need to undergo
ongoing education and training programs on cybersecurity. Ideally, using
lectures, conferences, and role-playing, the leadership of the organization and
HIM professionals needs to organize the structure of
the education and training programs to be presented to the employees and formulate
associated films and videos, among other applicable educational and training materials,
to power the education and training program. To ensure a practical training and
education initiative, it is essential to categorize the UDOH and DOTS staff
based on several factors, including IT competence and role in the facility. We
will essentially segregate the IT staff from the other staff since they already
have a background in IT systems and cybersecurity.
Click to view the full document!
View Document