This website uses cookies to ensure you have the best experience. Learn more

Team Assignment

5631 words - 23 pages

Group 1 Team Assignment
  CSEC 630- 9026
                            Jeff Daniels

                                                                 Written by:
                           Kevin Alton, Nadia Iqbal, and Alex Polevoy

                                                    

July 2015

Table of Contents
Introduction.…………………………………………………………………..………….3

Section I:
iTrust Threats & Vulnerabilities and Countermeasures.……………..…………..3

Section II:
Recommended Changes to Security Management Policies………...……………..7

Section III:
Adaption of Requirements to Reduce Security Risk……….……………....…......11

Conclusion. …………………………………….…………………………………….…21

References ...view middle of the document...

 “Unlike PCI DSS, HIPAA itself does not descend to the level of security controls and technologies to implement.  This requires the organizations affected by HIPAA—also known as “covered entities”—to try to follow the spirit of the regulation as opposed to its letter” (Chuvakin  & Schmidt, 2013).  The iTrust database contains protected health information and therefore identifies as a covered entity and must establish safeguards to protect the confidentiality, integrity, and availability of electronic data.  Compliance with HIPAA security standards in the areas of administrative safeguards, physical safeguards, stored data safeguards, and technical security mechanisms are required for an entity to achieve HIPAA compliance.  
Lack of Access Control
The lack of administrative safeguards that control information access management concluded that the iTrust website and database lack the appropriate access controls to protect and safeguard patient data.  Access controls should enable authorized users to access the minimum necessary information needed to perform job functions (HHS, 2007).  Additionally, every person accessing the system should have a unique account for accountability and auditing purposes.  HIPAA does not publish a guide with the exact security controls to achieve compliance, which is the direct opposite of PCI DSS.  Instead, HPIAA would rather an organization achieve compliance with a sincere aspiration to protect sensitive patient data instead of a “bare minimum” technical implementation that only seeks to achieve compliance. The Emergency Responder role includes multiple groups of first responders and access to patient data is not restricted or filtered.  Access control for the Emergency Responder role lacks the capability to restrict individuals from patient data while not functioning in the capacity as an Emergency Responder.  Furthermore, unauthenticated database access creates the possibility of exposing sensitive data by means of simple queries.
The lack of a viable access and authentication control mechanism can be remedied with a secure identity access solution such as Microsoft’s Forefront Identity Manager (FIM).  FIM is capable of providing preventative role-based access control, rule-based analytics of access, automated user provisioning and deprovisioning of user accounts, and access recertification and attestation.  FIM is also able to control user logon time restrictions along with defined session timeouts for user inactivity on portable or remote access connections.  With the implementation of FIM, iTrust is capable of improving security, tightening access control, and auditing compliance while adhering to the HIPAA security access control specifications.
SQL Injection Attack
HIPAA requirements stipulate that covered entities must have procedures for safeguarding data.  The new iTrust requirements will require a complex amount of custom and modified code for implementation.  These code changes introduce...

Other Papers Like Team Assignment

Team Charter Essay

381 words - 2 pages team to allow for final submission on time. • Due date for individual contributions should be set as Friday by noon for each team assignment- giving team lead ample time to compile and submit the project by Sunday. • We should be able to target the submission timeline a day before so that we have enough time to react to any contingency. Team work: • We should work together as a team to deliver the assignment and utilize the strengths of each

Organizational Behaviour Essay

434 words - 2 pages Common objectives: Our team would like to achieve an overall score of 85%. We would like to communicate on a more frequent basis and find a suitable time that we each one could log into the system to read and respond to questions that the group might have in order to meet assignment deadlines. We would assign specific roles to each team member depending on each person’s strengths and share new ideas for team development. Work organization

Gbm 380 Week 3 Dqs

353 words - 2 pages Individual Assignment Globalization Paper GBM 380 Week 2 Individual Assignment Business Organizations Paper GBM 380 Week 2 Learning Team Assignment Globalization Trends Paper GBM 380 Week 3 Individual Assignment Culture Paper GBM 380 Week 3 Learning Team Assignment Political and Legal Systems Paper GBM 380 Week 4 Individual Assignment Climate and Topography Analysis GBM 380 Week 4 Learning Team

Gbm 381 Week 5 Individual Assignment

371 words - 2 pages on whether flexible or fixed exchange rates are preferred? What is meant by a crawling peg system? How can such a system overcome the disadvantage of an adjustable peg system? Business - International Business GBM 381 Week 1 Individual Assignment Major Trade Theories Paper GBM 381 Week 2 Individual Assignment Product Life Cycle Paper GBM 381 Week 2 Learning Team Assignment Trading Position Paper GBM 381 Week 3

Acct 567 Entire Course (Keller)

497 words - 2 pages ACCT 567 , ACCT 567 Phoenix, ACCT 567 Uop help, ACCT 567 Week 3, ACCT 567 Individual Assignment , ACCT 567 Learning team Assignment, ACCT 567 Product, ACCT 567 A Graded , ACCT 567 Summary, ACCT 567 Study Guide, ACCT 567 Questions , ACCT 567 Answered , ACCT 567 Solution, ACCT 567 Final Guide, ACCT 567 Final Exam, ACCT 567 A++ Work, ACCT 567 A Graded, ACCT 567 Homework, ACCT 567 help, ACCT 567 week 1 DQ, ACCT 567 week 2

Unit 19- P1

330 words - 2 pages Unit 19- P1 Introduction to Unit 19- P1 In this assignment, I am going to be describing the different types of teams in an organisation and the benefits of using a team for an organisation. What are the different types of team in an business environment? There are 2 different types of team that organisations use: A formal team- an ordered team that is built to meet a specific purpose. All members in the team will have a distinct role

Other

391 words - 2 pages along with your individual assignment. Failure to do so will result in 1 point deduction. 10 Learning Team Participation Log # 1 A team lead will post a Learning Team participation log in their Learning Team forum. Team lead should also make sure to log who (team member) was assigned for a particular team project task and how that member handled that task. Note: Team participation points will be assigned towards the end of the course and it

Alternative Dispute Resolution

389 words - 2 pages those assignments. It is important for the team to set up clear ground rules at the beginning of class to avoid having to either bring in a mediator or even complete a peer review. Each member must understand and agree with those rules. If a team member decided to disagree during an assignment, at this time the mediation or peer review process is necessary. All teams should have a learning team charter in place to help alleviate some of the disagreements. Reference: Jennings, M. M. (2006). Business: It’s Legal, Ethical, and Global Environment (7th ed.). OH: Thomson.

Case Study

2759 words - 12 pages Team Assignment 1 Building the Team Charter Team 6 Team Assignment 1 – Creating the Written Team Charter You are now joining up with your community development project team. Remember the perceptual process and that first impressions matter – really matter. In this assignment, you will discover the competing values profile for your team. You will consider how you can work together effectively to enact all 8 practices of the fundamental

D1 Unit 19

644 words - 3 pages ------------------------------------------------- ------------------------------------------------- D1: Evaluate the teams overall effectiveness in meeting its objectives, making recommendations for improvements Introduction: This section of the assignment will evaluate the overall effectiveness in meeting objectives and making recommendation for improvements. Functioning as an effective team does not occur instantly; rather it requires

Weekly Reflection

257 words - 2 pages objectives provided us with electronic reserve reading. Being in Accounting 291 the readings will help team C with the understanding of the week’s objectives. In week Three team C had a learning team reflection and that was to choose a virtual organization for our ratio analysis memo preparation. This learning team assignment that is due in week five seem to be a bit much but, we know that it will be well worth it for our future. In

Related Essays

Learning Team Assignment

1184 words - 5 pages University of Phoenix Material Preparation for Learning Team Assignments Worksheet The ability to work collaboratively with others is a critical skill in the human services field. Learning Team assignments will help you prepare for this challenge by requiring effective communication, timely management of tasks and deadlines, and cooperative problem solving. Keep in mind that your task is not simply to complete an academic assignment

Week 3 Team A Assignment

337 words - 2 pages Week 3 Team A assignment How are the hospital’s revenues and expenses grouped for planning and control? The way of which a hospital’s revenues and expenses are grouped varies from hospital to hospital. The revenues and expenses are grouped will also vary depending upon the type of hospital, may it be for-profit or non-profit hospital. How the patient care is delivered in the hospital affects the flow of revenues and expenses

Env 100 Week 5 Learning Team Assignment Waste And Energy Presentation

293 words - 2 pages This pack of XBCOM 275 Week 8 Individual Assignment contains: Write a 350-word debate paper in which you discuss the benefits and drawbacks associated with group debates. General Questions - General General Questions 1 Title VII is most relevant to the employment context because it _____ on the basis of race, color, religion, sex, or national origin in all aspects of employment. prevents layoffs

Week 5 Professional Values And Ethics Paper (Learning Team Assignment)

2160 words - 9 pages Ethics and Values: Good Guides Toward Occupational and Educational Success Learning Team C: Names of team members Axia College of University of Phoenix Abstract What are ethics and values? Values are what a person or society hold as important and a desired behavior. Ethics are sometimes based on a collection or one value. Ethics are what is considered morally right to one or more individuals. Upholding to good values and good