Security Incident
Summary:
ADM Research Hospital is part of a university system which does medical research ranging from The system they use is a core transaction Enterprise Resource Planning system called (Integrated Health Network). IHN is similar to many core systems that provide integrated applications on a common platform for financials, medical records, appointments, patient and physician information and supplies (similar to Oracle or SAP). IHN headquarters is located in Germany, while the Research Hospital is located in Seattle WA.
Recently it has become obvious that people are storing data where it does not belong and people are accessing files and directories that they should not have access to.
Elizabeth Montgomery is in charge of the team dealing with designing, maintaining and implementing policies for users and data. You are Elizabeth Montgomery and her team. You need to respond to this incident by taking action immediately.
You will need to complete the following:
- Summarize the issues that face research hospitals
- What types of policies are needed?
- What core principles apply here?
- What would be the best framework to use for a research hospital?
- What User Domains should there be?
o Be sure to define who the groups are
o What files and folders containing what type of data should they have access to?
- How would you go about implementing the changes?
Presentation
This presentation must be supported by the research paper.
Please note the following criteria:
Research paper:
- Research Paper must be in APA Style
- Research Paper must have at least 5 works cited of which 2 must be peer reviewed works/articles (note your book can be included as a reference)
- Must be at least 10 double-spaced pages with standard 1 inch margins.
- 6 pages of prose
- Limit the number of bulleted lists
- Prose + charts + figures = 10 pages
- Total report should be 10 – 12 pages
Completeness of the Topic (Policy, Processes, Action, Conclusion)
Presentation Delivery
Alignment of policy
– Meets Standard Criteria
– Completeness/content
– Incident Risk Policy as Attachment
– Logic of Processes and Actions (Thoroughness)
– Alignment of the Incident Risk Policy components in completing and supporting the evaluation