Summary: ADM Research Hospital is part of a university system which does medical

Question

Summary:

ADM Research Hospital is part of a university system which does medical research ranging from   The system they use is a core transactional Enterprise Resource Planning system called IHN (Integrated Health Network). IHN is similar to many core systems that provide integrated applications on a common platform for financials, medical records, appointments, patient and physician information and supplies (similar to Oracle or SAP).   IHN headquarters is located in Germany, while the Research Hospital is located in Seattle WA.

Recently it has become obvious that people are storing data where it does not belong and people are accessing files and directories that they should not have access to.

Elizabeth Montgomery is in charge of the team dealing with designing, maintaining and implementing policies for users and data. You are Elizabeth Montgomery and her team. You need to respond to this incident by taking action immediately.

You will need to complete the following:  

1)Summarize the issues that face research hospitals

2)What types of policies are needed?

Explanation / Answer

The Issue

The issue is here is that the users of the IHN system are not following the correct practices when it comes to storing and saving the research data. Healthcare organizations are very particular about data and privacy as most of the revenue and advancement revolves around patents and findings from these research. As a result, the security and protection of data is of paramount importance to the healthcare industry as a whole.

By storing data where it does not belong and accessing files and directories without authority can give rise to security concerns and jeopardize the entire operation of the organization. Naturally, as a policy maker it becomes very important to put proper policies in place when it comes to storing and accessing data.

Policies

Data privacy policies are required in this case. The policies must define the importance of data and the need to store data in appropriate place. This means, the users of the IHN system must follow procedure and store data in the correct places in order to avoid misuse.

Data storage checkpoint policies are required. While the first policy (above) will define the places to store data, the team also needs to define a way of checking if the policy is being practiced. Rules are quite easy to create but the important thing is to follow these rules. Same thing applies to policies. Naturally, Elizabeth’s team must implement practices that checks that the data storage policy is followed.

Data access policies are needed. Unauthorized person should not have access to certain data. If the above policies are implemented then there is a possibility that the need for this policy will be reduced. However, there is still possibilities that people may gain access to unauthorized data. In such case, they should bring to the notice of the team instead of using the data.

Related Questions

Navigate

• Browse (All)
• Browse S
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.