Case study 2: health care data trends

Case Study 2: Health Care Data Trends
Due Week 9 and worth 70 points

Imagine you are an Information Systems Security Officer in the health care sector. Your supervisor recently read an article titled “Top 11 Trends for 2012 in Healthcare Data, According to Industry Experts” located at http://www.darkreading.com/insider-threat/167801100/security/news/232301377/top-11-trends-for-2012-in-healthcare-data-according-to-industry-experts.html, and has concerns with your organization’s position on these trends and potential data breaches resulting from implementation of these trends. He requested you review the article and develop a report that identifies the five (5) most significant risks, governing U.S. compliance laws, and recommendations to mitigate risks.

Write a three to five (3-5) page paper in which you:

1. Choose the five (5) trends presented in the article that you deem to pose the most significant risk and explain why for each.
2. Identify which U.S. compliance laws govern for each risk identified and summarize the implications.
3. Evaluate how security policies, procedures, and practices can be utilized to mitigate each risk identified.
4. Recommend appropriate security controls that may be applied to mitigate each risk identified.
5. Explain how the security controls can be monitored on a continual basis.
6. Use at least three (3) quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.

Your assignment must follow these formatting requirements:

• Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; citations and references must follow APA or school-specific format. Check with your professor for any additional instructions.
• Include a cover page containing the title of the assignment, the student’s name, the professor’s name, the course title, and the date. The cover page and the reference page are not included in the required assignment page length.

The specific course learning outcomes associated with this assignment are:

• Describe the role of information systems security (ISS) compliance and its relationship to U.S. compliance laws.
• Explain the use of standards and frameworks in a compliance audit of an IT infrastructure.
• Analyze information security systems compliance requirements within the User Domain.
• Analyze information security systems compliance requirements within the Workstation and LAN Domains.
• Use technology and information resources to research issues in security strategy and policy formation.
• Write clearly and concisely about topics related to information technology audit and control using proper writing mechanics and technical style conventions.