Discussion Post
Assume that you have been hired as a Chief Information Security Officer (CISO) by a local healthcare organization which has no health information privacy and security policy yet. Thus, your first assignment is to formulate a health information privacy and security policy for the organization in accordance with the HIPAA and HITECH Privacy and Security Rules. Before the development of the privacy and security policy document, your supervisor advises you to review the HIPPA and HITECH Privacy and Security regulations the organization is required to comply with.
In this discussion, address the following:
• Outline of the specific policy you propose,
• The consequences of noncompliance with the applicable laws, and
• Measures to assure the correct application of Privacy and Security Rules. Make sure to consider all perspectives of the user authentication and access controls.
The response must include a reference list. One-inch margins, double-space, Using Times New Roman 12 pnt font and APA style of writing and citations.