StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

Health Insurance Portability and Accountability Act - Essay Example

Cite this document
Summary
The paper "Health Insurance Portability and Accountability Act " states that generally, the 1999 regulation GLBA (Gramm-Leach-Bliley Act) affects auditing requirements by demanding the guarantee of the protection and confidentiality of customer data…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER98.8% of users find it useful
Health Insurance Portability and Accountability Act
Read Text Preview

Extract of sample "Health Insurance Portability and Accountability Act"

HW Questions HW Questions Question One The 1996 regulation HIPAA (Health Insurance Portability and Accountability Act) affects auditing requirements by ordering organizations to conduct privacy risk evaluations and training their workers in confidentiality protocols. These evaluations and training call for changes in auditing requirements by the respective organizations (Natan, 2005, p. 329). The 1999 regulation GLBA (Gramm-Leach-Bliley Act) affects auditing requirements by demanding the guarantee of the protection and confidentiality of customer data. When accessing customer data that requires compliance with mandates from this regulation, organizations will have to consider and include auditing requirements (Natan, p. 332). SOX (Sarbanes-Oxley Act) demands the recording of the system used by management in an effort to evaluate its efficiency and announce any errors or weaknesses. This documentation is always subject to auditing requirements that may require constant revision (Natan, p. 333). Lastly, the 1386 regulation California Senate Bill mandates the proper requirements and abilities to be aware of any access to private California resident data by unauthorized parties. Identifying any such breaches requires the business to base its auditing requirements on effective privacy measures (Natan, p. 335). Question Two Auditing should include schema, stored procedures or activators, user freedoms, and other DDL changes. From protection, compliance, structure management, and procedural perspectives, these factors are vital collectively (Natan, p. 357). DDL instructions are most likely the most destructive instructions today and allow intruders to compromise any network with absolution from a security point of view. Numerous regulations made organizations and individual data users audit all changes to data configurations from a compliance point of view. Compliance requisites for schema modifications during auditing are frequently the same as the requisites characterized as under structural management and IP administration initiatives. As a result, an external party will be able to maliciously alter, utilize, and roll back schema to its original form. These functions can occur without the authorized user noticing, particularly when the entire process occurred within less than 24 hours (Natan, p. 358). Question Three The DML audit trails discussed in Section 12.9 reveal how one can selectively determine the items and instructions that need auditing. This determination comes about through unsophisticated and rough calculations. More specifically, Ben Natan anticipates DML audit trails by choosing to form them for a subsection of the database tables presented and given login details (Natan, 2005, p. 370). In his essay, Abrams uses a new model that appears to be an ingredient in an oversimplified database structure. This structure accommodates the promise for an ideal rational organization of previous, current, and future information (Jajodia, Gadia, and Bhargava, n.d., p. p. 595). In Section 12.9, every bitemporal association facilitates the maintenance of an “Update-Store Relation” by Natan’s database activity model (Natan, 2005, p. 371). In contrast, Abrams’ Essay 25 exploits its simplified model to enable further the automatic production and analysis of incidents that take place in the database structure. Consequently, Abrams identifies and dissuades security breaches (Jajodia et al., n.d. p. 590). Question Four One technique for auditing selection is random sampling, which entails the choosing of items from a sample so that every item has an even opportunity for selection. Random sampling needs the usage of arbitrary and figure tables or computer software to assure that every population sample has an even opportunity for selection (Natan, p. 394). Auditing selection can also occur through methodical sampling, which entails choosing of each consecutive item from a sample following an arbitrary beginning. Haphazard sampling is the auditing selection of items from a given sample without considering any recognized features of any of these items. This technique is mostly useful in auditing selection when the user wants to rid of any conscious bias during the process. The fourth technique is block sampling, which entails the choosing of items from a given sample in connecting blocks. Lastly, purposive or fixed sampling is another technique for auditing selection that entails the choosing of items from a given sample using some predetermined standard (Natan, p. 396). Therefore, the auditor has to choose audit books receivable for verification centered on the scale of due balance. Question Five Extensions to auditing that are essential to support non-repudiation include the double hyphen (--) sign alternative, PGP (Pretty Good Privacy), GPG (Good Privacy Guard), and DBA (Database Auditing) systems (Natan, p. 391). The -- sign alternative puts a signature generated with the user’s confidential key inside the encoded files to support non-repudiation requisites. PGP applies the RSA (Rivest-Shamir-Adleman) open-key cryptosystem to come up with a solution for the requirement of confidential information and between parties over a digital channel (Natan, p. 395). GPG is the same as the PGP but applies an open-source cryptosystem. PGP and GPG extensions are useful for auditing by ratifying files and documents for non-repudiation purposes. Lastly, DBA systems serve as extensions with a security placement enables them to reserve an audit trail (Natan, p. 395). This ability is possible through repudiation features that different users can modify or remove. Question Six I support the claim that monitoring all database activity is insufficient to ensure security. Monitoring all incoming and outgoing requests requires tracking and reporting. Monitoring alone cannot impose adequate pressure on the surveillance of a database system by security providers and users. Unsuccessful attempts to escalate privileges is a strong sign that an intrusion is ongoing. Monitoring cannot notes attempts to escalate privileges, especially by external parties. In this case, logging is essential for identifying such attempts. Like logging, reporting errors or failed attempts employs a series of standards and the data that is easily accessible for developing a starting point for ensuring security in a given database (Natan, p. 347). The solution to ensuring security in a given database is through privacy. Organizations that attempt to monitor all database activity cannot guarantee the security of private data and risk humiliation, fines, and occasional losses. Question Seven An auditing system should automatically provide remediation. Databases require an auditing mechanism that enables the automatic fixing of problems. Remediation is a design solution that does not just audit. Remediation also characterizes and applies a policy that assists in problem-solving processes (Natan, p. 391). Databases with remediation often identify these problems through auditing activities, which I think is better than a separate auditing framework. Automatically fixing problems should be integral in database security since it is far more proficient when an organization delivers and enforces it in cycles. References Jajodia, S., Gadia, S. K., and Bhargava, G. (n.d.). Logical Design of Audit Information in Relational Databases. Essay 25, Logical Design of Audit Information in Relational Databases, 585-95. Natan, R. B. (2005). Implementing Database Security and Auditing. New York, NY: Elsevier Inc. Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(“HW Essay Example | Topics and Well Written Essays - 1000 words”, n.d.)
Retrieved from https://studentshare.org/information-technology/1690791-hw
(HW Essay Example | Topics and Well Written Essays - 1000 Words)
https://studentshare.org/information-technology/1690791-hw.
“HW Essay Example | Topics and Well Written Essays - 1000 Words”, n.d. https://studentshare.org/information-technology/1690791-hw.
  • Cited: 0 times

CHECK THESE SAMPLES OF Health Insurance Portability and Accountability Act

Utilitarianism in the Health Care System

The philosophical view tends to go against the Health Insurance Portability and Accountability Act (HPAA) in the health sector.... This paper provides detailed information on how employing the philosophical view of utilitarianism in the health care system hinders the provision of patient-focused care as one of the issues supported by Health Insurance Portability and Accountability Act.... he above information indicates that the philosophical view of utilitarianism tends to go against some of the critical issues addressed in the Health Insurance Portability and Accountability Act....
3 Pages (750 words) Essay

Impact of the HIPAA Privacy Rule and Implications for Future Generations

Impact of the HIPAA Privacy Rule and Implications for Future Generations Overview According to the US Department of Health and Human Services (2007), “The Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule is the first comprehensive Federal protection for the privacy of personal health information.... The Rule came as a requirement from the Health Insurance Portability and Accountability Act of 1996.... Impact of the HIPAA Privacy Rule and Implications for Future Generations Overview According to the US Department of Health and Human Services (2007), “The Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule is the first comprehensive Federal protection for the privacy of personal health information....
1 Pages (250 words) Essay

Impact of the HIPAA Privacy Rule and Implications for Future Generations

Impact of the HIPAA Privacy Rule and Implications for Future Generations [Name [Faculty [Course, Course # [Date Impact of the HIPAA Privacy Rule and Implications for Future Generations According to the US Department of Health and Human Services (2007), “The Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule is the first comprehensive Federal protection for the privacy of personal health information.... The Rule came as a requirement from the Health Insurance Portability and Accountability Act of 1996....
5 Pages (1250 words) Term Paper

Regulatory Laws and Policies

Among the acts that are implemented by the HHS include The Health Insurance Portability and Accountability Act (HIPAA) of 1996 and The Patient Safety and Quality Improvement Act (PSQIA )of 2005 (Frimpong & Rivers, 2009).... The Health Insurance Portability and Accountability Act is a federal legislation or law which gives patients a right to control all forms of Protected Health Information (PHI).... In accordance to this act, PHI represents Individually Identifiable Health Information (IIHI) which is acquired from the patient and stored within the health facility (Furrow, 2011)....
5 Pages (1250 words) Essay

The Health Insurance Portability And Accountability Act

The Health Insurance Portability and Accountability Act (HIPAA) was endorsed by the congress of the United States in 1996.... he Health Insurance Portability and Accountability Act of 1996 (HIPAA) institutes innovative values for the progress and utilization of health care information.... Title I of the Act perks up the portability and stability of wellbeing insurance treatment for thousands of American people and their families.... All together, these rules have a foremost impact on the everyday functioning of the state's hospitals and influence almost every part of every individual that presents or pays for healthTitle I of HIPAA standardizes the accessibility and span of group and entity health insurance strategy....
7 Pages (1750 words) Research Proposal

The Health Insurance Portability and Accountability Act

In the paper 'The Health Insurance Portability and Accountability Act' the author analyzes a national law that protects a patient's rights to privacy.... As a Medical Administrative Assistant, it is important to understand and uphold this law to protect your patients' health information.... nswer:Sally violated the rights of John as she was supposed to call him on his personal number that he had recorded in the health information form.... Moodey's office for information regarding John's health as he was unconscious and unable to give a medical history....
3 Pages (750 words) Essay

Impact of Health Insurance Portability and Accountability Act on the Health Research

From the paper "Impact of Health Insurance Portability and Accountability Act on the Health Research" it is clear that generally, Health Information Management (HIM) director is usually the custodian of all the health information in a health facility.... he Health Insurance Portability and Accountability Act are meant to protect the health information about patients.... With this act of protection of patient's health information and assurance of privacy, the HIM director has, therefore, no authority to release some details and information about the patients participating in the drug trial research as it will be a breach of HIPPA's rules and standards....
3 Pages (750 words) Assignment

Health Insurance Portability and Accountability Act Compliance in Medical Information Security

This paper "Health Insurance Portability and Accountability Act Compliance in Medical Information Security" tells that with the rising cases of medical records security breaches, the prevalence of ransomware attacks, effectively securing our medical data has become a matter of great concern.... First, as a health facility, we are obligated to be Health Insurance Portability and Accountability Act (HIPAA) compliant.... Therefore, we have undertaken and continue to conduct periodic HIPAA health security analyses and undertaking the necessary steps to patch the detected vulnerabilities....
3 Pages (750 words) Term Paper
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us