Security Measures and Responses

/in /by

Pay special attention to the topics relating to workforce security, information access management, security awareness and training, and security incident procedures.

Based on these areas, define at least four different specific threats to our information security (beyond the example given), plus a way of managing or mitigating that threat and a plan for response in case the information does become breached by that threat type. Complete a table in Word such as the following for your assignment submission. The completed table needs to show the ability to apply the principles named in a real-life scenario. Your assignment should be at least two pages long. The first row has been completed as an example.

Type of standard or threat

Method to reduce threat

Response plan if threat is encountered

Access Establishment and modification: The facility considers how access to EPHI is established and modified.

Each system user has a unique ID and password assigned by the institution. Passwords are not shared and must be changed every 90 days to prevent unauthorized access.
Employees are trained in appropriate access and password usage.

Employee shared their ID and password with fellow employee who forgot theirs:

  1. The relevant user’s ID and password are immediately disabled upon issue discovery. A new user ID will be established for that user.
  2. The staff member is disciplined and given official warning to never share passwords.
  3. System use and audit logs for that user are reviewed by IT and HIM manager.
  4. Repeated breach will result in employee dismissal