The Information Technology in Terms of Security for the Institution - Assignment Example

? Introduction The Information Technology industry has been one of the most outstanding industries in the 21st century. This is from the fact that the contemporary world works more efficiently with the use of the multiple resources present in the industry. For optimal activity, business plans need to incorporate the services of the Information Technology sector. A medical clinic/office is important in every neighborhood and the security aspect of the facility bears primary importance. A well laid out plan is imperative prior to the establishment of an institution and in this case, it involves the recognition of various job descriptions to assign to different employees over ranging working periods. Exterior Security from the Office The medical institution is to be named St. Mary’s Hospital and will have 126 employees that will majorly work with the Information Technology perspective. One of the key aspects to ensure is the physical security of the premises. Fifteen employees will be directed towards this feature. The training of these employees will ensure increased safety of the other employees and the information in the medical office. The responsibility of these employees comprises the watching over of the exterior part of the facility. The employees are supposed to observe who goes through the gate and ensure that they run their identification cards through the laser machine present at the gate. The running of the identification card will ensure that their information gets fed into the system and thus accounting for their presence. Shifts are required in this sector and the job will be run by 10 employees during the day and vigilance taken over by the other 5 during the night. The importance of the shifts is to ensure that the workers get enough rest to keep watch at all times. Exterior Security at the Gates For the optimal results of this strategy, the Information Technology officers in the medical facility should communicate with the officers guarding the gates physically. The cooperation involves the security officers in the medical office informing the gate guards that they have recorded information about the visitors in their database and thus they have the freedom to access the facility. With this collaboration, there is the assurance of maximum security concerning the physical accessibility to the facility. Two physical security guards are required during the day that will bear professional IT gadgets to scan the cars and people that enter the facility. At night, the shift is taken over by two other employees. Reception Upon entrance into the facility, the visitors head straight to the reception area. This area involves around ten employees running the systems. At this point, the visitors offer their information such as the department that they are interested in visiting and feed the receptionists information on the purpose of their visit. After this, the receptionist responsible for the visitor feeds information into the database and includes data about the purpose of the visit. This information having location in the database system increases the security of the organization, fast service and optimal pleasure for the visitors. Internal Security Another responsibility taken is the assurance of security for the office internally. Despite the fact that the organization is small, security in terms of cameras is very important. There should be the employment of these cameras to ensure that activities run effectively without any form of hitches. Corruption is one of the components of many of the offices in the 21st century, due to this; the manager should allocate around 2 employees the responsibility of watching over the running of the organization through the cameras. Moreover, the camera reception should not only run by the security office but also a live feed should run to the manager’s office. It is also important to note that the manager should have at least two personal assistances that will assist in the coordination of phone calls and data running to the manager’s office. The two receptionists will alternate day and night shifts. I.T Hardware Security For the assurance of a well running office, it is important to have a standby Information Technology expert. This expert should not only have the role of maintenance of the Information Technology systems but also supposed to run various other activities in the activity. The maintenance should only apply as an added advantage to the expert through which he has the ability to have added income. The maintenance responsibility of this worker involves the regular checks of the running of the systems to avoid any incompetence (Bilham 148). I.T Software Security Around five other information technology experts in terms of software systems are required for the office to run effectively. These experts are important for the recovery of information whenever software hiccups happen in the running of the organization. As opposed to the other physical assistance who corrects all the problems involving the hardware aspects of the Information Technology system, these software experts are full time employed. This is because despite the fact that the office will employ certified workers, some of the systems are too complicated to deal without assistance of these experts. Secretarial Responsibility Another job description important in the medical office is that of a secretary. The office requires around 40 secretaries for the achievement of the full service. These secretaries require certificates showing their expertise and approval from major institutions. These secretaries will be working on different scales and at different times. The secretaries have very many activities to carryout and thus cannot work on a 24hr timeline. This is the point where the necessity of having more shifts comes in handy. The 40 employees are divided in a manner that 25 of them will be working during the day while15 of them will be working at night. This will not be a consistent mode of working as they cycle will be changing after every one month. After a visitor is allowed inside the office, the next step involves the receptionist reaching out to the secretaries and asking for the focus on the particular case at hand. The secretaries should run through the information in an effort to assist the client in a rather fast manner. The information should be treated with the highest amount of security possible as the Information Technology aspect of an institution is the most accessible in terms of bleaching and hacking. The night shifts require covering in all aspects from the fact that the health of people is unpredictable and some may get emergencies even late in the night. On top of the certificates and the credentials that the secretaries bear, there should be further training on the security of the Information Technology aspects and the creation of firewalls to prevent any outside hackers that may have ill motives. The security of the patient documents is rather optimal also from the fact that loss of them could lead to a compromise in the health and private life of the client. Emerging Trend in I.T in Relation to a Medical Office Due to emerging trends in the field of medicine, some of the officers required in the office are homeopathic officers. These will comprise around 50 of them in an effort to assist the patients. The training process of these officers will include a three-week daily routine through which they familiarized with the various Information Technology machines associated with the field. Homeopathy is one basic concept that both small and large medical offices should facilitate as an exploration field from the simplicity yet importance that it bears in society. The evidence of this is from a medical article on homeopathy published on 15 March 2011 by Jeff Gordinier. The article talks about the job description of an average person by the name Alex Ott. In the article, Ott states that his work involves the mixing of cocktails and other related chemicals in an effort to produce beverages that please people. In the carrying out of his activities, accidents may happen and he may accidentally bruise himself. He states that when such an occurrence takes place, he relies on simple homeopathy for a resolution and when the case is more serious, a health facility is always convenient. This shows the efficiency and simplicity of which homeopathy is and can be employed in any size of a medical office provided the credentials are right. For these officers, it is important to have a working plan in which they will have the ability to rest. Homeopathic officers require full concentration and a fresh mind to work effectively. It is from this fact that they will be divided into groups of 12 to13 in which they will run for a full 6 hours upon which there will be a change in shifts. The working of the IT machines that these officers operate with is another factor that leads to the change of shifts. The officers should not operate the machines through which they run tests for the drugs with a tired mind as this may lead to further compromise in the security of the institution through data loss and unaccounted for errors. Training Plan/HIPPA Training Plan Employee Training Period No. of Employees Medical Billing Procedures Training Medical Nurses The training period for professional medical nurses should take around 36 months. 40 employees All payments to be done on the nurses should be carried out by the manager of the small office. The training process involves the feeding of database information to acquire news regarding the patient. Doctors The training period for the doctors should take 42 months 50 employees The insurance company responsible for the facility mostly carries out payments that should be done on the doctors. The training involves attendance of a medical school for professional and yet technical knowhow for the signing out of patients after check up. Exterior Security officers from the Office Exterior security officers from the office should take 12 months to train 15 employees Funds got from the insurance company ought go to the manager who should distribute to the Exterior Security officers at the office Training involves the clearing of visitors’ names from the office before entrance. Exterior Security officers from the Gates Exterior security officers from the gates should take 6 months to train 4 employees Funds got from the insurance company ought to go to the manager who should distribute to the Exterior Security officers at the gates. The training involves physical check up at the gates before entrance and exit. Receptionists The receptionists should take around 6 months in training. 10 employees Receptionists should receive their funds electronically at their workstations at each salary period. They are responsible for clearing admittance forms for the patients to see the doctors and acknowledge their exit and hence that is the training base area. Internal Security Officers These officers should take around 3 to 5 months to train 2 employees The current procedural database should be responsible for all payments to the internal security officers Training involves the clearing and allowance of various personnel into designated rooms for security purposes. I.T Hardware experts The I.T expert should take 12 months in training 1 employee The electronic Data Interchange should make the payments for the hardware expert Training involves the check up of the general systems for manual exterior repair for increased safety in the facility. I.T Software Experts The I.T software expert should take 18 months in training 5 employees The electronic Data Interchange should make the payments for the software experts Training involves the study of various software security systems such as creation of firewalls for authorized signing in only. HIPPA For the readiness assessment of the small office using HIPPA in relation to IT security, the small office will work with full cooperation with the patients and the information stored in the data base system must have total release certification by the client. The information systems through the software experts will be secure from all sorts of hacking and the business entity must have a license of operation (Miller 3). Focusing on gap analysis, this will involve continuous review on the policies and operational guidelines in the I.T sector in an effort to find improvement in the requiring security areas. After this, the manager who forwards it to the responsible authorities runs all information (Miller 4). Risk analysis involves the small medical office having the ability to review the operational systems ability for the organization in a bid to understand the risk factors that the running of the Information Technology systems faces in a bid to avoid all types. After this, the implementation Plan comes in as the next step that involves cooperation with an outsourced HIPAA organization for assistance in the creation of an implementation plan that covers all Information Technology using departments in the small medical office for improved tips on how to increase security of the systems (Miller 5). After the implementation plan, the following step is the visiting of the office by a professional HIPAA I.T consultant to assist in carrying out the implementation plan physically by installing all required up to date I.T systems that are free of corruption and hacking accessibility. The final stage is the monitoring of regulation changes that will involve the observation of the running process of the Information Technology systems after the implementation of the various changes in the medical office to ensure that they are in proper working conditions (Miller 6). In the hospital, one of the issues that affect the entire facility is coordination of the employees to a maximum. Due to the high number of employees, it is rather difficult to locate the various members of staff in time for the various medical activities they are bound to carry out. The directors of a particular faculty find it rather stressful organizing the staff in an effort to accomplish the various set goals of the institution. An example is in the case of preoperative services (Kristen 145). This faculty has had various issues in terms of the coordination of activities. However, in this situation, the issue is rather the fact that the director was always in time prior to the operation under review and this made the staff in the particular faculty displeased. This led to the development of cold feelings towards the director a factor that saw the early retirement of the director. As of this moment, the faculty is advertising for the post of director of the various services. One of the challenges that the institution has as an entity is competition. Despite the fact that competition is an encouraged concept in any form of organization, there is a point at which competition ceases to deal with the offering of quality patient services and related virtues. Rather than this, it escalates to a point where the goals involved are just to gain prestige and reputation and seek the attainment of a price in the lifeline awards (Miller, 2011). Several organizational departments in the institution have developed that attitude towards work and the upper management of the hospital has installed some strict measures to deal with these perpetrators. The fact that the upper management has brought in a resolution to the problem is one subsequent problem in real essence. This is from the fact that the hospital employees always look up to the upper management with fear of scrutiny. This fear of scrutiny is one that leads to the employees failing to report various issues in the institution that can well get a resolution from the upper management. This kind of relationship is experienced between the departments of Gastroenterology and the upper management as a whole. Another challenge experienced is the acquisition of capable well-trained employees to deal with in the sector of rehabilitation. Many of the patients in this faculty have various reactions to medication. Some may react in an irrational manner spurring a fight in the faculty while others may just lead on baseless arguments. The human resource in this sector is supposed to be capable enough of fighting with this menace but many are times that the achievement of this is sidelined. This is the point at which the other faculty staff tend to scrutinize the work done by this department and assess it as poor and that they play a role in reducing the rate of development in the hospital. This problem has led to a feud in the various departments at Saint Mary’s Hospital and Health Centre. The Information Technology sector has also received a lot of pressure from the upper management of the institution. The scrutiny is in terms of the quality of facilities that it has given considering that the hospital is located in one of the biggest cities in the United States. Sometime back the running of electrical machinery in the institution was rather slow and this led to the suspension of a number of employees in the field. Despite the fact that the issue between the upper management is yet to be resolved to full completion, the fact that strictness is characteristic of the upper management has assisted in curbing this (Sullivan 201). There are various laws and regulations that healthcare institutions operate under. The Health Insurance Portability and Accountability Act is one act that has a very important role in the regulation of these operations (Sullivan 91). The privacy rule is one rule that facilities are supposed to work under. The privacy of the organizations is in the manner that the information provided by patients is supposed to be held with close and personal attention to the specific doctor treating the patient in serious cases. This issue of privacy has implicated a lot in the human resource management of Saint Mary’s Hospital and Health Centre. This privacy rule has both the positive and negative implications to the human resource. This is in the manner through which the provision of various symptoms by patients encourages the doctor to carry out research in the specific field with people in the faculty. The law does not allow the passage of information to unrelated faculties despite the fact that the information may be of effectiveness later on. This is from the fact that this would seem as a breach of the contract between the patient and the doctor. This is one law that has been of great implication in Saint Mary’s Hospital and Health Centre as is the case between related departments such as Internal Medicine and Colon/Rectal surgery (Volzer 68). The security rule is one rule that has greatly implicated the security department in the hospital. The security rule is split into three major divisions. These three divisions comprise administrative safeguards. These safeguards are the ones that show the manner through which the hospital is ready or rather equipped to deal with issues regarding policy breaching. Saint Mary’s hospital holds this as the major security division as it assists in the administration of security over the rest two divisions too. The security procedures identified in the divisions go as far up in the administration as that they affect the security administration of the board of trustees running the hospital. The other rules and regulations involving security are in terms of physical safeguards. Security guards are employed to ensure that these safeguards are in place (Volzer 53). These guards are instrumental in securing the organization against the intrusion of unwanted people. These guards are a very important aspect of human resource as they assist in the resolution of several other problems such as erratic patients and family members in the hospital. The Saint Mary’s Hospital and Health Centre observes this law by ensuring the posting of various security guards in different areas in the organization. There are also the technological safeguards that involve Information Technology experts to handle the protection of the various patient and human resource files carefully (Sandler 59). One of the greatest factors that affect the relationship among employees is the age difference. Many employees of the contemporary world graduate and go straight into institutions such as Saint Mary’s (Peterson 79). One of the major problems in the institution is that there is the reluctance of the older generation doctors to retire and hence face a rather tough time getting along with the new employees. This may be due to the different education backgrounds experienced by the practitioners (Adams 44). Another factor leads to rocky relationships between employees is the level of education. Some practitioners get into Saint Mary’s with high qualifications while there are those attain even higher grades and enter the same institution. This often leads to a high attitude of discrimination from the brighter students towards the less bright ones. The less bright ones feel threatened also by the others and hence the atmosphere in the human relations tends to be that of tension. The third factor that leads to this misunderstanding between employees is the fact that some patients tend to prefer several doctors due to their general nature as compared to others. This in turn generates a sense of jealousy that is very poor in a health institution (Miller 11). There are various rationales used in the allocation of various job descriptions and other activities in the organization. One of the rationales that offer various position descriptions is the review of the medical certificate that the potential employees bear. There are various departments in the hospital and the review of these certificates comes in handy to understand the specific field of medicine to put someone. There is also the recruiting that involves a much larger field such as the security personnel. In this sector, the rationale used is looking at the commendation letters and the behavioral background of the employees. For the selection of the best candidate for a particular job description, the most outstanding in terms of grades among the nominees is handpicked for the job. Conclusion The Information Technology aspect as identified is one major one in terms of security for the institution. Observing the rubrics associated with effective organizational management is vital for the effectiveness of the medical office. The team involved in a day-to-day basis of running the organization is responsible for the security of the organization from the activities that it involves itself. Work cited Miller, Tom. The Health Insurance Portability and Accountability Act: More Than we bargained for, and less. Retrieved on 29th April 29, 2012 from http://www.cato.org/pubs/journal/cj22n1/cj22n1-1.pdf Volzer, Radolf. Understanding Patient Safety Confidentiality. Health Information Privacy. 2012. Retrieved on 18th April 2012 from http://www.hhs.gov/ocr/privacy/psa/understanding/index.html Sullivan, Jared. HIPPA: A Practical Guide to the Privacy of Health Documents. New York: McGraw Hill Publishers, 2010. Print. Adams, Pierce. Medicare and Entrepreneurship. New York: Cengage Learning, 2009. Print. Sandler, Mason. Critical Analysis in Development Planning. Chicago: Chicago University Press, 2010. Print. Peterson, Davis. Business Planning. New York: Palgrave Macmillan, 2012. Print. Kristen, Rose. Contemporary HIPPA. London: Oxford University Press, 2010. Print. Billham, Anderson. Business Management. Chicago: Chicago University Press, 2010. Print. Read More