StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

Information Sensitivity and Protection of Data - Essay Example

Cite this document
Summary
Information that causes penalty, losses, personal invasion, or indiscreetness once handled inappropriately requires assignment of high sensitivity level of access and protection concerning who has access to it. Major organizations apply almost similar protection and handling…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER97.3% of users find it useful
Information Sensitivity and Protection of Data
Read Text Preview

Extract of sample "Information Sensitivity and Protection of Data"

Information Sensitivity and Protection of Data Introduction Information that causes penalty, losses, personal invasion, or indiscreetness once handled inappropriately requires assignment of high sensitivity level of access and protection concerning who has access to it. Major organizations apply almost similar protection and handling policies and in this case, we are going to be analyzing the strategies set by three leading healthcare organizations: Beth Israel Deaconess Medical Centre, Mayo foundation and Georgetown University by comparing their rules and regulations in data handling.

The outline of policies that Mayo Foundation uses in handling sensitive data, as appears in Managing Information Privacy & Security: Mayo Foundation (2002) is: There is a dedicated group running a program to oversee security policies and standards of Mayo’s general information. There are strict standards of ethical use of information, information resources, and authorization over specific information. Mayo has strong access controls to physical and electronic information and their resources.

These measures protect vital information from unauthorized access, disclosure, or circulation. Mayo protects and controls any information that it transmits outside, mostly electronic, and puts measures to ensure ethical, harmless, and authorized transfer or sharing of its information. There is emphasis on integrity with regard to vital information that prevents it from errors, unauthorized reproduction, alterations, and destruction. Mayo has measures that prevent information loss like back up systems and lost information recovery abilities.

The policies that Georgetown University Medical Centers uses in handling sensitive data, as appears in Managing Information Privacy & Security: Georgetown University Medical Centers (2007) are: There university protects the privacy of all the health information it creates, acquires, or maintains. It protects the rights of patients in accordance to disclosure and use of their medical information. It restricts its personnel from using or disclosing protected health information in inconsistent manners.

Amending of patients’ medical information is allowed, but after requests and considerations are made. It restricts use or disclosure of information to components of the university that are not health care components. Access of information is only to personnel dealing directly with the case. There are policies to limit extensive use of protected information beyond the university. The policies that Beth Israel Deaconess Medical Center uses in handling sensitive data, as appearing in Managing Information Privacy & Security: Beth Israel Deaconess Medical Technology Resources Policy (2007) are against the following: Unauthorized access, monitoring, decoding, and filtering of its data network.

Entering designated data rooms without permission. Interfering with physical or logical components of the data network. Exposing the data network to vulnerabilities such as virus. Alteration of electronic information or data. Disclosure of vital information via electronic means such as email. Common themes observed in the three organizations Access to vital information is a key concern by these organizations. There are policies put in place that emphasize of access of information to authorized personnel only.

In most cases, there are access control measures allowing specific personnel access to them. Hacking or breaking into somewhere are means of accessing information illegally, leading to further means of access control such as power switches and anti-hacking software. Disclosure of crucial information is critical in healthcare. It may have serious consequences on the patient or their relatives (Herdman, 2006). It is therefore wise to keep it as discreet as possible. In large firms with different departments, restricting disclosure to the less involved ones is a possible way of curbing disclosure.

There are also restrictions of unauthorized disclosure of institutional information beyond it, mostly by export through electronic means. The issue of data alteration is a key concerning the three organizations. Altering data interferes with crucial conclusions or actions of healthcare institutions (Iyer, Levin, Shea & Ashton, 2006). Alteration occurs intentionally by malicious staff and is preventable by having monitoring systems such as CCTV cameras in safe rooms. Accidental alterations occur in some cases such as virus attacks on databases, leading to restriction of digital uses that may expose information to such.

Destruction of data is likely to occur in any organization in form of crises such as fire, system failure, or virus attacks. Luckily, these are preventable by having fire-fighting equipment, computer back up systems and proper anti-virus software, or in the case of electronic data loss, data recovery mechanisms are available. It is evident that most of the policies applied in data protection are very similar. The observable differences are only observable in the preference of prevention tactics.

For instance, one organization goes for CCTV monitoring systems to curb the issue of unauthorized entry of staff into restricted areas whereas the other uses automatic card registration doors to lock them. The policies that enforce control and protection of information so that only those who need it for professional use access it are very important. It is evident from the essay that most of the violations to sensitive information occur within an organization. Therefore curbing this problem will go reduce the violations by a significant margin.

In addition to the internal solution, incorporating a system of detecting and warning in case of attacks to an information system is a major element in solving this issue. This is quite important owing to the fact that the world of technology fluctuates fast and being outdated on preventive measures leaves information prone to exposure, damage, and loss. References Herdman, R., Moses, H. L., National Cancer Policy Forum (U.S.), & United States. (2006). Effect of the HIPAA privacy rule on health research: Proceedings of a workshop presented to the National Cancer Policy Forum.

Washington D.C: National Academies Press. Iyer, P. W., Levin, B. J., Shea, M. A., & Ashton, K. (2006). Medical legal aspects of medical records. Tucson, AZ: Lawyers & Judges Pub. Co. Managing Information Privacy & Security: Beth Israel Deaconess Medical Technology Resources Policy (2007). HIMSS. Retrieved on October 17, 2013 from http://www.himss.org/content/files/CPRIToolkit/version6/v6%20pdf/D39a_Beth_Israel_Deaconess_Medical_Center_Technology_Resources_Policies.pdf Managing Information Privacy & Security: Georgetown University Medical Centers (2007). HIMSS. Retrieved on October 17, 2013 from http://www.himss.org/ASP/privacySecurityTree.asp?faid=78&tid=4 and http://www.

georgetown.edu/policy/hipaa/privacy.html Managing Information Privacy & Security: Mayo Foundation (2002). HIMSS. Retrieved on October 17, 2013 from http://www.himss.org/content/files/CPRIToolkit/version6/v6%20pdf/D39e_Mayo_Foundation_Information_Security_Policies.pdf

Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(“Information Sensitivity and Protection of Data Essay - 5”, n.d.)
Retrieved from https://studentshare.org/information-technology/1623572-information-sensitivity-and-protection-of-data
(Information Sensitivity and Protection of Data Essay - 5)
https://studentshare.org/information-technology/1623572-information-sensitivity-and-protection-of-data.
“Information Sensitivity and Protection of Data Essay - 5”, n.d. https://studentshare.org/information-technology/1623572-information-sensitivity-and-protection-of-data.
  • Cited: 0 times

CHECK THESE SAMPLES OF Information Sensitivity and Protection of Data

Data Governance, Quality, Integration, and Security

The policy change recommendations are aimed at improving quality of data, promoting efficient ways of sharing information, offering protection to sensitive data, managing information in its life cycle and availing trusted data critical to business.... The processes ensure that data is trustworthy and employees can be held accountable for any harmful occurrences that take place due to low quality of data.... The process needs to cover initial input of data, its standardization and refinement along the whole information flow path (Resnik & Yarowsky, 2000)....
4 Pages (1000 words) Essay

Information Sensitivity and Protection of Data (SLP)

Information Sensitivity and Protection of Data (SLP) Effectiveness of Information Security Policies of OSF Healthcare and its developed nature OSF Healthcare is one of the renowned healthcare organizations operating in the US for a considerable time period now.... The ways through which OSF could protect from the loss of its data and steps to make sure that data remains accessible in the event of a catastrophe protection of data Lost Losing any important information or data from the data base and other data storage system might significantly impact the operations of OSF, hindering its strategic goal to suffice the medical needs of the patients within due time and involving minimum costs....
3 Pages (750 words) Essay

Confidential Information: The Employee's Obligation towards the Policy

Confidential information" can be defined as any technical, financial, or business information or materials regarding the business an organization that is disclosed or given by the organization to Confidant, or that is taken from such information or materials.... hellip; Confidential information maybe disclosed in verbally in writing, visually, digitally, electronically, or physical form by the authorization of the organization. The unauthorized disclosure of information will humiliate, hurt or prejudice the organization....
13 Pages (3250 words) Essay

SLP- Information Sensitivity and Protection of Data

Components that constitutes… r the present rating may be based on factors including the fact that the organization has already put in place an in-house learning system whereby all employees and other human resource personnel within the organization are getting themselves acquainted with the new information Information Sensitivity and Protection of Data Development level of organization's information security policies On a scale from to 10, the development stage of the organization's information security policy will be placed at 7 out of 10....
2 Pages (500 words) Essay

Risk Management in Practice (an air-monitoring programme is planned)

Using direct reading instruments is however limited to the fact that only the qualitative data of specific classes of chemicals is detected and measured.... This implies that this approach is not appropriate in providing qualitative data when there are multiple classes of contaminants in the...
4 Pages (1000 words) Essay

Information Sensitivity and Protection of Data (CASE) module 5

However, with the implementation of the HIPAA Act, various problems have been witnessed as Information Sensitivity and Protection of Data: HIPAA Affiliation: Summary According to Jarrell, Welker, Silsbee, and Tucker (2012) in their article entry in the journal of American business review on effects of unintended consequences, the effecting of HIPAA Act to regulate information security has a couple of ripples that were not intended in the initial plan.... iscuss what the authors uncovered about the follow of information between staff before and after HIPAA The authors of the article “Unintended Effects of…” uncovered that the flow of data before the introduction of the HIPAA was reliable as information would travel from different personnel within limited time....
2 Pages (500 words) Essay

Information Governance as a New Area of Investment

However, in the past few decades, formation of data has escalated as much as the issues associated with its regulations and acquiescence, rendering the traditional method of records keeping unable to keep up with the pace.... A company's records can either be in form of a substantial, tangible item or digital data such as application data, e-mail and database.... Consequently, the need for a more inclusive platform for organizing data and records became apparent so as to tackle every stage involved the information lifecycle (Hovenga & Grain, 2013)....
13 Pages (3250 words) Essay

Restricted Earth Fault Protection System

The position is also referred to as unit protection zone.... As per US Standards, Restricted Earth Fault protection corresponds to the Impedance Grounded Fault protection.... Restricted earth fault protection is provided in a transformer for sensing the internal fault of the transformer.... However, the part needs to coordinate with any other protection thus; there need be noIntentional delay for operation.... However, protection is reliable if and only accurate connection of CT selection is properly done....
8 Pages (2000 words) Case Study
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us