Mac Neal Hospital Information Security Policy - Essay Example

In the contingency plan, Mac Neal Hospital should address how they plan to expand its medical service and cater to the increasing population. How they plan to store and protect the information gotten from patients. Since disasters occur all the time, the hospital should also put in place security measures to ensure that health records are not destroyed in the processes. The hospital is located near a missile silo and an Air Force base. Hence, the risk of a possible terrorist targeting the hospital is high. The plan should address the data recovery method they plan to employ in case of a disaster. The plan should also address how they plan to access and keep up to date the information that they would be receiving from patients.

A risk assessment plan is an essential element to Mac Neal Hospital. Not only does the document address the possibility of foreseen risks but it also gives solutions. In regard to the technology upgrades, the hospital plans to engage the federal funding. Mac Neal's hospital is certain it will receive the funding as the funding aims at the improvement of health information systems in rural areas. The hospital also has the aim of linking its systems to an academic health care organization. This is important as the academic health care organization has bigger and better systems that are essential for backup services.

The Health Insurance Portability and Accountability Act (HIPAA) security rule advocates safeguard patients' information (Sullivan, 2004). The act covers three major safeguards, Administrative, Physical and technical. Administrative safeguards will deal with administrative actions such as selection, implementation, maintainability, and development of security measures. Physical safeguards will on the other hand deal with physical policies, measures, and procedures related to the protection of equipment from environmental hazards. Technical safeguards are policies that protect access to electronic health information (Sullivan, 2004).

Mac Neal Hospital is in the process of doing away with the old gadgets they have been using and install new technology. This is, in turn, will improve on efficiency as physicians will be able to acquire information on their patients anywhere. Though this is an achievement, it is also a risk of a security breach. There have been incidents of a security breach by ex-employee from other hospitals and Mac Neal is not taking any chances. So as to be compliant with the HIPAA security rule, the hospital's CIO is planning on developing strategies on methods of data retention, data destruction, and data availability.

Having a data repository will come as a great advantage to Mac Neal Hospital.  A data repository will enable massive storage of patients’ information which is important to any hospital. Information on patients will be keyed into the database and backed up. Storage of information is essential as it facilitates retrieval of the contents later. Mac Neal Hospital is also aiming to improve efficiency in service delivery. Having a data repository will enable physicians’ access to a patient’s medical records at any time and place. This, in turn, will save time, hence efficiency. Another advantage of having a data repository is that medical records can be updated when need be. This, in turn, ensures that the information stored is correct and up-to-date.