For the Course Project students will play the role of a privacy officer. You are asked to develop the content of an organization’s security and privacy training and awareness program.
You have been asked by management to develop the content of an organization’s security and privacy training and awareness program. You will select privacy and security topics that need to be communicated to all workforce members, and you will develop a plan. In addition, you will create a presentation to introduce your proposal.
Hospital Background
Medical Center of DeVry is a leading healthcare organization specializing in pediatric healthcare and has an expanded network of physicians and pediatric specialists. It is the beginning of the fiscal budgetary year, and all assessments, improvement projects, and proposals are due within the next 30 days. As privacy officer, you will have to create a privacy and security plan. This process will consist of three components: an assessment of the organization, a training and awareness program, and a communication plan.
The purpose of the assessment is to review the current condition and the effectiveness of your privacy and security program in order to move forward with HIPAA’s privacy and security requirements.
Once the assessment is complete, you will use the results to make a decision about improvement tools, and you will create a training and awareness plan. The purpose of the training and awareness plan is to bring awareness to the organization for a collaborative effort in improving the privacy and security of the facility. The plan will, preferably, focus on areas that need special attention, such as issues related to HIPAA compliance, including physical safeguards.
ASSignment
You completed your assessment and found that several policies are out of date or are missing critical elements. You submitted a plan to management, and management has approved your proposed actions to implement two new policies, create two reporting tools to ensure easy compliance with the new policies, and to train employees on the new policies and tools. Following the directions below, create the new policies, reporting tools, and inform staff of training.
Once you have completed these three elements, compile all the information into a 15-minute presentation that you will give to management discussing your overall findings, policies, tools, and the training conducted.
Once both the assessment and the training and awareness plan are complete, you will then need to develop communication tools to convey to the rest of the organization.You now have to prepare a presentation of your findings and overall evaluation of the privacy and security program for the executive leaders. The presentation should be 15 minutes in length, with approximately 15–20 slides.
Your presentation should include privacy and security plan details such as
- the purpose of plan;
- what your assessment revealed, that is, problems identified;
- the policies created;
- the reporting tools developed; and
- the communication tools.