www.hhs.gov/ocr/privacy, for more information about HIPAA requirements. In March 2012, the HHS settled a HIPAA case with the Blue Cross Blue Shield of Tennessee (BCBST) for $1.5 million. Read more about this case at
www.hhs.gov/ocr/privacy/hipaa/enforcement/examples/bcbstagrmnt.html. As an IT security manager at a regional health services organization, your CIO has asked for the following: an analysis of this incident, an overview of the HIPAA security requirements necessary to prevent this type of an incident, and a briefing for management on the minimum security requirements to be HIPAA complaint.
Section1: Written Paper
1.Write a four page paper in which you:
a.Describe the security issues of BCBST in regard to confidentiality, integrity, availability, and privacy based on the information provided in the BCBST case.
b.Describe the HIPPA security requirement that could have prevented each security issue identified if it had been enforced.
c.Analyze the corrective actions taken by BCBST that were efficient and those that were not adequate.
d.Analyze the security issues and the HIPAA security requirements and describe the safeguards that the organization needs to implement in order to mitigate the security risks. Ensure that you describe the safeguards in terms of administrative, technical, and physical safeguards.
e.Use at least three (3) quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.
- Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; references must follow APA format.