What options are available for health information system acquisition?

/in /by

Many health care leaders struggle with identifying the advantages and/or disadvantages when adopting a new or improving a current health information system. Many organizations are opting out of acquiring a new health information system due to the high monetary cost. Meanwhile, other health care organizations face resistance from employees and other stakeholders over system implementation . Overall, system acquisition is a challenge for most health care leaders.

Review each of the following articles :

  • Managing the data explosion
  • Catholic health partners to acquire Kaiser Permanente Ohio
  • Mergers and acquisitions may be hazardous to health IT

In your discussion post, refer to these articles as you answer the following questions:

    • What are at least three of the barriers faced by health care leaders in adopting health information systems
    • Can these barriers be prevented?  Explain your answer.
    • What options are available for health information system acquisition?
    • What system of checks and balances could be used to eliminate or reduce resistance?
    • How do culture and/or behavioral factors influence acquisition?

How do rights and responsibilities relate to principles of quality in health care?

/in /by

Please respond to following the question in 100-250 words. Please support ALL posts with outside sources.

 

Advance Directives

When a patient is in a situation where they are not able to make certain health care decisions, advance directives come into play. The best gift you can give your family is to already have these decisions made for them so the fighting is eliminated or at least reduced. I have 2 large families and have been through this more times than I would’ve liked unfortunately. It is one of the most unsettling experiences. I also think we need to change the culture when it comes to these decisions. Every time you get on a plane, you are warned of what to do should it crash. This doesn’t stop anyone from flying.

We need to think about the talk of advance directives the same way. A necessary discussion that hopefully is not needed, but just in case……….They are not foolproof and there will still be conflict and disagreement at times, but it is still better to have something than nothing. The truth is it is impossible to account for every possible situation.

 

Are you aware of the Five Wishes? http://www.agingwithdignity.org/five-wishes.php

 

Death With Dignity/Aid in Dying

We would remiss if we did not discuss the recent case of Brittany Maynard, the 29 year old with terminal glioblastoma (brain cancer) who moved to Oregon before dying to be able to use the law to end her life to benefit her own wishes about choosing to die rather than dying painfully in front of her family. She died earlier this week on her own terms.

 

What are you thoughts about this case? How can we learn from and use this information as health care leaders? What do you think about language choice? People will vote for the option to have “aid in dying” or “death with dignity”, but don’t like “euthanasia”, “suicide” or “mercy killing”. Does language matter? Why or why not? Even the one making the choice may not appreciate the different nuances of language. They may not want to be perceived as having committed suicide.

 

http://www.npr.org/blogs/thetwo-way/2014/11/03/361094919/as-planned-right-to-die-advocate-brittany-maynard-ends-her-life

 

http://www.deathwithdignity.org/advocates/national

 

(Does your state (Mississippi) have a “Death with Dignity” Act?)

 

Hospice as an Ethical issue

Can you explain and support with a reference as to why hospice care is controversial and considered an ethical issue?

 

Patient Rights

 

  1. a) Patient bill of rights

(1) Respect and dignity

(2) Confidentiality

(3) Refuse treatment

(4) Disclosure of financial and other incentives

(5) Information for decision making

(6) Communication

 

  1. b) Informed consent

(1) Scope of consent

(2) Duty to disclose

(3) Special issues – Minors or emergencies

 

  1. c) Emergency care (EMTALA)

(1) EMTALA duty to screen and stabilize

(2) Community call plans (CCP)

(3) Emergency room overcrowding

(4) Disaster and surge planning

We all know patients have rights (many are listed above), but what about the importance of their responsibilities to their health care team? Can you explain one or two? How do rights and responsibilities relate to principles of quality in health care?

 

 

 

What are the ways health care prevention, quality, and reporting have changed under health care reform/Affordable Care Act (ACA)?

Describe potential implications for health care administrators

/in /by

Research the health problem with the following question:

 

How does this health problem exemplify the “ determinants of health” ?

  • Brief description of the disease… What parts of the body or functions are affected by this condition? What are the symptoms or indications for diagnosis?
  • What treatments are deemed most effective for this condition?
  • What is the scope of this health problem nationally? What implications does it have on a societal level?
  • What are some potential implications for health care administrators? For instance, you may wish to consider reimbursement, coordination of health care services, clinical and nonclinical staffing needs, etc.With this in mind, write a 2 to 3-page paper in which you:
    • Summarize the findings of your research, addressing the questions listed above
    • Describe potential implications for health care administrators

    Note: Use at least four resources (including the Learning Resources) for your research. Include in-text citations and a reference list for all the resources you use.

discuss how the compliance law requirements and business drivers for the health care provider’s workstation domain might differ from the DoD’s workstation domain security compliance requirements.

/in /by

 From your computer workstation, create a new text document called Workstation Domain Lab #6.

 

2. Consider the following scenario:

 

You are a security consultant for an information systems security firm and have a new health care

 

provider client under HIPAA compliance. Your new client wants to know the requirements and

 

business drivers for securing the workstation domain in its health care environment. Your new client

 

requires compliance with HIPAA. Similarly, your firm has a U.S. government DoD client that also

 

wants you to perform a workstation domain compliance audit per DoD workstation hardening guidelines

 

and baseline requirements.

 

 

3. In your text document, discuss how the compliance law requirements and business drivers for the health care provider’s workstation domain might differ from the DoD’s workstation domain security compliance requirements.

 

 

4. Launch your Web browser and in the address box, type the Web address http://cve.mitre.org.Browse the

 

site, and then in your text document, identify the risks, threats, and vulnerabilities commonly found in

 

 

 

the workstation domain.

 

 

5. Change your Web address to http://iase.disa.mil/stigs/index.htmlReview the Security Technical

 

 

 

Implementation Guides (STIGs) available and the proper implementation of security based on DoD’s

 

 

workstation/desktop hardening guidelines. In your text document, discuss three STIGs and the DoD’s

 

workstation/desktop hardening guidelines.

 

 

6. Change your Web address to http://iase.disa.mil/stigs/downloads/pdf/unclassified_Desktop

 

ApplicationsGeneral_V4R1_STIG.pdf. You will download the pdf document from the IASE/DISA website.

 

Review the Desktop Applications General Version 4, Release 1 document. In your text document,discuss

 

this document’s significant points. Then, review the following concepts from this overarching DoD

 

standards document for desktop hardening, and in your text document, discuss the significant points

 

of two of these topics:

 

 

 

a. Appropriate backup strategy does not exist

 

b. Public instant message clients are installed

 

c. Peer to Peer clients or utilities are installed

 

d. Execution Restricted File Type Properties

 

e. Open-restricted File Type Properties

 

 

7. Change your Web address to http://iase.disa.mil/stigs/os/index.html#Review the Windows OS security

 

guidelines by clicking the +Windows tab toward the top of the page, clicking on Windows 7 and

 

Windows 2008, and then clicking on the Guidance Documents tabs. Determine which technical

 

controls are appropriate for Windows 7 and Windows 2008. Note these in your text document.

 

8. On the left side of the website, click the STIGs Master List (A to Z) linkScroll down the list tolocate and

 

then download the following Windows OS security guideline documents/zip files:

 

a. Windows 7 STIG (you will see several Windows 7 STIG options; click the one with only a Version

 

 

 

number and a Release number after STIG)

 

 

b. Windows 2008 STIG (you will see a couple of Windows 2008 STIG options; click the one with only

 

a Version number and a Release number after STIG)

 

 

Once you’ve downloaded the Windows 7 STIG ZIP file to your desktop, double-click the ZIP file to extract

 

the Windows 7 STIG folder. Double-click the folder to open it, double-click the Windows 7 Manual

 

STIG ZIP file to extract the Windows 7 Manual STIG folder, double-click the folder to open it, and then

 

double-click the Windows 7 STIG Manual XML file to open it. Review some of the following concepts.

 

In your text document, list each of these and discuss a significant point about each:

 

 

 

a. Display Shutdown Button

 

b. Clear System Pagefile

 

c. Removable media devices

 

 

Hands-On Steps 45

 

 

 

 

6

 

 

d. Halt on Audit Failure

 

e. Security Configuration Tools

Next you will work with the Windows 2008 STIG ZIP file on your desktop. Double-click the ZIP file to

 

extract the Windows 2008 STIG folder. Double-click the folder to open it, double-click the Windows

 

2008 DC Manual STIG ZIP file to extract the Windows 2008 DC Manual STIG folder, double-click the

 

folder to open it, and then double-click the Windows 2008 DC STIG Manual XML file to open it. Review

 

 

 

some of the following concepts and vulnerabilities for configuring and hardening Windows 2008

 

 

Domain Controllers. In your text document, list each of these and discuss a significant point about

 

 

 

each:

 

a. System Recovery Backups

 

b. Caching of Logon Credentials

 

c. Dormant Accounts

 

d. Recycle Bin Configuration

 

e. Password Uniqueness

 

f. Printer Share Permissions

 

 

9. Change your Web address back to http://cve.mitre.org/Review the National Cyber Security Division

 

 

 

of the U.S. Homeland Security Department’s CVE listing hosted by the Mitre Corporation. To access

 

 

the CVE listing, click CVE List in the left-hand column to reach the CVE List Main Page. In your text

 

document, discuss how workstation domain OS and application software vulnerabilities are housed

 

in the CVE listing. Next, click the National Vulnerability Database link on the CVE homepage or CVE List

 

Main Page. In your text document, discuss how vulnerabilities are housed in the National Vulnerability

 

Database. Discuss how this is both a security control tool and an attack tool used by hackers.

 

10. Write an executive summary to summarize the top workstation domain risks, threats, and vulnerabilities and include a description of the risk mitigation tactics you would perform to audit the

 

workstation domain for compliance. Use the U.S. DoD workstation hardening guidelines as your

 

example for a baseline definition for compliance.

 

 

11. Submit the text document to your instructor as a deliverable for this lab.

 

46 Lab #6 | Auditing the Workstation Domain for Compliance