Category: Health & Medical

I help with homework, school assignments, typing work, and basic study support

I help with homework, school assignments, typing work, and basic study support.

One of the many responsibilities of a health care informatics professional is assessing the effectiveness of security programs and adapting strategies to address operational threats and evolving threats.

Scenario:

It has been a full year since Meridian Health Network (MHN) migrated its EHR system and patient data infrastructure to a cloud-based environment. Initial implementation included:

• Encryption-at-rest and in-transit
• Multi-Factor Authentication (MFA)
• Centralized logging and access controls
• Staff security awareness training
• Formation of an incident response team

However, over the past 12 months, MHN has experienced:

• A phishing attack compromised a nurses email, exposing appointment data
• Inconsistent patch management due to remote work and mobile device use
• Audit logs not consistently reviewed
• A third-party billing vendor breach, raising questions about business associate agreements (BAAs)

The CIO and CISO now want to assess the effectiveness of MHNs security program and adapt strategies to address evolving threats and operational gaps. You have been contracted as an external cybersecurity and risk advisor hired to perform a post-implementation evaluation and recommend adaptive strategies to MHNs C-suite.

Part 1: Security Program Evaluation

Review and assess the current security controls to determine:

• What is working well?
• What vulnerabilities or lapses have emerged?
• Were risks sufficiently mitigated with the original plan?

Do the following when completing the evaluation:

• Apply a security model such as NIST, CSF Tiers, or CIS Controls maturity levels, to evaluate MHNs current state.
• Utilize the available Security Program Evaluation Data to evaluate staff awareness and participation in upholding security practices/protocols.

Part 2: New Threats and Risk Reassessment

Based on the Part 1 analysis, identify at least three emerging risks introduced by

• Remote work and mobile device access
• Inadequate vendor risk management
• Incomplete logging or delayed audit reviews

Create a revised threat model based on these risks. Develop an updated risk register that provides the following:

• Likelihood of recurrence
• Potential business and clinical impact
• Gaps in incident response planning and/or training

Part 3: Updated Security Recommendations

Based on the evaluation, identify the updated security recommendations you have for the C-suite in a 1,000-1,250 word evaluation report. Recommendations should include the following:

• Summary of the security program evaluation completed in Part 1.
• Explanation of the new threats and risk reassessment completed in Part 2.
• Three proposed updated or new security controls/enhancements, such as Endpoint Detection and Response (EDR), Security Information and Event Management (SIEM), revised BAA policies, and third-party risk assessments.
• An implementation roadmap for the proposed security controls/enhancements.
• Discussion of budget and resource considerations related to implementing the proposed security controls/enhancements.
• Explanation of user training and change management strategies needed to implement the proposed security controls/enhancements.
• Citation of 3-5 current professional and/or academic resources that support the proposed security controls/enhancements and their implementation.

Part 4: Communication to C-Suite

Develop an 8-10 slide executive-level digital presentation that can be used to brief the C-suite about the security program evaluation findings. The presentation should include the following:

• Key lessons learned since the cloud transition.
• The three most pressing security gaps and the business implications of each.
• Cost-effective, actionable recommendations for addressing each security gap.
• Metrics and dashboards that would be applied for ongoing evaluation to ensure proposed security controls/enhancements are working/effective.
• Include a title slide, reference slide, and speaker notes for each slide.

Include speaker notes for each content-related slide that represent what would be said if giving the presentation in person. These notes should expand upon the information included on the slide and should include a minimum of 50-100 words per slide.

Part 5: Personal Reflection

Reflect on your experiences in performing the post-implementation evaluation and recommending adaptive strategies to MHNs C-suite, and address the following in 200-250 words:

• Explain how leadership should balance risk tolerance with innovation.
• Describe how an organization can maintain security awareness beyond initial training.
• Discuss the ethical and legal obligations when a third-party causes a security breach.

Note: Please add the Personal Reflection to the end of the Part 3 Evaluation Report to minimize the number of documents you must submit.

Support the assignment by citing a minimum of three scholarly resources.

Submit the risk register from Part 2, the evaluation report from Part 3, the digital presentation from Part 4, and the personal reflection from Part 5.

Solid academic writing is expected, and in-text citations and references should be presented using documentation guidelines, which can be found in the APA Style Guide, located in the Student Success Center.

One of the many responsibilities of a health care informatics professional is assessing the effectiveness of security programs and adapting strategies to address operational threats and evolving threats.

Scenario:

It has been a full year since Meridian Health Network (MHN) migrated its EHR system and patient data infrastructure to a cloud-based environment. Initial implementation included:

• Encryption-at-rest and in-transit
• Multi-Factor Authentication (MFA)
• Centralized logging and access controls
• Staff security awareness training
• Formation of an incident response team

However, over the past 12 months, MHN has experienced:

• A phishing attack compromised a nurses email, exposing appointment data
• Inconsistent patch management due to remote work and mobile device use
• Audit logs not consistently reviewed
• A third-party billing vendor breach, raising questions about business associate agreements (BAAs)

The CIO and CISO now want to assess the effectiveness of MHNs security program and adapt strategies to address evolving threats and operational gaps. You have been contracted as an external cybersecurity and risk advisor hired to perform a post-implementation evaluation and recommend adaptive strategies to MHNs C-suite.

Part 1: Security Program Evaluation

Review and assess the current security controls to determine:

• What is working well?
• What vulnerabilities or lapses have emerged?
• Were risks sufficiently mitigated with the original plan?

Do the following when completing the evaluation:

• Apply a security model such as NIST, CSF Tiers, or CIS Controls maturity levels, to evaluate MHNs current state.
• Utilize the available Security Program Evaluation Data to evaluate staff awareness and participation in upholding security practices/protocols.

Part 2: New Threats and Risk Reassessment

Based on the Part 1 analysis, identify at least three emerging risks introduced by

• Remote work and mobile device access
• Inadequate vendor risk management
• Incomplete logging or delayed audit reviews

Create a revised threat model based on these risks. Develop an updated risk register that provides the following:

• Likelihood of recurrence
• Potential business and clinical impact
• Gaps in incident response planning and/or training

Part 3: Updated Security Recommendations

Based on the evaluation, identify the updated security recommendations you have for the C-suite in a 1,000-1,250 word evaluation report. Recommendations should include the following:

• Summary of the security program evaluation completed in Part 1.
• Explanation of the new threats and risk reassessment completed in Part 2.
• Three proposed updated or new security controls/enhancements, such as Endpoint Detection and Response (EDR), Security Information and Event Management (SIEM), revised BAA policies, and third-party risk assessments.
• An implementation roadmap for the proposed security controls/enhancements.
• Discussion of budget and resource considerations related to implementing the proposed security controls/enhancements.
• Explanation of user training and change management strategies needed to implement the proposed security controls/enhancements.
• Citation of 3-5 current professional and/or academic resources that support the proposed security controls/enhancements and their implementation.

Part 4: Communication to C-Suite

Develop an 8-10 slide executive-level digital presentation that can be used to brief the C-suite about the security program evaluation findings. The presentation should include the following:

• Key lessons learned since the cloud transition.
• The three most pressing security gaps and the business implications of each.
• Cost-effective, actionable recommendations for addressing each security gap.
• Metrics and dashboards that would be applied for ongoing evaluation to ensure proposed security controls/enhancements are working/effective.
• Include a title slide, reference slide, and speaker notes for each slide.

Include speaker notes for each content-related slide that represent what would be said if giving the presentation in person. These notes should expand upon the information included on the slide and should include a minimum of 50-100 words per slide.

Part 5: Personal Reflection

Reflect on your experiences in performing the post-implementation evaluation and recommending adaptive strategies to MHNs C-suite, and address the following in 200-250 words:

• Explain how leadership should balance risk tolerance with innovation.
• Describe how an organization can maintain security awareness beyond initial training.
• Discuss the ethical and legal obligations when a third-party causes a security breach.

Note: Please add the Personal Reflection to the end of the Part 3 Evaluation Report to minimize the number of documents you must submit.

Support the assignment by citing a minimum of three scholarly resources.

Submit the risk register from Part 2, the evaluation report from Part 3, the digital presentation from Part 4, and the personal reflection from Part 5.

Solid academic writing is expected, and in-text citations and references should be presented using documentation guidelines, which can be found in the APA Style Guide, located in the Student Success Center.

Before you get started, please watch the following video:

If one person has the flu and infects others, that is a communicable disease. If a person develops diabetes because of genetics and lifestyle, that is a non-communicable disease

Writing Assignment 1.2.1 Try, Try, Try Again

Think about the last time you eventually learned something you have failed to do on previous tries and:

• Describe the behavior and how it felt to fail
• Tell why it felt that way
• Tell how it felt when you got it right
• Tell what you did differently to get it right
• Tell how you decided to change your behavior to get a successful solution

there are a total of 10 writing assignments but I would go ahead and start with one and the deadline is dedicated towards that. The other 9 I will extend due date until the 8pm tomorrow.

Assessment 2 Community ResourcesFor this assessment, you will research a selected local, national, or global nonprofit organizationor government agency to determine how it contributes to public health and safetyimprovements, promotes equal opportunity, and improves the quality of life within thecommunity and submit your findings in a 35 page report.Before you complete the detailed instructions in the courseroom, first review the local, national,and global nonprofit organizations and government agencies in the list below and select one tobe the focus of your assessment. The Arc: Advocates for the rights and full participation of all children and adults withintellectual and developmental disabilities. Alliance for Retired Americans: Advocates for the rights and well-being of retirees inthe U.S. Futures Without Violence: Works to prevent and end domestic and sexual violencethrough policy development, educational programs, and public action campaigns. The Sandy Hook Promise: Founded by families affected by the Sandy HookElementary School shooting, Sandy Hook Promise aims to prevent gun violencethrough education, advocacy, and community-based programs. Covenant House: Provides housing and supportive services to youth facinghomelessness.

One of the many responsibilities of a health care informatics professional is assessing the effectiveness of security programs and adapting strategies to address operational threats and evolving threats.

Scenario:

It has been a full year since Meridian Health Network (MHN) migrated its EHR system and patient data infrastructure to a cloud-based environment. Initial implementation included:

• Encryption-at-rest and in-transit
• Multi-Factor Authentication (MFA)
• Centralized logging and access controls
• Staff security awareness training
• Formation of an incident response team

However, over the past 12 months, MHN has experienced:

• A phishing attack compromised a nurses email, exposing appointment data
• Inconsistent patch management due to remote work and mobile device use
• Audit logs not consistently reviewed
• A third-party billing vendor breach, raising questions about business associate agreements (BAAs)

The CIO and CISO now want to assess the effectiveness of MHNs security program and adapt strategies to address evolving threats and operational gaps. You have been contracted as an external cybersecurity and risk advisor hired to perform a post-implementation evaluation and recommend adaptive strategies to MHNs C-suite.

Part 1: Security Program Evaluation

Review and assess the current security controls to determine:

• What is working well?
• What vulnerabilities or lapses have emerged?
• Were risks sufficiently mitigated with the original plan?

Do the following when completing the evaluation:

• Apply a security model such as NIST, CSF Tiers, or CIS Controls maturity levels, to evaluate MHNs current state.
• Utilize the available Security Program Evaluation Data to evaluate staff awareness and participation in upholding security practices/protocols.

Part 2: New Threats and Risk Reassessment

Based on the Part 1 analysis, identify at least three emerging risks introduced by

• Remote work and mobile device access
• Inadequate vendor risk management
• Incomplete logging or delayed audit reviews

Create a revised threat model based on these risks. Develop an updated risk register that provides the following:

• Likelihood of recurrence
• Potential business and clinical impact
• Gaps in incident response planning and/or training

Part 3: Updated Security Recommendations

Based on the evaluation, identify the updated security recommendations you have for the C-suite in a 1,000-1,250 word evaluation report. Recommendations should include the following:

• Summary of the security program evaluation completed in Part 1.
• Explanation of the new threats and risk reassessment completed in Part 2.
• Three proposed updated or new security controls/enhancements, such as Endpoint Detection and Response (EDR), Security Information and Event Management (SIEM), revised BAA policies, and third-party risk assessments.
• An implementation roadmap for the proposed security controls/enhancements.
• Discussion of budget and resource considerations related to implementing the proposed security controls/enhancements.
• Explanation of user training and change management strategies needed to implement the proposed security controls/enhancements.
• Citation of 3-5 current professional and/or academic resources that support the proposed security controls/enhancements and their implementation.

Part 4: Communication to C-Suite

Develop an 8-10 slide executive-level digital presentation that can be used to brief the C-suite about the security program evaluation findings. The presentation should include the following:

• Key lessons learned since the cloud transition.
• The three most pressing security gaps and the business implications of each.
• Cost-effective, actionable recommendations for addressing each security gap.
• Metrics and dashboards that would be applied for ongoing evaluation to ensure proposed security controls/enhancements are working/effective.
• Include a title slide, reference slide, and speaker notes for each slide.

Include speaker notes for each content-related slide that represent what would be said if giving the presentation in person. These notes should expand upon the information included on the slide and should include a minimum of 50-100 words per slide.

Part 5: Personal Reflection

Reflect on your experiences in performing the post-implementation evaluation and recommending adaptive strategies to MHNs C-suite, and address the following in 200-250 words:

• Explain how leadership should balance risk tolerance with innovation.
• Describe how an organization can maintain security awareness beyond initial training.
• Discuss the ethical and legal obligations when a third-party causes a security breach.

Note: Please add the Personal Reflection to the end of the Part 3 Evaluation Report to minimize the number of documents you must submit.

Support the assignment by citing a minimum of three scholarly resources.

Submit the risk register from Part 2, the evaluation report from Part 3, the digital presentation from Part 4, and the personal reflection from Part 5.

Solid academic writing is expected, and in-text citations and references should be presented using documentation guidelines, which can be found in the APA Style Guide, located in the Student Success Center.