Best Care Community Profile for Development of the Information Security Program
Best Care Community (BCC) has hired you as a chief information security officer (CISO) to create and implement an information security program. Throughout the years, BCC has conducted its information security in an ad hoc, reactive manner with a few security technicians. With the growth and proliferation of information threats, an aggressive and disciplined security strategy and posture is now required to ensure that BCC can protect its data and assets.
Information Security Tasks for Developing the Information Security Program
As the CISO, you are responsible for completing the following tasks in support of developing the information security program:
· Develop the BSS enterprise strategic plan aligned to established business objectives. The plan will include:
· Information security mission and objectives
· Balanced scorecard for each domain
· Control framework and its major security areas to be assessed (COBIT or ISO 27002)
· SWOT analysis of the internal and external assessment
· Operational action plan based on the information security objectives
· Create key performance indicators (KPIs) to measure the BCC enterprise strategic plan
· Develop BCC’s information security budget
· Prepare a capital budget plan
· Create a process for vendor management
Note: You will submit weekly milestone assignments in Weeks 1-5. Additionally, in Week 5, you will submit a summary proposal of your BCC information security strategy recommendations. Use this profile as a reference and resource.
Best Care Community Mission and Objectives
Best Care Community Mission
BCC’s mission is to enable the community and the individuals within it to enjoy maximum health by providing illness and injury care with the utmost excellence and compassion.
Patient Satisfaction
Patient satisfaction is the foundational strategy by which Best Care Community will attain its mission. It encompasses patient outcomes, compliance scores, patient and visitor experiences within the hospital, and the community’s perception of Best Care Community as a corporate neighbor and community member.
Increase Revenue
Providing excellent care requires money. Best Care Community seeks to maximize revenue wherever ethically possible through a strategy that captures, retains, and grows revenue.
Maximize Operational Efficiencies
Maximizing operational efficiencies helps Best Care Community get the most value out of each dollar of revenue. Efficient operations also directly affect the patient experience and overall patient and visitor satisfaction.
Gain Positive Returns on Capital Investments
Ensuring that new initiatives show a tangible return on investment (ROI).
Business Objectives
Best Care Community has identified the following objectives to support its mission and strategies:
· Improve the patient experience
· Broaden the revenue mix among the enterprise
· Improve operating efficiency
· Improve enterprise financial heath
· Cultivate informed leadership
· Hire key professional talent
· Develop employees through formal professional development programs
· Introduce new technologies to improve workflows, processes, and patient services
· Increase employee productivity
· Leverage assets and resources to centralize and automate processes
· Reduce the total cost of ownership (TCO) with respect to the IT infrastructure and HIT systems
· Leverage cloud-based solutions to improve fiscal and operational efficiencies
Best Care Community Profile
Best Care Community has one acute care hospital that operates with the common health IT (HIT) systems supporting these typical services:
· Clinical functions
· Radiology
· Cardiology
· Laboratory
· Bedside monitoring
· Infusion management
· Emergency department
· Labor and delivery
· Critical/urgent care (internal and external)
· Physician offices (internal and external)
· Non-clinical functions (business/finance/registration)
· Patient billing
· Patient registration
· Patient scheduling
· Reporting
· Materials management
· Bed capacity management
· Health information management
· Critical enterprise HIT systems (these are the heart of the HIT system components)
· Electronic health record (EHR)/electronic medical record (EMR)
· Clinical decision support (CDS)
· Patient registration system
· Patient billing system
Best Care Community Information Security Objectives
Using this initial set of information security objectives, BCC has tasked the CISO to develop the BCC information security program. The CISO will review the list of information security objectives for accuracy and completeness, using the following guidelines:
· Protect the confidentiality, integrity, and availability of the BCC data, assets, and systems.
· Reduce exposure to regulatory fines.
· Prevent loss of business due to malicious disruption.
· Avoid tarnished reputation from a significant data breach.
· Create a risk-based security culture through a proactive risk management framework.
· Establish countermeasures to protect BCC’s data and assets from theft, disclosure, or misuse.
· Improve compliance with security regulatory requirements, such as HIPAA, FDA, and DEA.
· Ensure BCC can continue business operations in the event of a significant information security incident.
· Develop information security employees through formal professional development programs.
Best Care Community Balanced Scorecard
The CISO has the task to complete an information security balanced scorecard based on the traditional four-domain model, as seen in Figure 1 below, that includes four domains consisting of:
· Financial
· Internal business processes
· Learning and growth
· Customer
The information security scorecard supports BCC’s information security strategic planning efforts. The BCC asks the CISO to align information security activities to the BCC objectives using the following model where the objectives, initiatives, and means of measurement are charted for each of the four domains to support the BCC’s mission and strategy. Maintaining the balanced scorecard will help BCC monitor its performance against the strategic business objectives and information security initiatives.
Collepals.com Plagiarism Free Papers
Are you looking for custom essay writing service or even dissertation writing services? Just request for our write my paper service, and we'll match you with the best essay writer in your subject! With an exceptional team of professional academic experts in a wide range of subjects, we can guarantee you an unrivaled quality of custom-written papers.
Get ZERO PLAGIARISM, HUMAN WRITTEN ESSAYS
Why Hire Collepals.com writers to do your paper?
Quality- We are experienced and have access to ample research materials.
We write plagiarism Free Content
Confidential- We never share or sell your personal information to third parties.
Support-Chat with us today! We are always waiting to answer all your questions.
