Create a thorough and detailed security policy for PNRM that is industry compliant.
Scenario:
Pacific Northwest Remote Medicine (PNRM) provides preventive and emergency medical care in the remote regions of the Pacific Northwest of the United States. There are currently five PNRM locations. Due to its remote locations, PNRM does not have direct access to the medical expertise found in metropolitan areas. PNRM can perform many of the tests required but does not have the medical staff to properly diagnose all situations that may arise. As a result, PNRM has partnered with several prominent hospitals in the greater Seattle, Washington metropolitan area. PNRM will perform the examinations and tests on site. It will then send the results of the tests electronically to the hospitals in the Seattle area for further consultation. Because these files will often contain images as results of the testing the files are often very large, over 100 MB, but need to be sent in a timely manner.
All of PNRM’s locations are in remote areas. These areas are subject to harsh weather conditions such as heavy rains, heavy snows, high winds, and even solar interference during certain parts of the year. The sites have access to cell providers. The sites are also serviced by satellite, land-line phone service, and local cable companies. No new infrastructure is to be created for this proposal.
Because PNRM is a health care provider it is subject to certain specific laws and regulations pertaining to patient information security and confidentiality. PNRM needs to ensure it is compliant with those requirements. The employees at PNRM need to be held accountable for the security of the system and practicing good security habits.
PNRM will be storing the patient’s data and currently has a Microsoft Server environment at all sites. There have been issues recently with different sites have different versions of the same file. Also, many employee-related administrative tasks are done locally at each office which makes managing employee pay, time, and other benefits difficult and often tasks overlap.
PNRM uses commercial software to maintain its medical information system. Maintenance and configuration of this system is performed by the vendor and does not require being addressed in this proposal.
Provide a thorough and detailed proposal that meets PNRM’s business objectives:
connectivity to remote hospitals
data transfer
industry compliance
security
sharing resources
Step 1:
Create an annotated bibliography containing at least 20 citations from reputable sources in APA format. You may not use commercial sites associated with a specific vendor. For example, you cannot use Cisco’s web site as a source if you are discussing routers. You must use an independent source.
Step 2:
Create a thorough and detailed security policy for PNRM that is industry compliant.
Step 3:
Provide a thorough and detailed solution to PNRM’s overall industry compliance with respect to their current state.
Step 4:
Provide a thorough and detailed solution to PNRM’s communication business objectives.
Step 5:
Provide a thorough and detailed solution to PNRM’s document and service sharing objectives.
Step 6:
Combine the previous steps into a formal proposal as a solution to PNRM’s technological business objectives. Where sources are used cite in APA format.
Step 7:
Complete a PowerPoint presentation providing the details of the problems your were faced with and the solutions you came up with.