I’m working on a cyber security multi-part question and need an explanation and answer to help me learn.
You are a security professional for a large, private health care organization. Users have access to file and application servers, as well as data storage facilities that contain customer health information and personally identifiable information (PII).
- Your manager asks you to write a report, detailing relevant user access policies. He needs you to research a generic template and use that as a starting point from which to move forward.
- Research existing policy templates and examples from organizations of a similar type.
- Based on your research, write a summary detailing at least three relevant user access policies. Include explanations for why you chose these policies.
- Provide citations for your sources.
- Your manager has been asked to provide the latest version of the organization’s incident response policy. To his knowledge, no policy exists. He has asked you to research and create an incident response policy.
- Look for at least two incident response policies for organizations of a similar type to your organization.
- Based on your research, create an initial draft of a high-level incident response policy for your organization. Consider Health Insurance Portability and Accountability Act (HIPAA) and other health care–related compliance requirements. Include justification of the content you included in the draft policy.
0 comments