Course Hero Logo

Task2 v1.docx - Scope The idea behind the Office of Grants...

Course Hero uses AI to attempt to automatically extract content from documents to surface to you and others so you can study better, e.g., in search results, to enrich docs, and more. This preview shows page 1 - 3 out of 6 pages.

ScopeThe idea behind the Office of Grants Giveaway (OOG) is to improve the structure of medicalgrants given for the support research, evaluation, and information sharing. The OGG gives away avariety of grants including the grants to the small hospitals which brings the need to implement a SmallHospital Grant Tracking System (SHGTS).To develop an ISMS plan, several guiding security principals will help in creating a goodsecurity plan.The first principal to focus on is the confidentiality of the data and information used by OOGfor their decision making process. In simple words, confidentiality can be defined as the process ofkeeping the data and/or information secret or hidden. Confidentiality is very important especially in thehealthcare environment which is why a number of policies and regulations have been set for dataconfidentiality including HIPAA, HITECH to protect the patient data including PCI, PHI and PII. Inour case, there is no PHI (Patient Health Information) or PII (Personally Identifiable Information)involved which means that we may not need to follow the compliance rules set by HIPAA or HITECH.Data integrity is the next principal to focus on. Data integrity can be defined as the process ofkeeping data accurate and consistent by ensuring it has not been tampered with (Brook, 2019). Thiswould include access controls and regular checks to ensure the data is kept in its original form. All thedata stored regarding the grants does not affect the decision made about it. Which means that even ifthe data is altered, it cannot be classified as high risk because it would not change the decision made
about the grant. However, the risk would be greater if the data were accessed which would also affectthe confidentiality.The third security principal to put the focus on would be availability. Availability means to

Upload your study docs or become a

Course Hero member to access this document

Upload your study docs or become a

Course Hero member to access this document

End of preview. Want to read all 6 pages?

Upload your study docs or become a

Course Hero member to access this document

Term
Fall
Professor
N/A

Newly uploaded documents

Show More

Newly uploaded documents

Show More

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture