Course Project: Privacy Officer Assessment

Course Project: Privacy Officer Assessment Objective Project RequirementsThe objective of the course project is to tie together all the TCOs in a comprehensive manner, while giving students the chance to take on the role of Privacy Officer. Hospital BackgroundFor your course project, you will play the role of a Privacy Officer. You have been asked by management to develop the content of an organization’s security and privacy training and awareness program. You will select privacy and security topics that need to be communicated to all workforce members, and you will develop a plan. In addition, you will create a presentation to introduce your proposal. Medical Center of DeVry is a leading healthcare organization specializing in pediatric healthcare and has an expanded network of physicians and pediatric specialists. It is the beginning of the fiscal budgetary year, and all assessments, improvement projects, and proposals are due within the next 30 days. As Privacy Officer, you will have to create a privacy and security plan. This process will consist of three components: an assessment of the organization, a training and awareness program, and a communication plan. The purpose of the assessment is to review the current condition and the effectiveness of your privacy and security program in order to move forward with HIPAA’s privacy and security requirements. Once the assessment is complete, you will use the results to make a decision about improvement tools, and you will create a training and awareness plan. The purpose of the training and awareness plan is to bring awareness to the organization for a collaborative effort in improving the privacy and security of the facility. The plan will, preferably, focus on areas that need special attention, such as issues related to HIPAA compliance, including physical safeguards. Once both the assessment and the training and awareness plan are complete, you will then need to develop communication tools to convey to the rest of the organization. Assessment Findings You completed your assessment and found that several policies are out of date or are missing critical elements. You submitted a plan to management, and management has approved your proposed actions to implement two new policies, to create two reporting tools to ensure easy compliance with the new policies, and to train employees on the new policies and tools. Following the directions below, create the new policies, reporting tools, and inform staff of training. Once you have completed these three elements, compile all the information into a fifteen minute presentation that you will give to management discussing your overall findings, policies, tools, and the training conducted. Required Elements A. Policies Based on your review, you determined that specific polices related to incident reporting and physical safeguards need revising. Develop two separate policies, using the template below, to address the following topics. Incident Reporting Address what types of incidents should be reported to include: Inappropriate use of a computer Release of information to patients and outside agencies or individuals without authorization Address the expectations for reporting to include: Time Frame in which employees need to report How employees will report Outline the procedures for reporting incidents to include: Who receives complaints How complaints are investigated How notification to affected individuals occurs Physical Safeguards Securing workstations to include: Auto lock feature Securing equipment, such as laptops Record disposal to include: Electronic media such as hard drives and CDs Paper documents Use the following template: .equella.ecollege.com/file/a2b04f35-9830-45ba-bc32-02c9b66ee964/1/images–policyname.gif”> B. Reporting Tools After completing the policies and procedures, you determine that it will be useful to develop some new tools to reinforce compliance of the revised policies and procedures. Your reporting tools should consist of the following: An incident reporting form that includes the following elements: Date of incident; Type of complaint or incident; Complaint details; and Staff questioned or involved. A checklist for security staff to use for audits and compliance that includes the following elements: Document disposal; Media disposal; and Unsecured workstations. C. Communication Tools Communicate the new policies and tools to employees of the organization. This will be helpful in training employees in order to have direction on privacy and security efforts for the year. Your two communication tools could be in the following format: A flyer, brochure, intranet announcement, e-mail, handout, poster, or other form of communication. In addition, your communication tools need to address: Why training is being provided; Dates of training; and Location of training. D. Presentation You now have to prepare a presentation of your findings and overall evaluation of the privacy and security program for the executive leaders. The presentation should be 15 minutes in length, with approximately 15-20 slides. Your presentation should include privacy and security plan details such as the purpose of plan; what your assessment revealed, that is, problems identified; the policies created; the reporting tools developed; and the communication tools. Guidelines MilestonesProjects must follow APA formatting, including 12-point font, double spaced lines, a cover page, and a works cited. Use at least six authoritative, outside references (anonymous authors or web pages are not acceptable); one reference may be the textbook. These should be listed on the last page titled “Works Cited.” Appropriate citations are required. All DeVry University policies are in effect, including the plagiarism policy. Projects are due during Week 7 of this course. Any questions about this project may be discussed in the weekly Q & A discussion topic. This paper is worth 230 total points and will be graded on documentation and formatting, policies and procedures, creation of reporting tools, communication tools, and presentation. Grading RubricsComplete Policies and Procedures by Week 2 Complete Creation of Reporting Tool One by Week 3 Complete Creation of Reporting Tool Two by Week 4 Complete Communication Tool One by Week 5 Complete Communication Tool Two by Week 6 Complete all remaining components, including compilation of assignment by Week 7 Category Points % Description Documentation & Formatting 10 5 Use APA formatting, including cover page, 12-point font, 1 inch margins, and works cited. Policies and Procedures 60 26 Create a policy using the standardized format provided. Creation of Reporting Tools 60 26 Create two unique tools to enforce the policy created. Communication Tools 40 17 Create two tools, and discuss the training being provided on the new policy and tools. Presentation 60 26 Provide a 15-slide presentation discussing new changes, that is, policy, tools, and communication efforts. Total 230 100 A quality paper will meet or exceed all of the above requirements. Best Practices Cover Page -Include who you prepared the paper for, who prepared the paper, and the date.The following are the best practices in preparing for the final project. Policies and Procedures -Use the standard format provided in assignment 2 (Week 3) to ensure that all elements are addressed. Creation of Reporting Tools -Use the format provided in assignment four (Week 5) to ensure that the appropriate information is provided for the checklist tool. Communication Tools -Creation of these tools can be done through a variety of media; most students use Word or Publisher to create flyers, brochures, posters, and e-mails. Presentation -The presentation should be created using PowerPoint; ensure that background information is supplied as well as all three elements, including policies and procedures, tools, and communication tools. Work Cited -Use the citation format specified in the Syllabus.