Health IT Policy Activity Questions

Question 1

Based on the L13 lesson, the HIPAA Security Rule ensures that protected health information (PHI) has 3 characteristics. What are those three characteristics and what do they mean?

Make sure you do not copy the definitions directly from the slides or you will receive a zero.

Answer:

Question 2

Based on the L13 lesson, as part of HIPAA, health organizations create "administrative safeguards" to help protect the privacy of patients' PHI.

Describe an example of 1 of these administrative safeguards.

Answer:

Question 3

Based on the L13 lesson, as part of HIPAA, health organizations create "physical safeguards" to help protect the privacy of patients' PHI.

Describe an example of 1 of these physical safeguards.

 Answer:

Question 4

Based on the L13 lesson, as part of HIPAA, health organizations create "technical safeguards" to help protect the privacy of patients' PHI.

Describe an example of 1 of these technical safeguards.

Answer:

Question 5

As a part of the L13 lesson, we discussed 4 types of privacy breaches. I want you to go search for a news story that highlights one health-related privacy breach, then do the following:

• Provide a link to the article
• Summarize the article
• Explain which one of the four types of privacy breaches this is an example of

Answer:

Question 6

Based on the L13 lesson and the book chapter/notes  download, explain why the "Meaningful Use" Phase 1 was more successful than Phase 2.

Provide examples to demonstrate that you reviewed the lesson and the book chapter/notes.

Answer:

Question 7

Read the research paper, The Taxonomy of mHealth Apps - Security and Privacy Concerns [PDF] by Plachkinova et al. Then answer the following question:

In Section 3.2 Security Dimensions – The paper describes 9 security challenges. Read through the description of all 9, then select 4 of the 9 challenges and specifically explain how the mHealth app that your team created as part of the class project would include technical specifications to ensure security in those categories.

Here is an example to help you see the expected structure of your answer:  To ensure “Authentication” = The iSleep app will require that the user create a unique username and password associated with his account in order to sign into the app. In the settings of the app, the user can choose to “stay logged in” in order to avoid the inconvenience of having to login each time he uses the app; however, the default will be to require login each time. The username and password will be stored in our app’s encrypted database to ensure the security of that information.

Answer:

Question 8

Read the research paper, The Taxonomy of mHealth Apps - Security and Privacy Concerns [PDF] by Plachkinova et al. Then answer the following question:

In Section 3.3 Privacy Dimensions – The paper describes 3 privacy threats. Read through the description of all 3, then select 1 of the 3 threats and draft a policy statement that you would include in your app’s user documentation to explain how your company would address that threat.

Here is an example to help you see the expected structure of your answer:  To prevent “Disclosure Threats” = The iSleep app can currently connect with the user’s Netflix account in order to encourage the user to turn off the TV 1-hour before bed. If the user enables this function, the user is required to enter his NetFlix account information so that the app can properly connect to NetFlix in order to turn-off the TV stream 1-hour before the user’s bedtime. The app does not share or disclose any user information to Netflix. Additionally, NetFlix does not share or disclose any account information with the iSleep app. If, for any unforeseen reason, we suspect that your iSleep or NetFlix account is breached by an unauthorized user, you will be immediately notified.