English

Compliance Audit in Action

Compliance Audit in Action Module7.docx Module 5: Compliance Audit in Action For this assignment, you will need to review the Case Study presented perform a

Jun 02, 2025 0 views

This is a sample solution our expert wrote for a client with similar requirements.

Compliance Audit in Action Module7.docx Module 5: Compliance Audit in Action For this assignment, you will need to review the Case Study presented perform a compliance audit to determine gaps in privacy and security compliance.  Expand AllPanels Collapse AllPanels Case Study DeVry Medical Group provides primary care, pediatric care, and urology services. Recently, the Medical Group implemented an electronic health record system that interfaces with their laboratory management system for streamlined syncing of patient lab results in their charts. Post implementation, concerns have come about on the quality of the privacy and security measures in place. As the Privacy & Security Officer, you have determined that a compliance audit is needed to ensure DeVry medical Group is in compliance with HIPAA regulations. The compliance audit has revealed potential compliance issues related to the new electronic health record system, there are inadequate access controls, lack of encryption for data transmittals, and less than half of the employees on staff have been trained properly on privacy and security measures. Action Plan You are tasked with identifying the gaps and proposing strategies to assist with being compliant with HIPAA Privacy and Security Rules. Steps you will complete as part of your proposed strategies to meet HIPAA compliance: 1. Assess the access control mechanisms for the electronic health record to determine that patient data is accessible only to authorized personnel. 2. Evaluate data protection measures, including encryption protocols for data at rest and data in transit. 3. Review the employee training programs on the use of the electronic health record and HIPAA compliance. 4. Propose strategies to correct issues you have identified during steps 1-3. Your deliverable method can be either in the form of a half-page to full page proposal or PowerPoint slides that outline each of the strategies you are proposing with an action plan for implementing them. For PowerPoint slides, the slides should outline your key points/recommendations and utilize the Notes section under your slides to provide complete sentences for your report as if you were presenting to a board for approval to implement. Note: If you utilize your textbook or any references to support your recommendations, provide a reference list. Action Select the Start Assignment button to begin. Once you have uploaded your file, select Submit Assignment. Rubric M5 Compliance Audit in Action M5 Compliance Audit in Action Criteria Ratings Pts This criterion is linked to a Learning OutcomeParameter Parameters Paper Option -Uses standard double-spacing without extra spaces between bullets or paragraphs -Minimum length 1/2 page, maximum length 1 page -Free of grammatical & spelling errors -Uses APA in-text citations and reference list IF applicable PowerPoint Option -No more than 5 bullets per slide -Keep slides uncluttered so easy to follow -Notes Section of slides should contain a detailed outline of what slide is presenting (speaker notes) -Free of grammatical & spelling errors -Uses APA in-text citations and reference list on a reference slide IF applicable 5 pts Meets or Exceeds Student submission clearly encompasses all of PowerPoint presentation parameters -Minimum of 5 content slides, Maximum of 8 content slides -Includes a title slide -Includes a reference slide if needed -Presentation developed from perspective as if being presented to the board -No more than 5 bullets per slide -Keep slides uncluttered so easy to follow -Includes use of graphical representations to give visual emphasis & credibility to presentation -Notes Section of slides should contain a detailed outline of what slide is presenting (speaker notes) -Free of grammatical & spelling errors -Uses APA in-text citations and reference list on a reference slide IF applicable 3 pts In Progress Student submission clearly encompasses all paper or PowerPoint parameters -Free of grammatical & spelling errors -Uses APA in-text citations and reference list IF applicable 1 pts Little Evidence Student submission does not clearly meet the paper or PowerPoint parameters -Has 4 or more grammatical & spelling errors -does not use APA in-text citations and reference list IF applicable 0 pts No Evidence Student submission clearly does not meet the required Parameters 5 pts This criterion is linked to a Learning OutcomeControl Mechanisms Control Mechanisms -Assesses control mechanisms in place or in absence of control mechanisms identifies what should be in place CO5 7 pts Meets or Exceeds Student submission provides clear summary of current or lacking control mechanisms for accessing patient data 5 pts In Progress Student submission mostly provides a summary of current or lacking control mechanisms for accessing patient data – may be missing pertinent information 2 pts Little Evidence Student submission is off topic for control mechanisms or does not identify current or lacking control mechanisms for accessing patient data 0 pts No Evidence Student submission does not clearly meet the expectations for identifying control mechanisms for accessing patient data 7 pts This criterion is linked to a Learning OutcomeData Protection Measures Data Protection Measures -Addresses encryption protocols for data at rest -Addresses encryption protocols for data in transit -Any other potential deficiencies CO5 7 pts Meets or Exceeds Student submission on Data Protection Measures clearly -Addresses encryption protocols for data at rest -Addresses encryption protocols for data in transit -Any other potential deficiencies 5 pts In Progress Student submission on Data Protection Measures mostly -Addresses encryption protocols for data at rest -Addresses encryption protocols for data in transit -Any other potential deficiencies 2 pts Little Evidence Student submission on Data Protection Measures does not all issues -Data at Rest -Data in Transit -Any other potential deficiencies 0 pts No Evidence Student submission on Data Protection Measures clearly does not meet expectations or nothing submitted 7 pts This criterion is linked to a Learning OutcomeTraining Programs Training Programs -Findings of review on training program deficiencies encompasses assessment on proper use/protocols on electronic health record and HIPAA compliance CO5 7 pts Meets or Exceeds Student submission on Training Programs clearly addresses findings of review on training program deficiencies and encompasses assessment on proper use/protocols on electronic health record and HIPAA compliance 5 pts In Progress Student submission on Training Programs mostly addresses findings of review on training program deficiencies and encompasses assessment on proper use/protocols on electronic health record and HIPAA compliance but may be lacking details 2 pts Little Evidence Student submission on Training Programs is off topic or does not clearly address findings of a review covering training program deficiencies relating to use/protocols on electronic health record and/or HIPAA compliance 0 pts No Evidence Student submission clearly does not meet expectations on addressing training program review findings or nothing submitted 7 pts This criterion is linked to a Learning OutcomeStrategy Proposals Strategy Proposals Proposes strategies to correct issues on -Access control mechanisms for electronic health records -Data protection measurs -Employee training programs CO5 9 pts Meets or Exceeds Student submission of Proposed Strategies clearly addresses ways to correct issues on -Access control mechanisms for electronic health records -Data protection measurs -Employee training programs 6 pts In Progress Student submission of Proposed Strategies mostly addresses ways to correct issues on -Access control mechanisms for electronic health records -Data protection measurs -Employee training programs 3 pts Little Evidence Student submission of Proposed Strategies is off topic or does not clearly give a minimum of 2 risks with the greatest potential impact or is proposing strategies for risks that are not the highest priority based on potential impact 0 pts No Evidence Student submission does not clearly meet expectations to provide recommendations for threats or nothing is submitted 9 pts Total Points: 35

Need a similar assignment?

Our expert writers can help you with your specific requirements. Get started today.

Order Your Custom Solution

Get a Price Estimate

Price Estimate

Deadline.

Number of Pages.

Price: $12

Order Now

Why Students Choose Us

  • Original Work: 100% plagiarism-free with free Turnitin report

  • Unlimited Revisions: Until you're completely satisfied

  • Expert Writers: PhD-qualified in your subject area

  • 24/7 Support: Always available to assist you

Related Samples