Prepare a final risk report (5-7 pages) that identifies privacy and security-related risks from throughout the quarter. Include evidence-based recommendations; action plans; and best practices, policies, and procedures to support the recommendations and action plans.
Throughout this course you have examined health care’s legal landscape, considering security and privacy safeguards set forth by the Health Insurance Portability and Accountability Act (HIPAA). The HIPAA standards protect the security and privacy of health information. Health care organizations are responsible to ensure proper controls are in place to make data available, but also to protect patients. Privacy and security violations must be identified; preventive policies and procedures need to be put in place to mitigate risks related to those violations. Health care organizations often use risk reports to identify, assess, and monitor risks throughout the organization.
In this final assessment, the risk management director has asked you compile a report based on all of your findings throughout the quarter. The director has an executive meeting with various stakeholders and would like to discuss recent risk issues identified throughout the hospital. In addition to identifying the risks, you will also make evidence-based recommendations and develop action items for identified privacy and security risks.
Demonstration of Proficiency
By successfully completing this assessment, you will demonstrate your proficiency in the course competencies through the following assessment scoring guide criteria:
Competency 3: Analyze the relationship between privacy and security in health care.
Create evidence-based recommendations to avoid privacy and security violations identified in audit results.
Competency 4: Analyze legal and ethical implications related to Health Information Management.
Develop action plans to accompany recommendations.
Describe best practices, policies, and procedures that directly support the recommendations and action plans.
Summarize the use of HIPAA standards and legal and ethical implications relating to the recommendations and action plans.
Competency 5: Communicate effectively in a professional and ethical manner.
Create a clear, well-organized, professional final risk report that is generally free of errors in grammar, punctuation, and spelling.
Follow APA style and formatting guidelines for citations and references.
To successfully prepare to complete this final course assessment:
Review these three Vila Health media pieces:
Vila Health: Identifying Risks
Vila Health: Privacy
Vila Health: Security
Review your three previous assessments:
Assessment 1: You prepared a SWOT analysis focused on privacy and security-related issues.
Assessment 2: You developed a release of patient information compliance checklist for hospital staff members to follow.
Assessment 3: You wrote a security report that identified potential security and technical safeguard violations in Valley City Regional Hospital’s audit report. Your security report included evidence-based recommendations to address these potential violations and prevent them from occurring in the future.
Based on the content presented in these media pieces and the work you completed in your previous assessments, you will compile evidence-based recommendations; action plans; and best practices, policies, and or procedures to remedy the privacy
security issues that have surfaced at Valley City Regional Hospital.
In this final assessment, the risk management director has asked you to compile a final risk report based on all of your findings related to privacy
security. The director has an executive meeting with various stakeholders and would like to share the recent risk issues identified throughout the hospital. In addition to identifying the risks, you will also make evidence-based recommendations and develop action items for the identified privacy and security related risks.
Final Risk Report Template
and use it to complete your assessment. Follow these guidelines when completing your final risk report template:
Introduction (1 to 2 paragraphs)
The point of the introduction is to orient the reader to the information presented in the final risk report.
Summarize the main types of risks identified at Valley City Regional Hospital.
Summarize the mains types of recommendations; action plans; and best practices, policies, and procedures provided.
Consider including a brief explanation of the differences among recommendations; action plans; and best practices, policies, and procedures.
Identified Privacy or Security Risk (Column 1)
In Column 1 you will create a master list of the privacy and security risks you uncovered throughout the quarter.
Consider grouping the privacy risks together and the security risks together.
Evidence-Based Recommendations (Column 2)
In Column 2 enter your evidence-based recommendations to address the identified risk and prevent it from occurring in the future.
Include three recommendations for each identified risk.
Action Plans (Column 3)
In Column 3 enter the action plans associated with each recommendation.
Include three action plans for each recommendation. This will be a total of nine action plans for each identified risk.
Best Practices, Policies, and/or Procedures to Support Recommendations and Actions Plans (Column 4)
Pay attention to the distinctions among recommendations; action plans; and best practices, policies, and/or procedures when constructing your plan.
Recommendations indicate what must be done.
Action plans show how it must be done.
Best practices, policies, and/or procedures outline how, by whom, and in which settings and circumstances the recommendations and action plans will be put into effect.
Summary (1 to 2 paragraphs)
Briefly summarize the use of HIPAA standards and legal and ethical implications relating to the recommendations and action plans.
Help Valley City Regional Hospital prioritize the most critical recommendations to implement first. Provide the rationale for your prioritization and substantiate your rationale with references to current, scholarly, and/or authoritative sources.
Format: Complete your assessment using the Final Risk Report Template provided. Use Times Roman, 12-point type.
Length: 5 to 7 pages.
References: Follow APA style and formatting guidelines for citations and references. Include a separate works cited page for your references. For an APA refresher, consult this resource:
APA Style and Format
Writing: Create a clear, well-organized, professional final risk report that is generally free of errors in grammar, punctuation, and spelling.