Identification and Access Control of Computer & Information Systems

Computer and Information Systems
Author’s Name
Institutional Affiliation
The importance of information technology
Information technology firstly helps businesses to operate and function more efficiently through better and faster information systems. Moreover, It has allowed businesses and organization to be more updated on the constantly changing global markets so as to make sound business decisions. In the field of education, information technology has assisted students in learning through new ways like online education (Quinonez, 2016). Also, it’s through information technology that online transfer of money and the buying and selling of goods and services is conveniently done. It has improved globalization and made communication easier and faster.
General requirements of HIPAA security
HIPAA security general requirements include the covered organization to comply with the following (“HIPAA Security Standards”, 2016):
The entities must ensure that all its ePHI are available, integral and more importantly its confidentiality, maintained.
It’s ePHI must be protected against any anticipated threats

The entities working team must adhere and comply with all the set HIPAA Security Rule.
It also has flexible approaches that allow the covered organization to implement any security measures that can adequately lead to it implementing and the set standards and specifications.
Also, an entity must comply with all the set standards and lastly, the entity must ensure it has implemented all the set standards as required.

HIPAA regulation approach
Its regulation method involves making sure that all entities that are being covered have all complied with the requirements. Implementation of the system is done after a risk analysis to determine its suitability and if it’s not then the implementation is not done.
HIPAA administrative standards
The administrative stands involve the training of personnel on the procedures and policies of the ePHI. Moreover, it entails an entity having a contingency plan like a disaster recovery plan put in place. It should also put in place security incident procedures (“HIPAA Administrative Requirements,” 2016).
The physical standards
These are the security access controls of an entity to ensure that only authorized personnel use the system. They include the use of system security like a password. Moreover, the system or entity must have a clear security plan and a workstation security which is operational.
Technical standards.
These are the access controls, the level of integrity and the audit controls put in place by the covered entity. They include the use of personal user IDs and having automatic logoffs. There should also be the person or entity authentication put in place.Challenges
Its main challenge is its implementation. This is because it requires a specific implementation plan and action through a proper initial risk analysis done. This is usually difficult and requires and takes a lot of time. Moreover, having access to specialized expertise is difficult especially for small providers. The progress of the security plan is hindered by constant extension of the security contingency plan.
References
HIPAA Administrative Requirements. (2016). Hipaasurvivalguide.com. Retrieved 5 October 2016, from http://www.hipaasurvivalguide.com/hipaa-regulations/164-530.phpHIPAA Security Standards. (2016). Hipaasurvivalguide.com. Retrieved 5 October 2016, from http://www.hipaasurvivalguide.com/hipaa-regulations/164-306.phpQuinonez, N. (2016). The Importance of Information Technology and Its Disadvantages. Udemy Blog. Retrieved 5 October 2016, from https://blog.udemy.com/importance-of-information-technology/