Premium Essay

Data Breach Assignment

In:

Submitted By awk29832
Words 562
Pages 3
Aftab Khan
IT120 Cybersecurity Principles
Assignment 3
Due by 2pm, October 29 (Thursday)
Data breaches happening in healthcare can cause severe damage. This assignment looks at different sets of data submitted to the Department of Human Services whenever a breach affects 500 or more individuals. (https://ocrportal.hhs.gov/ocr/breach/breach_report.jsf)
You have each been assigned a “filter” to research and assess.
For the filer you are assigned, make a report that includes the following information: 1. Describe the web site and the policy/legislation under which the organization is required to report their breaches
Department of health and human services, office of civil rights websites, where as required by section 13402(e)(4) of the HITECH Act, the Secretary must post a list of breaches of unsecured protected health information affecting 500 or more individuals. These breaches are now posted in a new, more accessible format that allows users to search and sort the posted breaches.

2. Describe how the organization must file their report.
Includes brief summaries of the breach cases that OCR has investigated and closed, as well as the names of private practice providers who have reported breaches of unsecured protected health information to the Secretary.

3. Name of the filter designated.
2015

4. How many breaches did you identify as a result of the filter
There are about 223 breaches for 500 or more.

5. Select one result that catches your interest and describe it in more detail (If you found any news article about the breach, include the link.)
Boston Baskin Cancer Foundation (healthcare provider)
On December 2, 2014, a Boston Baskin Cancer Foundation employee’s laptop computer and external hard drive were stolen. The external hard drive contained the electronic protected health information (ePHI) of 56,000 individuals and

Similar Documents

Premium Essay

2134314

... Graham R Jones ASSIGNMENT (Semester 1, 2015) On Page 3 following you will find an extract from the Academic Integrity Policy. You are reminded that you must be aware of the requirements under this policy. The assignment in this topic is an individual assignment therefore it is not permissible to work with other students. It is also NOT ACCEPTABLE to share files (electronic or otherwise) of your assignment work with other students – to do so is to engage in academic dishonesty. See the following pages for additional advice regarding discussion of assignments with other students. Summary of Assignment Details & Due Date: Note: Assignments must be lodged using the BUSN1011 Assignment FLO Dropbox. This assignment must be submitted in .pdf format as one document. If you are using an MS Office application you should be able to go to 'print file' and print to a .pdf file format. You then save this file and then submit it through FLO. If you are not certain how to create a .pdf document you will find help online through a google search. One converter can be found at http://www.pdfonline.com/convert-pdf/ You must only submit one document. You must not create different documents for each question. I shall be using an online marking process so it is important that you submit your assignment correctly. SUBMISSION DATE: You can only submit your assignment between 8.00 am on Tuesday 19th May, 2015 and 12 noon on...

Words: 2942 - Pages: 12

Premium Essay

Unit 9 Assingment 1 Executive Summery to Risk Mitigation

...Legal Issues in Information Security 14 Executive Summery on Risk Mitigation Unit 9 ASSIGNMENT 1 ASSIGNMENT The protection of records that pertain to students is crucial in ensuring that their safety is not compromised. In doing so the following three things must be addressed in a very detailed and stringent manner. Confidentiality, Integrity, and Availability. These three facets of security are detrimental in the handling of information, whether it is student records or bank transaction records. C-I-A is a good practice when maintaining information and insuring the proper handling of said information. We will discuss here how C-I-A combined with FERPA will help to reduce mishandling and misuse of information, and how to deal with breach and loss as well. The confidentiality of information is vital to keep your students anonymity on line. Confidentiality means that only people with the right permissions can access and use the information. To ensure the confidentiality of the information, the location that it is stored will be secured by password protection. The principle of least privilege will be used as well in determining who has access to the information as well. Physically there will be endpoint encryption as well. All data that is stored in the servers will be encrypted as well. The integrity of the information is vital to ensure that any tampering of the information can be readily detected if it should occur. The integrity of the information is defined...

Words: 578 - Pages: 3

Premium Essay

Review of Business Fraud

...Assignment 1: Review of Business Fraud Tara Johnson Professor: Jim Ridilla, CPA ACC 564— Accounting Information Systems May 1, 2012 Assignment 1: Review of Business Fraud Compose a summary of the case. Include how the fraud was perpetrated, the characteristics of the perpetrator(s) who committed the fraud, the role the auditors had in the case, and the direct and indirect effects the incident had on the organization’s stakeholders (customers, vendors, employees, executive committee, and board of directors). In 2011 Bank of America suffered a data breach from within the company that cost Bank of America approximately $10 million. A former Bank of America employee provided confidential information to a criminal fraud ring. That data was then used to steal funds from 300 customers in California and other states in the western United States. The names, addresses, Social Security numbers, phone numbers, bank account numbers, driver’s license numbers, birth dates, email addresses, mother’s maiden names, PINs and account balances were among the information that was released. That information was ultimately used to open new accounts, order checks, and make other bank transactions without the customer’s knowledge. This incident decreased the amount of trust the customers had in the company. The fraudsters were engaging in this activity for nearly a year and it should have been detected sooner. This fraudulent activity directly and indirectly affected it stakeholders...

Words: 892 - Pages: 4

Premium Essay

Acc 557

...I also worked as an Accountant in the Nigeria Federal Ministry of Agriculture & Rural Development, Abuja – Nigeria (2004 – 2007). During the course of my professional career, I have had opportunities to conduct job training for subordinates and staff, and delivered practical tutoring sessions as per the Nigerian government public service norms. I joined Strayer University as Adjunct Instructor Accounting in March 2012, and as a Full-time faculty since spring 2013 quarter. We hope you have a successful spring semester at Strayer University. I look forward to working with you. PLEASE NOTE: Grading for Late Assignments without Documented Exceptional Circumstances 1. Students who submit work after the assigned due date without exceptional circumstance can expect a reduction of points in the following manner: a) Assignments submitted within 7 days after the submission deadline will receive up to a 20% deduction....

Words: 7627 - Pages: 31

Premium Essay

Acc 557 Complete Assignments 1 , 2 and 3 to Purchase All Assignments Please Follow the Link Below/ Homework-Aid

...ACC 557 Complete Assignments 1 ,2 and 3 To Purchase all Assignments please follow The Link Below http://www.homework-aid.com/ACC-557-Complete-All-Assignments-12-3-Strayer-152.htm ACC 557 Assignment 1: Review of Accounting Ethics Purchase Assignment 1 here Many organizations have been in the news over the past few years due to accounting ethical breaches that have affected their customers, employees, or the general public. Search the Internet or the Strayer Library to locate a story in the news that depicts an accounting ethical breach. You may select from any type of organization about which you have information or a curiosity. Write a four to five (4-5) page paper in which you: Given the corporate ethical breaches in recent times, assess whether or not you believe that the current business and regulatory environment is more conducive to ethical behavior. Provide support for your answer. Based on your research, describe the organization, the accounting ethical breach and the impact to the organization related to ethical breach. Determine how the organizational ethical issue was detected and how management failed to create an ethical environment. Analyze the accounts impacted and / or accounting guidelines violated and the resulting impact to the business operation. As a CFO, recommend which measures could have been taken to prevent this ethical breach and how each measure should be implemented in the future. Use at least FIVE (5) quality academic resources...

Words: 1366 - Pages: 6

Premium Essay

Technology

...Assignment: Required First Week Assignment After reviewing the modules and Introduction for Management Systems two of the modules stand out and have piqued my interest. Those modules are module 3 EBusiness : Electronic Business Value and module 6 Data: Business Intelligence. Module 3 interests me because it deals with the advantages of web technologies in business and how buyer seller relationships are handled. This relates to my current job role as manager of website operations for an online college. The majority of our marketing budget is geared towards web marketing and learning more about how this integrates in to our business model and gaining potential students. I have equal interest in module 6 due to the information regarding business intelligence, as a manager I rely heavily on data and analytics that help me make decisions regarding our web business. Having access to data and how to better use my data is what I hope to gain from this module. One of my least favorite modules is module 1 Management Information Systems: Business Driven MIS, my low level of interest in this module is due to the fact that I’ve been in business and information technology for many years and I feel I have mastered this section due to my experience. Another module that I have a low level of interest in is module 2 Decisions and Processes: Value Driven Business due to this module dealing with tools that managers use to make decisions. Again with my years of experience and the various...

Words: 497 - Pages: 2

Premium Essay

Jet Copies Case Problem

...“IPad’s” Security Breach BUS 508: Contemporary Business August 16, 2011 Strayer University Dr. Robert L. Kight Assignment 4: iPad’s Security Breach This document will attempt to discuss hacking into a Web site. Is it ever justifiable? The document will create a corporate ethics statement for a computer security firm that would allow or even encourage activities like hacking. The document will discuss whether it is important for organizations like Gawker Media to be socially responsible. It will determine factors CEOs should consider when responding to a security breach. Finally, it will create an email script to be sent to AT&T customers informing them of the security breach and a plan to resolve the issue and state the rationale. Apply your theory to a real-world case in which someone hacked into a system, including the name of the company and details. As I attempt to discuss this assignment, I could not avoid thinking about the age-old opinion that Apple products were unique, and that they were protected against criminal encroachments. As such, Apple became one of the hottest technological innovations in the industry. Today, like most other such technology, Apple is becoming increasingly vulnerable to intrusion. It is becoming a medium for posing threats to an entire corporate network as well as devices for official and unofficial use. My answer to this question is twofold. In other words qualification of any kind for such conduct must be based...

Words: 1981 - Pages: 8

Free Essay

Review of Business Fraud

...ASSIGNMENT 1: REVIEW OF BUSINESS FRAUD ABSTRACT Business fraud is a white-collar crime that is increasing at a rapid pace. One case of business fraud dealt with an information breach within Bank of America’s information system. This breach affected over 300 Bank of America customers. Management failed to provide proper security for their information system and the sensitive information of their customers. The following assignment will give detailed specifics about the case, clarify the classification of this particular fraud, and suggest recommendations that can help prevent this fraud from reoccurring. ASSIGNMENT 1: Review of Business Fraud On May 24, 2011, an investigation was in process within the Bank of America organization for potential business fraud. A Bank of America employee had manage to copy the personal information of over 300 of the bank’s customers. The security breach allowed the Bank of America employee to communicate the sensitive information of the customers to a ring of scammers. Customer information compromised included the customers’ names, physical addresses, Social Security numbers, contact numbers, checking account numbers, savings account numbers, routing numbers, driver's license numbers, date of births, email addresses, mother's maiden names, PINs and the balances on their accounts. Scammers used this information to start up credit cards and to spend the money available on the customers’ bank accounts. The leaking of the confidential...

Words: 1489 - Pages: 6

Premium Essay

Hcs 533 Study Education on Your Terms/Hcs533Study.Com

...HCS 533 Week 1 Individual Assignment Definition Worksheet (2 Answer) FOR MORE CLASSES VISIT www.hcs533study.com This Tutorial contains 2 Answers for each Question HCS 533 Week 1 Definition Worksheet Definition of Terms The health care environment is constantly changing, new systems arise every day with terminology of their own to reflect the changes. As a health care professional, it is important for you to stay up-to-date with the terminology and its proper use. Define each term in the table below. There’s only one definition for each terminology. -------------------------------------------------------------------- HCS 533 Week 2 Individual Assignment Database Worksheet (2 Set) FOR MORE CLASSES VISIT www.hcs533study.com This Tutorial contains 2 Set of Answers (2 Paper) HCS 533 Week 2 Individual Assignment Database Worksheet Databases Worksheet Write a 50- to 150-word response to the following question. Be clear and concise, use complete sentences, and explain your answers using specific examples. Cite any outside sources. For additional information on how to properly cite your sources, check out the Reference and Citation Generator resource in the Center for Writing Excellence. 1. What is the difference between database types and capacities? 2. How do data inaccuracies affect patient care and reimbursement? 3. Review the databases below and explain the relationship between each of the databases and their impact on the medical records...

Words: 850 - Pages: 4

Premium Essay

Ms2 Assignment 4

...Learning Environment, check out the Course Orientation and the quick tutorials in the Support Centre. General assignment FAQs can be found in your Assignment Submission area. Prepare the answers to these assignment questions in Word and save them as one Word document on your hard drive. For the recommended format and filename, see the FAQs in the Assignment Submission area. If this assignment Word file requires the pasting of Accpac.RTF reports, or Excel.xls sections, or other files, students are strongly advised to refer to the How To/Use Software/Use Excel, Use Word or both, to ensure the successful submission of their complete assignment. Multiple-choice questions are to be completed within the Online Learning Environment in your MS2 Assignment Submission section. This portion of the assignment will be automatically graded. Do not include your answers in your Word document as they will not be graded. When your file is complete and you are ready to submit it for marking, select your Assignment Submission area. For help, refer to the quick tutorial, “Submit your assignment.” Follow these steps to ensure that your assignment was received by your marker: Select the Grade Centre link. Select the exclamation mark (!). In the section “Your work,” select the file. If you can view the unmarked assignment, it is okay. If you are unable to view the assignment, contact your CGA affiliate office for help. Question 1 (20 marks) Note: For multiple-choice questions...

Words: 1541 - Pages: 7

Premium Essay

Hope Case Study

...University Wayne Huizenga Graduate School of Business & Entrepreneurship Assignment for Course: ISM 5150, IS Strategy & Data Management Submitted to: Dr. Nainika Patnayakuni Submitted by: Date of Submission: December 12, 2015 Title of Assignment: Hope Case Analysis CERTIFICATION OF AUTHORSHIP: I certify that I am the author of this paper and that any assistance I received in its preparation is fully acknowledge and disclosed in the paper. I have also cited any sources from which I used data, ideas of words, whether quoted directly or paraphrased. I also certify that this paper was prepared by me specifically for this course. Student Signature: ******************************************* Instructor’s Grade on Assignment: Instructor’s Comments: When “Hope” Spells Problems Case Analysis In order to solve the problem in this scenario, management’s goal should be to establish an IT governance framework within their organization. They need to decide which archetype to implement and also need to invest in education and training of IT security. The root problem in this case is poor information security strategy. If there was been an effective governance pattern in place this problem could have been avoided. Three needed to have been constant monitoring of how the software updated was being installed, who was installing it and where in order to avoid this breach of security to the recipients of the HOPE scholarships. There are several...

Words: 765 - Pages: 4

Free Essay

Assignment 4: Internet Technology, Marketing, and Security

...Assignment 4: Internet Technology, Marketing, and Security Bus 508 – Contemporary Business Abstract Modern business depends on complex electronic information systems that require computer and internet capability to keep that information flowing. There is a problem when someone outside of that business relationship between the business and the consumer interferes, or hacks, that information flow. An entire industry has been created to protect that information flow from being “hacked”. In 2011, Sony went through what is known as the largest security breach in history. The breach affected 77 million PlayStation Network users, 24.5 million users of Sony Online Entertainment and many more customers across the nation. All this was caused, according to Sony, by an “outdated database from 2007” (Lina, 2011). Assignment 4: Internet Technology, Marketing, and Security In 2011, there were more than 300 corporate security breaches. Sony, Citigroup, and Morgan Stanley Smith Barney are among the major firms that have reported to their customers that they have been hacked (Mintzer, 2011). Hacking is continuously happening to companies all over the world. Sony Corporation is a leading manufacturer of audio, video, game, communications, key device and information technology products for the consumer and professional markets. With its music, pictures, computer entertainment and on-line businesses, Sony is uniquely positioned to be the leading...

Words: 1284 - Pages: 6

Premium Essay

Unit 8 Assignment 1

...IS3350 Unit 8 Assignment 1 To: Verizon Date: 2 February, 2014 Subject: Data Breach Executive Summary Overview Verizon’s 2013 Data Breach Investigations Report (DBIR) provides truly global insights into the nature of data breaches that can help organizations of all sizes to better understand the threat and take the necessary steps to protect themselves. The breadth and depth of data represented in this year’s DBIR is unprecedented. It combines the efforts of 19 global organizations: law enforcement agencies, national incident-reporting entities, research institutions, and a number of private security firms — all working to study and combat data breaches. Analysis With 47,000+ Security incidents analyzed, 621 confirmed data breaches studied, and 19 international contributors, Verizon has ample amounts of data to compile and use to better their network. This data can also be analyzed to see what types of people are making these breaches and what motives they may have for doing so. In the 2013 DBIR, 69% of breaches were spotted by an external party and 76% of the network intrusions were due too weak or stolen passwords. Some of the other factors that have been realized was that 75% of the attacks are opportunistic and 19% of attacks are some form of espionage. There is also much evidence that many of these breaches could be tied to organized crime and gathering financial information. On a very basic level, just looking at the history of organized crime, money has always...

Words: 344 - Pages: 2

Free Essay

Case Studies on Academic Integrity

...Enabling strategies enact academic integrity policy. Without long-term, sustainable and practical support resources, a policy will not be enacted, no matter how well it is articulated. The cases in this resource cover a range of academic integrity issues in Australian universities with application for a wider audience. These case studies have been developed by the Academic Integrity Standards Project. “…I suspect that every senior manager needs to have some training in the issue of academic integrity principles.  I learnt mine on the job, so I think that needs to be worked through so that the policy and the implementation and the people who have that power understand those principles …So I think the case study models really useful.  How would you deal with someone who had this story; you know, what would you do, and then work out what you'd do pragmatically versus where the policy fits from there.” (Senior Manager, University B, Academic Integrity Standards Project) Although they may be based on real life stories, they have been adapted and anonymised for the purposes of this project resource; pseudonyms are used in every instance. The case studies are designed to be used as triggers for discussion in group seminars and primarily target teaching staff, although they could be used for discussion with students or other academic integrity stakeholders.  Support for this project/activity has been provided by the Australian Government Office for Learning and Teaching...

Words: 15906 - Pages: 64

Premium Essay

Target Attack Case Study

...Assignment How was target attacked? Target gave access to third party retailer Fazio Mechanical services to access its network but did not take measures to properly secure that access to the systems handling sensitive data. They did not follow proper network segmentation to protect cardholder data. Hackers compromised the third party vendor Fazio Mechanical Services which is refrigeration contractor works for target at many locations. Hackers sent phishing email containing malware to one of the employees of Fazio, which allowed citadel which is password stealing bot program to be installed on the computer. They stole the login credentials which was the first step to access the target network. Fazio Mechanical Services did not had appropriate...

Words: 466 - Pages: 2