CIS 558 Week 7 Case Study 2 HIPAA and IT Audits (2 Papers) CIS 558 Week 7 Case Study 2 HIPAA and IT Audits (2 | Page 2
1a. Create an overview of the HIPAA Security Rule and Privacy Rule. Include an explanation of
the resolution process when a case is reported.
1b. Analyze the major types of incidents and breaches that occur based on the cases reported.
1c. Analyze the technical controls and the non-technical controls that are needed to mitigate
the identified risks and vulnerabilities.
1d. Analyze and describe the network architecture that is needed within an organization,
including a medium-sized hospital, in order to be compliant with HIPAA regulations.
1e. Analyze how a medium-sized hospital is similar to and different from other non-medical
organizations in regards to HIPAA compliance.
1f. List the IT audit steps that need to be included in the organization’s overall IT audit plan to
ensure compliance with HIPAA rules and regulations.
1g. Use at least four (4) quality resources in this assignment. Note: Wikipedia and similar
Websites do not qualify as quality resources.
Your assignment must follow these formatting requirements:
Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all
sides; citations and references must follow APA or school-specific format. Check with your
professor for any additional instructions.
Section 2. Network Architecture
2a. Create a network architecture diagram (using Visio or an open-source equivalent to Visio for
creating diagrams), based on the description of the network architecture that you defined
above for the organization to be compliant with HIPAA regulations.
2b. Include in the diagram the switches, routers, firewalls, IDS/IPS, and any other devices
needed for a compliant network architecture.