Abstract image of a woman sitting on books and studying on a laptop

Risk and Threat Assessment Report Anthony WolfBSA 5.docx

Download as DOCX, PDF
M
malbert5

The report discusses the significant risks and threats posed by technological advancements in software and e-commerce, including hacking, fraud, and privacy issues. It emphasizes the need for robust security measures such as runtime application self-protection and outlines various forms of online threats, including SQL injections and malware. Additionally, it highlights the critical importance of safeguarding personal data and maintaining secure database deployment practices to prevent breaches.

Education
1 of 31
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
Risk and Threat Assessment Report Anthony Wolf BSA/ 520 May 11th, 2020 Jeffery McDonough Running head: RISK AND THREAT ASSESSMENT REPORT 1 RISK AND THREAT ASSESMENT REPORT 2 Risk and Threat Assessment Report The rise of innovation and technological advancement has affected the aspects of technology in different ways. Improvement of software and operating systems gives hackers a reason to strive and develop more complex forms of overweighing security measures on those applications. Traditional application security best practices and secure coding are often recommended in protecting different applications against runtime attacks. Runtime application self-protection is an emerging application in the protection of software applications, data, and databases. The increase in attacks has triggered the development of security technology that is linked or build into an application runtime environment. Besides, database deployment is
safeguarded by run time application self-protection that can control the execution of applications, detecting, and preventing real-time attacks. The threats and risks associated with operating systems, networks, and software systems are significant concerns to users. The internet has changed how people do their businesses. With the growth of e-commerce and other online transactions, there has been a subsequent increase in internet risk threats that are commonly occasioned by hacking and malware attacks. There are different types of e-commerce threats and might be accidental, deliberately done by perpetrators, or occur due to human error. The most prevalent threats are money theft, unprotected services, credit card fraud, hacking, data misuse, and phishing attacks. Heats associated with online transactions can be prevented or reduced by keeping the credit cards safe. Consumers/customers should be advised to avoid carrying their credit cards in their wallets since they increase the chances of misplacement. Each buyer should be cautious when using their you’re their online credit information. The advancement in technology has seen an increase in online transactions. The practice of doing business transactions via the internet is called e-commerce. Their growth has subsequently lead to the rise in internet risk threats that are commonly occasioned by hacking and malware attacks. E-commerce is the activity of conducting transactions via the internet. Internet transactions can be drawn on various technologies, including internet marketing, electronic data exchanges, automated data collection systems, electronic fund transfer, and mobile commerce. Online transaction threats occur by using the internet for unfair means with the aim of fraud, security breach, and stealing. The use of electronic payment systems has a substantial risk of fraud. It uses the identity of a customer to authorize a payment like security questions and passwords. If someone accesses a customer's password, he will gain access to his accounts and steal money or change everything and own the account. Hackers
can use stolen credit data to make online purchases. Privacy issues are also common as the personal data for a customer could be compromised and employed in unsolicited marketing, identity theft, and spamming. System reliability is a great issue in online transactions (Kure & Islam, 2019). There are high chances of the internet service provider crashing. The e-commerce plugin could also have bugs, and the online payment system could she errors. The risk of payment conflict is commonly experienced in online transactions. Technical glitches and anomalies in electronic payment systems may result in a conflict of payment. E-cash is a paperless cash system that is commonly used in e- commerce to transfer funds anonymously. It has several threats related to it, including backdoor attacks, which give attackers unwarranted access to a system by bypassing the set authentication mechanisms. Denial of service attacks is a common security attack where attackers take actions that bare the right user from accessing the electronic device. Networks security faces a lot of threats that compromise its operations. A computer virus is a network security threat. Computer viruses are parts of software that are designed with the capacity to spread from one to another computer. These viruses are often downloaded from a particular site or sent as email attachments to infect a computer. Viruses corrupt and steal data from a computer. Rogue computer software is another threat. It is malicious software that can mislead computer users to believe that a computer virus has been installed on their computer. Adware and spyware are software that is designed to tracks the data of one's browsing habits with their consent. Data availability, integrity, and confidentiality are the primary security threat in an operating system (Mhatre, Pegna & Brdiczka 2018). Malicious and accidental destruction of data files, modification of data files, unauthorized reading databases, or data files are of concern on the security of the operating system. Malicious software or malware hijacks an operating system to perform some tasks for an attacker. Spyware, Trojans,
and viruses are the most predominant form of malware with each operating to undermine the security controls of an operating system. Hackers turn compromised computers to zombies or bots and force them to join a network of other systems to launch large scale attacks on organizations. Software threats commonly associated with system software are malicious pieces of applications and computer code that can compromise or damage a computer and steal financial and confidential information. Antivirus programs and other comprehensive security software also aid in preventing the impacts of software threats. Bluejacking is among the software threats and is intended to share contact data to send unwanted and anonymous messages to other users. Mobile devices and their applications are also infected by viruses that spread through the mobile network. The viruses are identical to other computer viruses. Database deployment in a distributed environment enables heterogeneous or homogeneous computers to act as a computing environment. Deployment is a great concern for databases, and various challenges impede database deployment. There are both internal and external risks and threats treated to database deployment in a distributed environment. One of them is excessive database privileges. Database users may abuse the privileges in different ways, i.e., unused privilege abuse, legitimate privileges, and extreme privilege abuse. Excessive privileges in database deployment lead to unnecessary risks. This can be curbed by deploying and upholding strict accesses and privileges control policy (Visbal 2019). Company employees should not be given excessive privileges. SQL injection is an attack that occurs when malicious code is embedded in a web application and then transferred to the backend database. The SQL injection enables criminals to have unlimited access to any data that is stored in a database. The NoSQL injection targets bug data databases while the SQL injection targets the traditional databases. Database backups exposure is a common risk in database
deployment in a distributed environment. It is always recommendable to backup a proprietary database at a defined time. The problem emerges since most of the database back up files are often left unprotected from attack leading to several security breaches that occur through database backup leaks. Database vulnerabilities and misconfigurations. This happens as most of the databases are left unprotected due to misconfiguration. Professional IT specialists and hackers use configuration parameters and default accounts to exploit database misconfigurations and vulnerabilities to attack an organization. Denial of service attack slows down as a database server and can even hide it from all users. DoS attacks can cost the victims considerable time and money. However, it doesn’t disclose the content of a database. Reference Kure, H. I., & Islam, S. (2019). Assets focus risk management framework for critical infrastructure, cybersecurity risk management. IET Cyber-Physical Systems: Theory & Applications, 4(4), 332-340.
Mhatre, H., Pegna, D. L., & Brdiczka, O. (2018). U.S. Patent No. 10,050,985. Washington, DC: U.S. Patent and Trademark Office. Visbal, A. (2019). U.S. Patent Application No. 16/256,862. NR360 We Can But Dare We.docx Revised 5 ‐ 9 ‐ 16 DA/LS/psb 07.14.16 1 NR360 INFORMATION SYSTEMS IN HEALTHCARE Required Uniform Assignment: We Can, but Dare We? PURPOSE The purpose of this assignment is to investigate smartphone and social media use in healthcare and to apply professional, ethical, and legal principles to their appropriate use in healthcare technology. Course Outcomes This assignment enables the student to meet the following course outcomes. • CO #4: Investigate safeguards and decision‐making support tools embedded in patient care technologies and information systems to support a safe practice environment for both patients and healthcare workers. (PO 4)
• CO #6: Discuss the principles of data integrity, professional ethics, and legal requirements related to data security, regulatory requirements, confidentiality, and client’s right to privacy. (PO 6) • CO #8: Discuss the value of best evidence as a driving force to institute change in the delivery of nursing care (PO 8) DUE DATE See Course Schedule in Syllabus. The college’s Late Assignment Policy applies to this activity. TOTAL POINTS POSSIBLE This assignment is worth a total of 240 points. Requirements 1. Research, compose, and type a scholarly paper based on the scenario described below, and choose a conclusion scenario to discuss within the body of your paper. Reflect on lessons learned in this class about technology, privacy concerns, and legal and ethical issues and addressed each of these concepts in the paper, reflecting on the use of smartphones and social
media in healthcare. Consider the consequences of such a scenario. Do not limit your review of the literature to the nursing discipline only because other health professionals are using the technology, and you may need to apply critical thinking skills to its applications in this scenario. 2. Use Microsoft Word and APA formatting. Consult your copy of the Publication Manual of the American Psychological Association, sixth edition, as well as the resources in Doc Sharing if you have questions (e.g., margin size, font type and size (point), use of third person, etc.). Take NR360 INFORMATION SYSTEMS IN HEALTHCARE NR360 We Can But Dare We.docx Revised 5 ‐ 9 ‐ 16 DA/LS/psb 07.14.16 2 advantage of the writing service SmartThinking, which is accessed by clicking on the link called the Tutor Source, found under the Course Home area. 3. The length of the paper should be four to five pages, excluding the title page and the reference page. Limit the references to a few key sources (minimum of
three required). 4. The paper will contain an introduction that catches the attention of the reader, states the purpose of the paper, and provides a narrative outline of what will follow (i.e., the assignment criteria). 5. In the body of the paper, discuss the scenario in relation to HIPAA, legal, and other regulatory requirements that apply to the scenario and the ending you chose. Demonstrate support from sources of evidence (references) included as in‐text citations. 6. Choose and identify one of the four possible endings provided for the scenario, and construct your paper based on its implications to the scenario. Make recommendations about what should have been done and what could be done to correct or mitigate the problems caused by the scenario and the ending you chose. Demonstrate support from sources of evidence (references) included as in‐text citations. 7. Present the advantages and disadvantages of using smartphones and social media in healthcare and describe professional and ethical principles to the appropriate use of this technology, based
on facts from supporting sources of evidence, which must be included as in‐text citations. 8. The paper’s conclusion should summarize what you learned and make reflections about them to your practice. 9. Use the “Directions and Assignment Criteria” and “Grading Rubric” below to guide your writing and ensure that all components are complete. 10. Review the section on Academic Honesty found in the Chamberlain Course Policies. All work must be original (in your own words). Papers will automatically be submitted to TurnItIn when submitted to the Dropbox. 11. Submit the completed paper to the “We Can, but Dare We?” Dropbox by the end of Week 3. Please refer to the Syllabus for due dates for this assignment. For online students, please post questions about this assignment to the weekly Q & A Forums so that the entire class may view the answers.
Preparing for the Assignment BACKGROUND Healthcare is readily embracing any technology to improve patient outcomes, streamline operations, and lower costs, but we must also consider the impact of such technology on privacy and patient care. This technology includes the use of social media applications, such as Facebook, Instagram, MySpace, Twitter, and LinkedIn on smartphones. NR360 INFORMATION SYSTEMS IN HEALTHCARE NR360 We Can But Dare We.docx Revised 5 ‐ 9 ‐ 16 DA/LS/psb 07.14.16 3 In healthcare today, smartphones are widely used for communication, efficiency, and care. Obviously, a variety of issues (ethical, professional, and legal) from both the personal and hospital perspectives must be considered. SCENARIO You are a nurse in the emergency room, working the Friday 7 p.m. to 7 a.m. shift, and your evening has been filled with the usual mix of drunken belligerent teens, wailing babies, chronic obstructive
pulmonary disease (COPD) exacerbations, falls, fractures, and the routine, regular congestive heart failure (CHF) patients. Your best friend is texting you from the concert that you had to miss tonight because you were scheduled to work, and you respond to her between care of patients, jealous that she is there and you are not. “What a jerk to torture me like this!” you think to yourself. It is now 2 a.m., and the medics radio once again, notifying you of an incoming motor vehicle accident victim, ETA of 5 minutes. You sigh and opt to use the restroom, rather than getting that much‐needed cup of coffee, and prepare a room for your next patient. The medics roll in and begin to fill you in. The patient is a 28‐year‐old male, a passenger on a bus that was involved in a crash, leaving the vehicle overturned after rolling over an embankment. There were several fatalities among the bus passengers, and “this victim has remained unconscious, though his vitals are currently” . . . and as you start to focus on the patient, you take a second look. Can it be? It is! The lead singer, Jerod, from the band “Blue Lizards,” who you have adored since you first heard his voice! The band had just left the concert that
you had missed last evening when the accident occurred. You quickly text your best friend . . . “Can you believe?” and she responds with “Yeah, right. PROVE IT.” So you quickly snap a picture with your smartphone, when alone with the patient, and send it to her. Can’t hurt, right? Celebrities are “public property,” and that’s a part of their life, right? Just for good measure, you snap a few more pictures of the unconscious singer in various stages of undress and then a shot of his home address, phone number, and demographic information from his electronic health record. You sit your phone down on the bedside table for a minute as you continue your assessment of the patient. At 7:00 a.m., you drag your tired body home and straight to bed after a long but eventful night. What happens next? Choose an ending to the scenario, and construct your paper based on those reflections: 1. You are the following nurse on the day shift and discover the night nurse’s phone on the bedside table. While trying to figure out to whom it belongs, you open the phone and see the
photographs taken the night before. Holy moly! What a find, and nobody could trace you to the photos. 2. You receive a call from the gossip paper the Gossip Gazette, offering you $20,000 for the photos you have taken (courtesy of your best friend). Your identity would never be revealed, and you desperately need a new car and are behind on some bills. 3. You go on Facebook, on your day off, and talk about the night you had at work and how you didn’t really feel as bad having to miss the concert, because you actually got to meet Jerod in person and even “Got his number!” You then post a picture of Jerod on Facebook and NR360 INFORMATION SYSTEMS IN HEALTHCARE NR360 We Can But Dare We.docx Revised 5 ‐ 9 ‐ 16 DA/LS/psb 07.14.16 4 Instagram, figuring that most of your contacts would never recognize him anyway. It’s your day off and your personal time, so no harm, no foul, right?
4. You receive a message the next morning from a peer at work that there is a big investigation being conducted at work due to a HIPAA violation and that it involved a celebrity who had been admitted to the hospital. The word is that legal action is being taken against the hospital due to some photos that were sold to the Gossip Gazette. Knowing that the photo you sent is safe with your best friend, you reach for your smartphone, but it is nowhere to be found. NR360 INFORMATION SYSTEMS IN HEALTHCARE NR360 We Can But Dare We.docx Revised 5 ‐ 9 ‐ 16 DA/LS/psb 07.14.16 5 Directions and Assignment Criteria Assignment Criteria Points % Description Introduction 40 points 40 17%
Catches the attention of the reader States the purpose of the paper Provides a narrative outline of the paper (i.e., the assignment criteria). HIPAA, Legal, & Regulatory Discussion 40 points 40 17% Discussion the following as they apply to the use of cellphones and social media in healthcare: o HIPAA/regulatory requirements o Other legal requirements appropriate to the use of this technology Demonstrate support from sources of evidence included as in‐text citations. Scenario Ending & Recommendations 50 points 50 21% Choose and identify one of the four possible endings provided for the scenario. Make recommendations about what should have been done and what could be done to correct or mitigate
the problems caused by the scenario and the ending you chose. Demonstrate support from sources of evidence included as in‐text citations. Advantages and Disadvantages 50 points 50 21% Discuss at least two (2) advantages and two (2) disadvantages of using smartphones and social media in healthcare Describe professional and ethical principles to the appropriate use of this technology Demonstrate support from sources of evidence included as in‐text citations. Conclusion and Reflections 30 points 30 12% Summarize what you learned Make reflections about lessons learned to your practice. Scholarly Writing and APA
Format 30 points 30 12% Title page, running head, & page numbers are correct. Use Microsoft Word and APA (6th ed.) formatting Length is 4‐5 pages (excludes title & reference pages). At least 3 references are used, listed in APA format References match in text citations in APA format Spelling, grammar, & mechanics are correct. Total 240 100% NR360 INFORMATION SYSTEMS IN HEALTHCARE NR360 WECANBUTDAREWE Guidelines.docxRevised 05 /09/ 18 DA SME/psb 07.14.16 6 Grading Rubric Assignment Criteria Outstanding or Highest Level
of Performance A (92–100%) Very Good or High Level of Performance B (84–91%) Competent or Satisfactory Level of Performance C (76–83%) Poor, Failing or Unsatisfactory Level of Performance F (0–75%) Introduction 40 points The student catches the reader’s attention, states the paper’s purpose, and provides a narrative outline of the paper’s body.
35–40 points One of the following is missing or inadequate: attention‐catching statement(s), paper’s purpose, or a narrative outline of the paper’s body. 30–34 points Two of the following are missing or inadequate: attention‐catching statement(s), paper’s purpose, or a narrative outline of the paper’s body. 26–29 points Three of the following are missing or inadequate: attention‐catching statement(s), paper’s purpose, or a narrative outline of the paper’s body. 0–25 points HIPAA, Legal, & Regulatory
Discussion 40 points The discussion of the following as they apply to the use of cellphones and social media in healthcare, is thoroughly addressed: • HIPAA/regulatory requirements • Other legal requirements appropriate to the use of this technology Demonstrated support from sources of evidence included as intext citations. 35–40 points The discussion of the following as they apply to the use of cellphones and social media in healthcare, is lacking in one or more component: • HIPAA/regulatory requirements • Other legal requirements appropriate to the use of this technology
or Support is not demonstrated adequately from sources of evidence included as in‐text citations. 30–34 points The discussion of the following as they apply to the use of cellphones and social media in healthcare, is lacking in one or more component: • HIPAA/regulatory requirements • Other legal requirements appropriate to the use of this technology and Support is not demonstrated adequately from sources of evidence included as in‐text citations. 26–29 points The discussion of the following as they apply to the use of cellphones and social media in healthcare, is lacking both components: • HIPAA/regulatory requirements • Other legal requirements
appropriate to the use of this technology and Support is not demonstrated adequately from sources of evidence included as in‐text citations. 0–25 points NR360 INFORMATION SYSTEMS IN HEALTHCARE NR360 WECANBUTDAREWE Guidelines.docxRevised 05 /09/ 18 DA SME/psb 07.14.16 7 Scenario Ending & Recommendations 50 points Included all of the following elements sufficiently: • Identify one of the four possible endings provided for the scenario. Included all of the following elements but did not develop at least one area substantively :
• Identify one of the four possible endings provided for the scenario. Included all of the following elements but did not develop at two or more area substantively : • Identify one of the four possible endings provided for the scenario. Did not included the following elements substantively : • Identify one of the four possible endings provided for the scenario. • Made recommendations about what should have been done. • Made recommendations about what could be done to correct or mitigate the problems caused by the scenario and the ending chosen. • Demonstrated support from sources of evidence included as intext citations.
45‐50 points • Made recommendations about what should have been done. • Made recommendations about what could be done to correct or mitigate the problems caused by the scenario and the ending chosen. Or • Did not demonstrated support from sources of evidence included as in‐text citations. 40‐44 points • Made recommendations about what should have been done. • Made recommendations about what could be done to correct or mitigate the problems caused by the scenario and the ending chosen. Or • Did not demonstrated support from sources of evidence included as in‐text citations. 36‐39 points • Made recommendations about what should have been done.
• Made recommendations about what could be done to correct or mitigate the problems caused by the scenario and the ending chosen. Or • Did not demonstrated support from sources of evidence included as in‐text citations. 0‐35 points NR360 INFORMATION SYSTEMS IN HEALTHCARE NR360 WECANBUTDAREWE Guidelines.docxRevised 05 /09/ 18 DA SME/psb 07.14.16 8 Advantages and Disadvantages 50 points Met all of the following criteria: • Discussed at least two (2) advantages and two (2) disadvantages of using smartphones and social media in healthcare • Described professional and
ethical principles to the appropriate use of this technology • Demonstrated support from sources of evidence included as intext citations. 45‐50 points Did not meet one of the following criteria: • Discussed at least two (2) advantages and two (2) disadvantages of using smartphones and social media in healthcare • Described professional and ethical principles to the appropriate use of this technology • Demonstrated support from sources of evidence included as intext citations. 40‐44 points Did not meet two or more of the following criteria: • Discussed at least two (2) advantages and two (2) disadvantages of using smartphones and social media in healthcare • Described professional and ethical principles to the appropriate use of this technology • Demonstrated support from
sources of evidence included as intext citations. 36—39 points Did not meet Three or more of the following criteria: • Discussed at least two (2) advantages and two (2) disadvantages of using smartphones and social media in healthcare • Described professional and ethical principles to the appropriate use of this technology • Demonstrated support from sources of evidence included as intext citations. 0‐35 points Conclusion and Reflections 30 points Met the following criteria substantively: • Summarized what you learned • Made reflections about lessons learned to your practice. 25‐30 points Did not meet at least one of the
following criteria substantively: • Summarize what you learned • Make reflections about lessons learned to your practice. 20‐24 points Did not meet either of the following criteria substantively: • Summarize what you learned • Make reflections about lessons learned to your practice. 16‐19 points Did not include a formal conclusion paragraph 0–15 points Scholarly Writing and APA Format 30 points The following points
• 6 points are achieved by successful implementation of each scholarly writing/APA element: Title page, running head, & page numbers are correct. • 4 points Use Microsoft Word and APA (6th ed.) formatting • 2 point Length is 4‐5 pages (excludes title & reference pages). • 6 points At least 3 references are used, listed in APA format • 6 points References match in text citations in APA format NR360 INFORMATION SYSTEMS IN HEALTHCARE NR360 WECANBUTDAREWE Guidelines.docxRevised 05 /09/ 18 DA SME/psb 07.14.16 9 • 4 points Spelling/mechanics & grammar are correct. • 2 point Scholarly writing style is used Total Points Possible = /240 Points
Risk and Threat Assessment Report Anthony WolfBSA 5.docx

More Related Content

DOCX
Risk and Threat Assessment Report Anthony WolfBSA 5.docx
joellemurphey
 
PPTX
Security Environment in Online Systems and Issues
Arnav Chowdhury
 
PPTX
crisc_wk_5.pptx
dotco
 
PPTX
Chapter-2 (1).pptx
PaulaRodalynMateo1
 
PDF
Incident Response
MichaelRodriguesdosS1
 
PDF
ADAM ADLER MIAMI
AdamAdler10
 
PPT
Software Security Engineering
Muhammad Asim
 
PPT
Software security engineering
aizazhussain234
 
Risk and Threat Assessment Report Anthony WolfBSA 5.docx
joellemurphey
 
Security Environment in Online Systems and Issues
Arnav Chowdhury
 
crisc_wk_5.pptx
dotco
 
Chapter-2 (1).pptx
PaulaRodalynMateo1
 
Incident Response
MichaelRodriguesdosS1
 
ADAM ADLER MIAMI
AdamAdler10
 
Software Security Engineering
Muhammad Asim
 
Software security engineering
aizazhussain234
 

Similar to Risk and Threat Assessment Report Anthony WolfBSA 5.docx (20)

PPTX
FROM STRATEGY TO ACTION - Vasil Tsvimitidze
DataExchangeAgency
 
PDF
Securing Internet Payment Systems
Domenico Catalano
 
PPT
Need for security
University of Central Punjab
 
PDF
Unit 3B.pdf
TuhinUtsabPaul
 
DOCX
Ethical and security issues on MIS inte 322 assignment.docx
GogoOmolloFrancis
 
PPTX
Module 1Introduction to cyber security.pptx
Skippedltd
 
PDF
Sept 2012 data security & cyber liability
DFickett
 
PDF
Why is cyber security a disruption in the digital economy
Mark Albala
 
PPTX
Understanding the security_organization
Dan Morrill
 
PDF
Information Security
Madushan Sandaruwan
 
PPTX
Information Security Lecture One for Basic
hassankhan978073
 
PDF
E-Commerce Security Workable Attacks Againest E-Commerce
abe8512000
 
PPT
Security Compliance Web Application Risk Management
Marco Morana
 
PPTX
Security and control in mis
Gurjit
 
PPTX
[DSBW Spring 2009] Unit 08: WebApp Security
Carles Farré
 
PDF
Module 4.pdf
Sitamarhi Institute of Technology
 
PDF
Module 4 Cyber Security Vulnerabilities& Safe Guards
Sitamarhi Institute of Technology
 
PPTX
CyberSecurity Threats in the Digital Age(1).pptx
zainchaudary496
 
PPTX
Lesson 3 - Cybersecurity and its impact to e-commerce (32).pptx
Omar Fernandez
 
PDF
Cyber Security Threats | Cyberroot Risk Advisory
CR Group
 
FROM STRATEGY TO ACTION - Vasil Tsvimitidze
DataExchangeAgency
 
Securing Internet Payment Systems
Domenico Catalano
 
Need for security
University of Central Punjab
 
Unit 3B.pdf
TuhinUtsabPaul
 
Ethical and security issues on MIS inte 322 assignment.docx
GogoOmolloFrancis
 
Module 1Introduction to cyber security.pptx
Skippedltd
 
Sept 2012 data security & cyber liability
DFickett
 
Why is cyber security a disruption in the digital economy
Mark Albala
 
Understanding the security_organization
Dan Morrill
 
Information Security
Madushan Sandaruwan
 
Information Security Lecture One for Basic
hassankhan978073
 
E-Commerce Security Workable Attacks Againest E-Commerce
abe8512000
 
Security Compliance Web Application Risk Management
Marco Morana
 
Security and control in mis
Gurjit
 
[DSBW Spring 2009] Unit 08: WebApp Security
Carles Farré
 
Module 4.pdf
Sitamarhi Institute of Technology
 
Module 4 Cyber Security Vulnerabilities& Safe Guards
Sitamarhi Institute of Technology
 
CyberSecurity Threats in the Digital Age(1).pptx
zainchaudary496
 
Lesson 3 - Cybersecurity and its impact to e-commerce (32).pptx
Omar Fernandez
 
Cyber Security Threats | Cyberroot Risk Advisory
CR Group
 
Ad

More from malbert5 (20)

DOCX
Revista de Asisten] Social, anul X, nr. 12011, 25-33 25.docx
malbert5
 
DOCX
Risk Breakdown Structure SUBURBAN HOMES CONSTRUCTION PRO.docx
malbert5
 
DOCX
Rewriting the rules for the digital age2017 Deloitte Global .docx
malbert5
 
DOCX
Revising Organizational CultureRecently it was announced tha.docx
malbert5
 
DOCX
Risk Factors for Heart DiseaseWhat are the risk factors for he.docx
malbert5
 
DOCX
Risk Factors for Child Maltreatment Types of Maltr.docx
malbert5
 
DOCX
Risk involves uncertainty, the lack of knowledge of future event.docx
malbert5
 
DOCX
Risk and Resistance Risk Acceptance and Protesting Beha.docx
malbert5
 
DOCX
Rise of the Machines” Is Not a Likely FutureEvery new technolog.docx
malbert5
 
DOCX
Risk can be looked at as the effect of uncertainty on organizati.docx
malbert5
 
DOCX
Risk Assessment(50 points)Directions Use the case study t.docx
malbert5
 
DOCX
Risk and Audit Management Please respond to the following.docx
malbert5
 
DOCX
Right from the start, there have been nations, and nations have gove.docx
malbert5
 
DOCX
RIM Communication PlanMGT-550 Andrea Taylor Southern New H.docx
malbert5
 
DOCX
Riku is a 19-year-old college student. One morning, after a long nig.docx
malbert5
 
DOCX
Right to Portland Parks and Recreation Community CentersI be.docx
malbert5
 
DOCX
Rilke Letters Assignment (FINAL ESSAY) Core 110—Spring 2019 .docx
malbert5
 
DOCX
Ring Around the Rosy – Example Ring a ring orosesA pocketfu.docx
malbert5
 
DOCX
Riley Chapter 17) Differentiate among the three internatio.docx
malbert5
 
DOCX
Rigoberta Menchu calls her recounting of her life to Elisabeth Burgo.docx
malbert5
 
Revista de Asisten] Social, anul X, nr. 12011, 25-33 25.docx
malbert5
 
Risk Breakdown Structure SUBURBAN HOMES CONSTRUCTION PRO.docx
malbert5
 
Rewriting the rules for the digital age2017 Deloitte Global .docx
malbert5
 
Revising Organizational CultureRecently it was announced tha.docx
malbert5
 
Risk Factors for Heart DiseaseWhat are the risk factors for he.docx
malbert5
 
Risk Factors for Child Maltreatment Types of Maltr.docx
malbert5
 
Risk involves uncertainty, the lack of knowledge of future event.docx
malbert5
 
Risk and Resistance Risk Acceptance and Protesting Beha.docx
malbert5
 
Rise of the Machines” Is Not a Likely FutureEvery new technolog.docx
malbert5
 
Risk can be looked at as the effect of uncertainty on organizati.docx
malbert5
 
Risk Assessment(50 points)Directions Use the case study t.docx
malbert5
 
Risk and Audit Management Please respond to the following.docx
malbert5
 
Right from the start, there have been nations, and nations have gove.docx
malbert5
 
RIM Communication PlanMGT-550 Andrea Taylor Southern New H.docx
malbert5
 
Riku is a 19-year-old college student. One morning, after a long nig.docx
malbert5
 
Right to Portland Parks and Recreation Community CentersI be.docx
malbert5
 
Rilke Letters Assignment (FINAL ESSAY) Core 110—Spring 2019 .docx
malbert5
 
Ring Around the Rosy – Example Ring a ring orosesA pocketfu.docx
malbert5
 
Riley Chapter 17) Differentiate among the three internatio.docx
malbert5
 
Rigoberta Menchu calls her recounting of her life to Elisabeth Burgo.docx
malbert5
 
Ad

Recently uploaded (20)

DOCX
THEORY AND PRACTICE ASSIGNMENT SEMESTER MAY 2025.docx
muhammadsyahir916
 
PDF
Diabetes Mellitus , types , clinical picture, investigation and managment
AreenAManasrah
 
PPTX
Neurological complocations of systemic disease
BisratAlex2
 
PDF
FAMILY PLANNING (preventative and social medicine pdf)
RoziKhan19
 
PPTX
2025 High Blood Pressure Guideline Slide Set.pptx
Ramesh Kumar
 
PPTX
operating_systems_presentations_delhi_nc
Sagar878973
 
PDF
Laparoscopic Imaging Systems at World Laparoscopy Hospital
mohitsuren827
 
PPTX
principlesofmanagementsem1slides-131211060335-phpapp01 (1).ppt
Jeyasunitha
 
PDF
Chevening Scholarship Application and Interview Preparation Guide
Leneka Rhoden
 
PPTX
pharmaceutics-1unit-1-221214121936-550b56aa.pptx
zonuntluangimph
 
PDF
POM_Unit1_Notes.pdf Introduction to Management #mba #bba #bcom #bballb #class...
priyasinghy107
 
PDF
Disorder of Endocrine system (1).pdfyyhyyyy
[email protected]
 
PDF
CHALLENGES FACED BY TEACHERS WHEN TEACHING LEARNERS WITH DEVELOPMENTAL DISABI...
HarlynCaballero1
 
PPTX
Approach to a child with acute kidney injury
SukantaMandal26
 
PDF
Review of Related Literature & Studies.pdf
Thelma Villaflores
 
PPTX
ENGlishGrade8_Quarter2_WEEK1_LESSON1.pptx
ZaNiah1
 
PPTX
Cite It Right: A Compact Illustration of APA 7th Edition.pptx
ZeeKeZahid
 
PDF
Unleashing the Potential of the Cultural and creative industries
Claudia Lanteri
 
PPT
hemostasis and its significance, physiology
rakshasb
 
PPTX
Power Point PR B.Inggris 12 Ed. 2019.pptx
FirdaFauziah14
 
THEORY AND PRACTICE ASSIGNMENT SEMESTER MAY 2025.docx
muhammadsyahir916
 
Diabetes Mellitus , types , clinical picture, investigation and managment
AreenAManasrah
 
Neurological complocations of systemic disease
BisratAlex2
 
FAMILY PLANNING (preventative and social medicine pdf)
RoziKhan19
 
2025 High Blood Pressure Guideline Slide Set.pptx
Ramesh Kumar
 
operating_systems_presentations_delhi_nc
Sagar878973
 
Laparoscopic Imaging Systems at World Laparoscopy Hospital
mohitsuren827
 
principlesofmanagementsem1slides-131211060335-phpapp01 (1).ppt
Jeyasunitha
 
Chevening Scholarship Application and Interview Preparation Guide
Leneka Rhoden
 
pharmaceutics-1unit-1-221214121936-550b56aa.pptx
zonuntluangimph
 
POM_Unit1_Notes.pdf Introduction to Management #mba #bba #bcom #bballb #class...
priyasinghy107
 
Disorder of Endocrine system (1).pdfyyhyyyy
[email protected]
 
CHALLENGES FACED BY TEACHERS WHEN TEACHING LEARNERS WITH DEVELOPMENTAL DISABI...
HarlynCaballero1
 
Approach to a child with acute kidney injury
SukantaMandal26
 
Review of Related Literature & Studies.pdf
Thelma Villaflores
 
ENGlishGrade8_Quarter2_WEEK1_LESSON1.pptx
ZaNiah1
 
Cite It Right: A Compact Illustration of APA 7th Edition.pptx
ZeeKeZahid
 
Unleashing the Potential of the Cultural and creative industries
Claudia Lanteri
 
hemostasis and its significance, physiology
rakshasb
 
Power Point PR B.Inggris 12 Ed. 2019.pptx
FirdaFauziah14
 

Risk and Threat Assessment Report Anthony WolfBSA 5.docx

  • 1. Risk and Threat Assessment Report Anthony Wolf BSA/ 520 May 11th, 2020 Jeffery McDonough Running head: RISK AND THREAT ASSESSMENT REPORT 1 RISK AND THREAT ASSESMENT REPORT 2 Risk and Threat Assessment Report The rise of innovation and technological advancement has affected the aspects of technology in different ways. Improvement of software and operating systems gives hackers a reason to strive and develop more complex forms of overweighing security measures on those applications. Traditional application security best practices and secure coding are often recommended in protecting different applications against runtime attacks. Runtime application self-protection is an emerging application in the protection of software applications, data, and databases. The increase in attacks has triggered the development of security technology that is linked or build into an application runtime environment. Besides, database deployment is
  • 2. safeguarded by run time application self-protection that can control the execution of applications, detecting, and preventing real-time attacks. The threats and risks associated with operating systems, networks, and software systems are significant concerns to users. The internet has changed how people do their businesses. With the growth of e-commerce and other online transactions, there has been a subsequent increase in internet risk threats that are commonly occasioned by hacking and malware attacks. There are different types of e-commerce threats and might be accidental, deliberately done by perpetrators, or occur due to human error. The most prevalent threats are money theft, unprotected services, credit card fraud, hacking, data misuse, and phishing attacks. Heats associated with online transactions can be prevented or reduced by keeping the credit cards safe. Consumers/customers should be advised to avoid carrying their credit cards in their wallets since they increase the chances of misplacement. Each buyer should be cautious when using their you’re their online credit information. The advancement in technology has seen an increase in online transactions. The practice of doing business transactions via the internet is called e-commerce. Their growth has subsequently lead to the rise in internet risk threats that are commonly occasioned by hacking and malware attacks. E-commerce is the activity of conducting transactions via the internet. Internet transactions can be drawn on various technologies, including internet marketing, electronic data exchanges, automated data collection systems, electronic fund transfer, and mobile commerce. Online transaction threats occur by using the internet for unfair means with the aim of fraud, security breach, and stealing. The use of electronic payment systems has a substantial risk of fraud. It uses the identity of a customer to authorize a payment like security questions and passwords. If someone accesses a customer's password, he will gain access to his accounts and steal money or change everything and own the account. Hackers
  • 3. can use stolen credit data to make online purchases. Privacy issues are also common as the personal data for a customer could be compromised and employed in unsolicited marketing, identity theft, and spamming. System reliability is a great issue in online transactions (Kure & Islam, 2019). There are high chances of the internet service provider crashing. The e-commerce plugin could also have bugs, and the online payment system could she errors. The risk of payment conflict is commonly experienced in online transactions. Technical glitches and anomalies in electronic payment systems may result in a conflict of payment. E-cash is a paperless cash system that is commonly used in e- commerce to transfer funds anonymously. It has several threats related to it, including backdoor attacks, which give attackers unwarranted access to a system by bypassing the set authentication mechanisms. Denial of service attacks is a common security attack where attackers take actions that bare the right user from accessing the electronic device. Networks security faces a lot of threats that compromise its operations. A computer virus is a network security threat. Computer viruses are parts of software that are designed with the capacity to spread from one to another computer. These viruses are often downloaded from a particular site or sent as email attachments to infect a computer. Viruses corrupt and steal data from a computer. Rogue computer software is another threat. It is malicious software that can mislead computer users to believe that a computer virus has been installed on their computer. Adware and spyware are software that is designed to tracks the data of one's browsing habits with their consent. Data availability, integrity, and confidentiality are the primary security threat in an operating system (Mhatre, Pegna & Brdiczka 2018). Malicious and accidental destruction of data files, modification of data files, unauthorized reading databases, or data files are of concern on the security of the operating system. Malicious software or malware hijacks an operating system to perform some tasks for an attacker. Spyware, Trojans,
  • 4. and viruses are the most predominant form of malware with each operating to undermine the security controls of an operating system. Hackers turn compromised computers to zombies or bots and force them to join a network of other systems to launch large scale attacks on organizations. Software threats commonly associated with system software are malicious pieces of applications and computer code that can compromise or damage a computer and steal financial and confidential information. Antivirus programs and other comprehensive security software also aid in preventing the impacts of software threats. Bluejacking is among the software threats and is intended to share contact data to send unwanted and anonymous messages to other users. Mobile devices and their applications are also infected by viruses that spread through the mobile network. The viruses are identical to other computer viruses. Database deployment in a distributed environment enables heterogeneous or homogeneous computers to act as a computing environment. Deployment is a great concern for databases, and various challenges impede database deployment. There are both internal and external risks and threats treated to database deployment in a distributed environment. One of them is excessive database privileges. Database users may abuse the privileges in different ways, i.e., unused privilege abuse, legitimate privileges, and extreme privilege abuse. Excessive privileges in database deployment lead to unnecessary risks. This can be curbed by deploying and upholding strict accesses and privileges control policy (Visbal 2019). Company employees should not be given excessive privileges. SQL injection is an attack that occurs when malicious code is embedded in a web application and then transferred to the backend database. The SQL injection enables criminals to have unlimited access to any data that is stored in a database. The NoSQL injection targets bug data databases while the SQL injection targets the traditional databases. Database backups exposure is a common risk in database
  • 5. deployment in a distributed environment. It is always recommendable to backup a proprietary database at a defined time. The problem emerges since most of the database back up files are often left unprotected from attack leading to several security breaches that occur through database backup leaks. Database vulnerabilities and misconfigurations. This happens as most of the databases are left unprotected due to misconfiguration. Professional IT specialists and hackers use configuration parameters and default accounts to exploit database misconfigurations and vulnerabilities to attack an organization. Denial of service attack slows down as a database server and can even hide it from all users. DoS attacks can cost the victims considerable time and money. However, it doesn’t disclose the content of a database. Reference Kure, H. I., & Islam, S. (2019). Assets focus risk management framework for critical infrastructure, cybersecurity risk management. IET Cyber-Physical Systems: Theory & Applications, 4(4), 332-340.
  • 6. Mhatre, H., Pegna, D. L., & Brdiczka, O. (2018). U.S. Patent No. 10,050,985. Washington, DC: U.S. Patent and Trademark Office. Visbal, A. (2019). U.S. Patent Application No. 16/256,862. NR360 We Can But Dare We.docx Revised 5 ‐ 9 ‐ 16 DA/LS/psb 07.14.16 1 NR360 INFORMATION SYSTEMS IN HEALTHCARE Required Uniform Assignment: We Can, but Dare We? PURPOSE The purpose of this assignment is to investigate smartphone and social media use in healthcare and to apply professional, ethical, and legal principles to their appropriate use in healthcare technology. Course Outcomes This assignment enables the student to meet the following course outcomes. • CO #4: Investigate safeguards and decision‐making support tools embedded in patient care technologies and information systems to support a safe practice environment for both patients and healthcare workers. (PO 4)
  • 7. • CO #6: Discuss the principles of data integrity, professional ethics, and legal requirements related to data security, regulatory requirements, confidentiality, and client’s right to privacy. (PO 6) • CO #8: Discuss the value of best evidence as a driving force to institute change in the delivery of nursing care (PO 8) DUE DATE See Course Schedule in Syllabus. The college’s Late Assignment Policy applies to this activity. TOTAL POINTS POSSIBLE This assignment is worth a total of 240 points. Requirements 1. Research, compose, and type a scholarly paper based on the scenario described below, and choose a conclusion scenario to discuss within the body of your paper. Reflect on lessons learned in this class about technology, privacy concerns, and legal and ethical issues and addressed each of these concepts in the paper, reflecting on the use of smartphones and social
  • 8. media in healthcare. Consider the consequences of such a scenario. Do not limit your review of the literature to the nursing discipline only because other health professionals are using the technology, and you may need to apply critical thinking skills to its applications in this scenario. 2. Use Microsoft Word and APA formatting. Consult your copy of the Publication Manual of the American Psychological Association, sixth edition, as well as the resources in Doc Sharing if you have questions (e.g., margin size, font type and size (point), use of third person, etc.). Take NR360 INFORMATION SYSTEMS IN HEALTHCARE NR360 We Can But Dare We.docx Revised 5 ‐ 9 ‐ 16 DA/LS/psb 07.14.16 2 advantage of the writing service SmartThinking, which is accessed by clicking on the link called the Tutor Source, found under the Course Home area. 3. The length of the paper should be four to five pages, excluding the title page and the reference page. Limit the references to a few key sources (minimum of
  • 9. three required). 4. The paper will contain an introduction that catches the attention of the reader, states the purpose of the paper, and provides a narrative outline of what will follow (i.e., the assignment criteria). 5. In the body of the paper, discuss the scenario in relation to HIPAA, legal, and other regulatory requirements that apply to the scenario and the ending you chose. Demonstrate support from sources of evidence (references) included as in‐text citations. 6. Choose and identify one of the four possible endings provided for the scenario, and construct your paper based on its implications to the scenario. Make recommendations about what should have been done and what could be done to correct or mitigate the problems caused by the scenario and the ending you chose. Demonstrate support from sources of evidence (references) included as in‐text citations. 7. Present the advantages and disadvantages of using smartphones and social media in healthcare and describe professional and ethical principles to the appropriate use of this technology, based
  • 10. on facts from supporting sources of evidence, which must be included as in‐text citations. 8. The paper’s conclusion should summarize what you learned and make reflections about them to your practice. 9. Use the “Directions and Assignment Criteria” and “Grading Rubric” below to guide your writing and ensure that all components are complete. 10. Review the section on Academic Honesty found in the Chamberlain Course Policies. All work must be original (in your own words). Papers will automatically be submitted to TurnItIn when submitted to the Dropbox. 11. Submit the completed paper to the “We Can, but Dare We?” Dropbox by the end of Week 3. Please refer to the Syllabus for due dates for this assignment. For online students, please post questions about this assignment to the weekly Q & A Forums so that the entire class may view the answers.
  • 11. Preparing for the Assignment BACKGROUND Healthcare is readily embracing any technology to improve patient outcomes, streamline operations, and lower costs, but we must also consider the impact of such technology on privacy and patient care. This technology includes the use of social media applications, such as Facebook, Instagram, MySpace, Twitter, and LinkedIn on smartphones. NR360 INFORMATION SYSTEMS IN HEALTHCARE NR360 We Can But Dare We.docx Revised 5 ‐ 9 ‐ 16 DA/LS/psb 07.14.16 3 In healthcare today, smartphones are widely used for communication, efficiency, and care. Obviously, a variety of issues (ethical, professional, and legal) from both the personal and hospital perspectives must be considered. SCENARIO You are a nurse in the emergency room, working the Friday 7 p.m. to 7 a.m. shift, and your evening has been filled with the usual mix of drunken belligerent teens, wailing babies, chronic obstructive
  • 12. pulmonary disease (COPD) exacerbations, falls, fractures, and the routine, regular congestive heart failure (CHF) patients. Your best friend is texting you from the concert that you had to miss tonight because you were scheduled to work, and you respond to her between care of patients, jealous that she is there and you are not. “What a jerk to torture me like this!” you think to yourself. It is now 2 a.m., and the medics radio once again, notifying you of an incoming motor vehicle accident victim, ETA of 5 minutes. You sigh and opt to use the restroom, rather than getting that much‐needed cup of coffee, and prepare a room for your next patient. The medics roll in and begin to fill you in. The patient is a 28‐year‐old male, a passenger on a bus that was involved in a crash, leaving the vehicle overturned after rolling over an embankment. There were several fatalities among the bus passengers, and “this victim has remained unconscious, though his vitals are currently” . . . and as you start to focus on the patient, you take a second look. Can it be? It is! The lead singer, Jerod, from the band “Blue Lizards,” who you have adored since you first heard his voice! The band had just left the concert that
  • 13. you had missed last evening when the accident occurred. You quickly text your best friend . . . “Can you believe?” and she responds with “Yeah, right. PROVE IT.” So you quickly snap a picture with your smartphone, when alone with the patient, and send it to her. Can’t hurt, right? Celebrities are “public property,” and that’s a part of their life, right? Just for good measure, you snap a few more pictures of the unconscious singer in various stages of undress and then a shot of his home address, phone number, and demographic information from his electronic health record. You sit your phone down on the bedside table for a minute as you continue your assessment of the patient. At 7:00 a.m., you drag your tired body home and straight to bed after a long but eventful night. What happens next? Choose an ending to the scenario, and construct your paper based on those reflections: 1. You are the following nurse on the day shift and discover the night nurse’s phone on the bedside table. While trying to figure out to whom it belongs, you open the phone and see the
  • 14. photographs taken the night before. Holy moly! What a find, and nobody could trace you to the photos. 2. You receive a call from the gossip paper the Gossip Gazette, offering you $20,000 for the photos you have taken (courtesy of your best friend). Your identity would never be revealed, and you desperately need a new car and are behind on some bills. 3. You go on Facebook, on your day off, and talk about the night you had at work and how you didn’t really feel as bad having to miss the concert, because you actually got to meet Jerod in person and even “Got his number!” You then post a picture of Jerod on Facebook and NR360 INFORMATION SYSTEMS IN HEALTHCARE NR360 We Can But Dare We.docx Revised 5 ‐ 9 ‐ 16 DA/LS/psb 07.14.16 4 Instagram, figuring that most of your contacts would never recognize him anyway. It’s your day off and your personal time, so no harm, no foul, right?
  • 15. 4. You receive a message the next morning from a peer at work that there is a big investigation being conducted at work due to a HIPAA violation and that it involved a celebrity who had been admitted to the hospital. The word is that legal action is being taken against the hospital due to some photos that were sold to the Gossip Gazette. Knowing that the photo you sent is safe with your best friend, you reach for your smartphone, but it is nowhere to be found. NR360 INFORMATION SYSTEMS IN HEALTHCARE NR360 We Can But Dare We.docx Revised 5 ‐ 9 ‐ 16 DA/LS/psb 07.14.16 5 Directions and Assignment Criteria Assignment Criteria Points % Description Introduction 40 points 40 17%
  • 16. Catches the attention of the reader States the purpose of the paper Provides a narrative outline of the paper (i.e., the assignment criteria). HIPAA, Legal, & Regulatory Discussion 40 points 40 17% Discussion the following as they apply to the use of cellphones and social media in healthcare: o HIPAA/regulatory requirements o Other legal requirements appropriate to the use of this technology Demonstrate support from sources of evidence included as in‐text citations. Scenario Ending & Recommendations 50 points 50 21% Choose and identify one of the four possible endings provided for the scenario. Make recommendations about what should have been done and what could be done to correct or mitigate
  • 17. the problems caused by the scenario and the ending you chose. Demonstrate support from sources of evidence included as in‐text citations. Advantages and Disadvantages 50 points 50 21% Discuss at least two (2) advantages and two (2) disadvantages of using smartphones and social media in healthcare Describe professional and ethical principles to the appropriate use of this technology Demonstrate support from sources of evidence included as in‐text citations. Conclusion and Reflections 30 points 30 12% Summarize what you learned Make reflections about lessons learned to your practice. Scholarly Writing and APA
  • 18. Format 30 points 30 12% Title page, running head, & page numbers are correct. Use Microsoft Word and APA (6th ed.) formatting Length is 4‐5 pages (excludes title & reference pages). At least 3 references are used, listed in APA format References match in text citations in APA format Spelling, grammar, & mechanics are correct. Total 240 100% NR360 INFORMATION SYSTEMS IN HEALTHCARE NR360 WECANBUTDAREWE Guidelines.docxRevised 05 /09/ 18 DA SME/psb 07.14.16 6 Grading Rubric Assignment Criteria Outstanding or Highest Level
  • 19. of Performance A (92–100%) Very Good or High Level of Performance B (84–91%) Competent or Satisfactory Level of Performance C (76–83%) Poor, Failing or Unsatisfactory Level of Performance F (0–75%) Introduction 40 points The student catches the reader’s attention, states the paper’s purpose, and provides a narrative outline of the paper’s body.
  • 20. 35–40 points One of the following is missing or inadequate: attention‐catching statement(s), paper’s purpose, or a narrative outline of the paper’s body. 30–34 points Two of the following are missing or inadequate: attention‐catching statement(s), paper’s purpose, or a narrative outline of the paper’s body. 26–29 points Three of the following are missing or inadequate: attention‐catching statement(s), paper’s purpose, or a narrative outline of the paper’s body. 0–25 points HIPAA, Legal, & Regulatory
  • 21. Discussion 40 points The discussion of the following as they apply to the use of cellphones and social media in healthcare, is thoroughly addressed: • HIPAA/regulatory requirements • Other legal requirements appropriate to the use of this technology Demonstrated support from sources of evidence included as intext citations. 35–40 points The discussion of the following as they apply to the use of cellphones and social media in healthcare, is lacking in one or more component: • HIPAA/regulatory requirements • Other legal requirements appropriate to the use of this technology
  • 22. or Support is not demonstrated adequately from sources of evidence included as in‐text citations. 30–34 points The discussion of the following as they apply to the use of cellphones and social media in healthcare, is lacking in one or more component: • HIPAA/regulatory requirements • Other legal requirements appropriate to the use of this technology and Support is not demonstrated adequately from sources of evidence included as in‐text citations. 26–29 points The discussion of the following as they apply to the use of cellphones and social media in healthcare, is lacking both components: • HIPAA/regulatory requirements • Other legal requirements
  • 23. appropriate to the use of this technology and Support is not demonstrated adequately from sources of evidence included as in‐text citations. 0–25 points NR360 INFORMATION SYSTEMS IN HEALTHCARE NR360 WECANBUTDAREWE Guidelines.docxRevised 05 /09/ 18 DA SME/psb 07.14.16 7 Scenario Ending & Recommendations 50 points Included all of the following elements sufficiently: • Identify one of the four possible endings provided for the scenario. Included all of the following elements but did not develop at least one area substantively :
  • 24. • Identify one of the four possible endings provided for the scenario. Included all of the following elements but did not develop at two or more area substantively : • Identify one of the four possible endings provided for the scenario. Did not included the following elements substantively : • Identify one of the four possible endings provided for the scenario. • Made recommendations about what should have been done. • Made recommendations about what could be done to correct or mitigate the problems caused by the scenario and the ending chosen. • Demonstrated support from sources of evidence included as intext citations.
  • 25. 45‐50 points • Made recommendations about what should have been done. • Made recommendations about what could be done to correct or mitigate the problems caused by the scenario and the ending chosen. Or • Did not demonstrated support from sources of evidence included as in‐text citations. 40‐44 points • Made recommendations about what should have been done. • Made recommendations about what could be done to correct or mitigate the problems caused by the scenario and the ending chosen. Or • Did not demonstrated support from sources of evidence included as in‐text citations. 36‐39 points • Made recommendations about what should have been done.
  • 26. • Made recommendations about what could be done to correct or mitigate the problems caused by the scenario and the ending chosen. Or • Did not demonstrated support from sources of evidence included as in‐text citations. 0‐35 points NR360 INFORMATION SYSTEMS IN HEALTHCARE NR360 WECANBUTDAREWE Guidelines.docxRevised 05 /09/ 18 DA SME/psb 07.14.16 8 Advantages and Disadvantages 50 points Met all of the following criteria: • Discussed at least two (2) advantages and two (2) disadvantages of using smartphones and social media in healthcare • Described professional and
  • 27. ethical principles to the appropriate use of this technology • Demonstrated support from sources of evidence included as intext citations. 45‐50 points Did not meet one of the following criteria: • Discussed at least two (2) advantages and two (2) disadvantages of using smartphones and social media in healthcare • Described professional and ethical principles to the appropriate use of this technology • Demonstrated support from sources of evidence included as intext citations. 40‐44 points Did not meet two or more of the following criteria: • Discussed at least two (2) advantages and two (2) disadvantages of using smartphones and social media in healthcare • Described professional and ethical principles to the appropriate use of this technology • Demonstrated support from
  • 28. sources of evidence included as intext citations. 36—39 points Did not meet Three or more of the following criteria: • Discussed at least two (2) advantages and two (2) disadvantages of using smartphones and social media in healthcare • Described professional and ethical principles to the appropriate use of this technology • Demonstrated support from sources of evidence included as intext citations. 0‐35 points Conclusion and Reflections 30 points Met the following criteria substantively: • Summarized what you learned • Made reflections about lessons learned to your practice. 25‐30 points Did not meet at least one of the
  • 29. following criteria substantively: • Summarize what you learned • Make reflections about lessons learned to your practice. 20‐24 points Did not meet either of the following criteria substantively: • Summarize what you learned • Make reflections about lessons learned to your practice. 16‐19 points Did not include a formal conclusion paragraph 0–15 points Scholarly Writing and APA Format 30 points The following points
  • 30. • 6 points are achieved by successful implementation of each scholarly writing/APA element: Title page, running head, & page numbers are correct. • 4 points Use Microsoft Word and APA (6th ed.) formatting • 2 point Length is 4‐5 pages (excludes title & reference pages). • 6 points At least 3 references are used, listed in APA format • 6 points References match in text citations in APA format NR360 INFORMATION SYSTEMS IN HEALTHCARE NR360 WECANBUTDAREWE Guidelines.docxRevised 05 /09/ 18 DA SME/psb 07.14.16 9 • 4 points Spelling/mechanics & grammar are correct. • 2 point Scholarly writing style is used Total Points Possible = /240 Points