1. Health Information Technology (HIT) is a growing field within
health services organizations today; additionally, health
information security is a major concern among health
organizations, as they are required to maintain the security and
privacy of health information. The Department of Health and
Human Services (HHS) provides extensive information about
the Health Insurance Portability and Accountability Act
(HIPAA). Visit the HHS Website, at
www.hhs.gov/ocr/privacy
, for more information about HIPAA requirements. In March
2012, the HHS settled a HIPAA case with the Blue Cross Blue
Shield of Tennessee (BCBST) for $1.5 million. Read more
about this case at
www.hhs.gov/ocr/privacy/hipaa/enforcement/examples/bcbstagr
mnt.html
. As an IT security manager at a regional health services
organization, your CIO has asked for the following: an analysis
of this incident, an overview of the HIPAA security
requirements necessary to prevent this type of an incident, and a
briefing for management on the minimum security requirements
to be HIPAA complaint. Section1: Written Paper1. Write a three
to five (3-5) page paper in which you:
a. Describe the security issues of BCBST in regard to
confidentiality, integrity, availability, and privacy based on the
information provided in the BCBST case. b. Describe the
HIPPA security requirement that could have prevented each
security issue identified if it had been enforced.c. Analyze the
corrective actions taken by BCBST that were efficient and those
that were not adequate.d. Analyze the security issues and the
HIPAA security requirements and describe the safeguards that
the organization needs to implement in order to mitigate the
security risks. Ensure that you describe the safeguards in terms
of administrative, technical, and physical safeguards.e. Use at
least three (3) quality resources in this assignment. Note:

2. Wikipedia and similar Websites do not qualify as quality
resources.
Your written paper must follow these formatting requirements:
Be typed, double spaced, using Times New Roman font (size
12), with one-inch margins on all sides; references must follow
APA or school-specific format. Check with your professor for
any additional instructions.
Include a cover page containing the title of the assignment, the
student’s name, the professor’s name, the course title, and the
date. The cover page and the reference page are not included in
the required page length.
Section 2: PowerPoint Presentation2. Create a six to eight (6-8)
slide PowerPoint presentation in which you:
a. Provide the following on the main body slides:
i. An overview of the security issues at BCBST
ii. HIPAA security requirements that could have prevented the
incident
iii. Positive and negative corrective actions taken by BCBST
iv. Safeguards needed to mitigate the security risks
Your PowerPoint presentation must follow these formatting
requirements:
Include a title slide, four to six (4-6) main body slides, and a

3. conclusion slide.
The specific course learning outcomes associated with this
assignment are:
Summarize the legal aspects of the information security triad:
availability, integrity, and confidentiality.
Use technology and information resources to research legal
issues in information security.
Write clearly and concisely about information security legal
issues and topics using proper writing mechanics and technical
style conventions.