A Framework for Evaluation of Risk Management Models for HIPAA Compliance for Electronic Personal Health Information used by Small and Medium Businesses using Cloud Technologies
| dc.access.option | Open Access | |
| dc.contributor.advisor | Lesko, Charles J. Jr. | |
| dc.contributor.author | Luna, Raymond Brett | |
| dc.contributor.department | Technology Systems | |
| dc.date.accessioned | 2018-08-14T14:19:51Z | |
| dc.date.available | 2018-08-14T14:19:51Z | |
| dc.date.created | 2018-08 | |
| dc.date.issued | 2018-07-18 | |
| dc.date.submitted | August 2018 | |
| dc.date.updated | 2018-08-09T20:00:17Z | |
| dc.degree.department | Technology Systems | |
| dc.degree.discipline | MS-Network Technology | |
| dc.degree.grantor | East Carolina University | |
| dc.degree.level | Masters | |
| dc.degree.name | M.S. | |
| dc.description.abstract | Our societal quest for collaboration and openness has always been in direct conflict with our desire to maintain our personal privacy. Those conflicting goals are more prominent than ever for healthcare, due to its rapid Digital Transformation and coupled with risk related to the exploitation of Protected Health Information (PHI) that is processed on cloud-based technologies by healthcare Small and Midsize Businesses (SMB). Healthcare SMBs are at higher risk because they often have limited resources to identify and assess risk. This study focused on this issue through an exploratory inquiry using survey statistics, scholarly research, regulatory requirements, and best practices to develop a framework that can be used by healthcare SMBs to evaluate and select a risk assessment model. As illustrated in this study, the selected model can be leveraged to identify and assess risk associated with PHI that is processed in the cloud. This study included four key phases: confirmation of risk for PHI in the cloud, an investigation of HIPAA requirements and best practices for risk assessment, an evaluation of risk assessment models, and a risk assessment model selection process. As a result, healthcare SMB entities with limited resources can improve their ability to achieve HIPAA compliance through risk assessment and contribute to improvements for the overall patient care experience. | |
| dc.format.mimetype | application/pdf | |
| dc.identifier.uri | http://hdl.handle.net/10342/6940 | |
| dc.language.iso | en | |
| dc.publisher | East Carolina University | |
| dc.subject | Business Associates | |
| dc.subject | Covered Entities | |
| dc.subject | Data Breach | |
| dc.subject | Defense in Depth (DiD) | |
| dc.subject | Electronic Protected Health Information (ePHI) | |
| dc.subject | Healthcare Stakeholders | |
| dc.subject | HIPAA | |
| dc.subject | HIPAA Privacy Rule | |
| dc.subject | HIPAA Security Rule | |
| dc.subject | Internet of Things (IoT) | |
| dc.subject | Protected Health Information (PHI) | |
| dc.subject | Risk Analysis | |
| dc.subject | Risk Factor | |
| dc.subject | Risk Management | |
| dc.subject | Small and Midsize Business (SMB) | |
| dc.subject | SMBE&A | |
| dc.subject.lcsh | Computer security | |
| dc.subject.lcsh | Cloud computing | |
| dc.subject.lcsh | Risk assessment | |
| dc.subject.lcsh | Small business--Information technology | |
| dc.title | A Framework for Evaluation of Risk Management Models for HIPAA Compliance for Electronic Personal Health Information used by Small and Medium Businesses using Cloud Technologies | |
| dc.type | Master's Thesis | |
| dc.type.material | text |
Files
Original bundle
1 - 1 of 1
Loading...
- Name:
- LUNA-MASTERSTHESIS-2018.pdf
- Size:
- 4.51 MB
- Format:
- Adobe Portable Document Format