Briefly review the sample privacy and security policies from the following three highly recognized
healthcare organizations:

1. Managing Information Privacy & Security: Beth Israel Deaconess Medical Technology Resources Policy
(2007) (see attached reference material)

2. Managing Information Privacy & Security: Mayo Foundation (2002) (see attached reference material)

3. Managing Information Privacy & Security: Georgetown University Medical Centers (2007) (see attached
material)

Please focus on the similarities and differences among them. Addresses and answers the following
questions/requirements:

1. What are the obvious themes common among each organization’s policies?
2. Do any of the policies differ significantly between organizations? If so, how?
3. Identify what key security principles and elements you feel are most important and describe why.
.

Information Sensitivity and Protection of Data

For this Module please complete the following tasks.

1. In your opinion, how well developed are your organization’s information security policies? (Organization: US Naval Hospitals)
2. Describe policies and measures used by your organization to ensure confidentiality, availability and reliability of data and information. (Organization: US Naval Hospitals)
3. Describe how the organization could (or does) protect from the loss its data. What steps could (or do) they take to make sure that data remains accessible in the event of a catastrophic event such as a fire or other natural disaster? (Organization: US Naval Hospitals)
4. What things do you think your organization could do to further enhance information security? (Organization: US Naval Hospitals)

Information Sensitivity and Protection of Data

For this Module please complete the following tasks.

1. In your opinion, how well developed are your organization’s information security policies? (Organization: US Naval Hospitals)
2. Describe policies and measures used by your organization to ensure confidentiality, availability and reliability of data and information. (Organization: US Naval Hospitals)
3. Describe how the organization could (or does) protect from the loss its data. What steps could (or do) they take to make sure that data remains accessible in the event of a catastrophic event such as a fire or other natural disaster? (Organization: US Naval Hospitals)
4. What things do you think your organization could do to further enhance information security? (Organization: US Naval Hospitals)