The risk analysis process will identify might threats to, and vulnerabilities of, systems containing electronic protected health learning (e-PHI). The risks a viewing entity decides to address, and how the covered entity decides to address the risks, will depend on the hazard and likely impact of threats affecting the confidentiality, integrity, and/or availability of e-PHI. Threats whitethorn affect study ( selective information) and systems. The National Institute for Standards and Technology (NIST) provides information security guidance materials. NIST Special Publication (SP) 800-30, Risk perplexity Guide for Information Technology Systems categorizes threats into three common categories: Human, Natural, and Environmental. The denote below is adapted from this NIST SP and is not comprehensive, but rather a sampling of possible risk categories and associated threats. 1. Natural: Floods, earthquakes, tornadoes, landslides, avalanches, electrical storms, and other su ch events. 2.
Human: Events that are either enabled by or caused by human beings, such as unintentional acts (inadvertent data entry) or deliberate actions (network based attacks, malicious software upload, unauthorized access to confidential information). 3. Environmental: Long-term office ply failure, pollution, chemicals, and silver leakage. An example of a natural threat is the item of a hurricane. Depending on the geographic location of the entity, the likelihood of that occurrence could be low, medium, or high, and one of the risks associated with the occurrence may be that the power could fail a nd the information systems could be unavaila! ble. Based on the judgment conducted, the organization should develop a strategy to annihilate the risks associated with the authority of such a threat.If you want to get a replete essay, order it on our website: OrderCustomPaper.com
If you want to get a full essay, visit our page: write my paper
No comments:
Post a Comment