Week 4 Lab Delphi Method Chris Wiginton
Chris Wiginton
1/19/14
IS-3110 Week 4 Lab/Homework
Health Care Risk Assessment (Delphi Method) Foremost in compiling a health care risk assessment will be to ensure all methodologies take into account compliance of the U.S. Health Insurance Portability and Accountability Act (HIPAA) of 1996. The healthcare provider must comply with the HIPAA Privacy and Security Rules in order to avoid penalties. Using the Delphi method a group of selected Subject Matter Experts (SMEs) can define the scope of the risk analysis. The SMEs will identify potential threats and vulnerabilities, determine the likelihood and impact of the threats and analyze and recommend security measures and determine risk levels. High emphasis will be placed in determining potential risks and vulnerabilities to the confidentiality, availability and integrity of all Electronic Personal Health Information (EPHI) that this office creates, receives, maintains, or transmits.
The Delphi method is a great tool for creating a risk assessment. The Delphi method will encourage the teams or groups of subject matter experts to remain anonymous if needed and provide diverse opinions based on the expertise of each individual or group. Having anonymous input will allow for controlled feedback in which the responses from the members are summarized and then given back to individuals or groups. The responses of each member are presented to every other member without identifying who provided these responses. Each member will then be asked to consider their responses in relation to the responses of everyone else. Based on this, they will be asked to respond to the subject again. This method will be used until there is a consensus.
While the Delphi method could be time consuming the outcome will provide a cohesive and well defined risk assessment. Using the Delphi method could be very beneficial for ensuring all aspects of risks and vulnerabilities have been addressed and that compliance with HIPPA guidelines is
1/19/14
IS-3110 Week 4 Lab/Homework
Health Care Risk Assessment (Delphi Method) Foremost in compiling a health care risk assessment will be to ensure all methodologies take into account compliance of the U.S. Health Insurance Portability and Accountability Act (HIPAA) of 1996. The healthcare provider must comply with the HIPAA Privacy and Security Rules in order to avoid penalties. Using the Delphi method a group of selected Subject Matter Experts (SMEs) can define the scope of the risk analysis. The SMEs will identify potential threats and vulnerabilities, determine the likelihood and impact of the threats and analyze and recommend security measures and determine risk levels. High emphasis will be placed in determining potential risks and vulnerabilities to the confidentiality, availability and integrity of all Electronic Personal Health Information (EPHI) that this office creates, receives, maintains, or transmits.
The Delphi method is a great tool for creating a risk assessment. The Delphi method will encourage the teams or groups of subject matter experts to remain anonymous if needed and provide diverse opinions based on the expertise of each individual or group. Having anonymous input will allow for controlled feedback in which the responses from the members are summarized and then given back to individuals or groups. The responses of each member are presented to every other member without identifying who provided these responses. Each member will then be asked to consider their responses in relation to the responses of everyone else. Based on this, they will be asked to respond to the subject again. This method will be used until there is a consensus.
While the Delphi method could be time consuming the outcome will provide a cohesive and well defined risk assessment. Using the Delphi method could be very beneficial for ensuring all aspects of risks and vulnerabilities have been addressed and that compliance with HIPPA guidelines is