HIM 202 - Assignment 13_ System Development Life Cycle
docx
keyboard_arrow_up
School
The City College of New York, CUNY *
*We aren’t endorsed by this school
Course
205
Subject
Information Systems
Date
Jan 9, 2024
Type
docx
Pages
3
Uploaded by xxduranx333xx
1
The System Development Life Cycle (SDLC) can be described as a well structured approach towards ensuring the maintenance of a secure health information system. It is important
to execute a risk management based approach system in order to have an effective SDLC. Integrating security into the development of the system can assure the practice or facility takes the necessary steps to practice safe health information use. There are five phases that form part of the System Development Life Cycle:
1.
Initiation: This part of the cycle is when the organization establishes the need for a system to be put into action. At this part of the cycle security planning should also be considered and documented, it is important to identify key security roles. According to the National Institute of Standards & Technology “The information to be processed, transmitted, or stored is evaluated for security requirements, and all stakeholders should have a common understanding of the security considerations” (Shirley). Identifying security needs, running risk assessments, and establishing goals are all essential to this phase in the cycle; making sure all stakeholders understand privacy laws, regulatory compliance, and other HIPAA rules. 2.
Acquisition/Development: This phase is the second step in the cycle and it is when the system is designed, purchased, programmed, developed, or otherwise constructed. One very important thing to do in this phase is to conduct a risk assessment and use the results
to supplement the baseline security controls. The security architecture is designed at this phase, security plans, establishing security requirements for the information system. This phase is essential to identify potential threats and vulnerabilities within the system. 3.
Implementation/Assessment: This phase is the third of the cycle and it integrates the security measures into the SDLC, placing firewalls, antivirus, malware detector, and
2
other security programs can be done at this phase. The staff that is being trained can also begin following protocol and using what they practiced. 4.
Operations/Maintenance: In this phase it is important to constantly monitor the system and make sure that there are no discrepancies. Any new risks that appear at this stage should immediately be addressed, this ensures the proper maintenance and operations of the system being implemented. Security audits are performed at this phase, and make sure the system is adapting to the most latest standards and regulations. “Configuration Management and control activities should be conducted to document any proposed or actual changes in the security plan of the system” (Shirley). 5.
Sunset (Disposal): This last phase of the cycle involves disposing system information, hardware, and software and transitioning into the new system. It is important that this part
of the cycle also follows and practices secure measurements that do not violate patient health information. The System Development Life Cycle is an approach that makes sure health information systems are properly developed, implemented, and maintained. The security measures used in the system should have a goal of making sure the patient's health information is well protected, this is highly sensitive data and the handling of this data should comply with rules and regulations that form part of the healthcare field.
3
References
Guide for Conducting Risk Assessments - NIST. (n.d.-a). https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-30r1.pdf
. The System Development Life Cycle (SDLC) - NIST computer security ... (n.d.). https://csrc.nist.gov/CSRC/media/Publications/Shared/documents/itl-bulletin/itlbul2009-04.pdf
.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help