Why choose us?

We understand the dilemma that you are currently in of whether or not to place your trust on us. Allow us to show you how we can offer you the best and cheap essay writing service and essay review service.

IT Regulatory and Compliance Requirements

Below are the instructions given by my professor, please follow them to work on this task.
Find an article that discusses current issues regarding HIPAA, SOX or other regulations that IT
departments need to be aware of in regards to setting user domains, limitations, privileges etc. You
can also find an article that discusses a recent event involving a failure to comply.
Please provide the URL of the article and write a 2 to 3 paragraph summary giving your opinion of

what happened or should have happened.

Introduction

Every year, IT Security department face a new challenge in making predictions of
new potential threats and finding possible solutions to the same threats. Whereas there is
constant need to invest in new security controls, IT departments need to ensure compliance
audits and liabilities. Regulations such as PCI, HIPAA, SOX will continue to receive
potential breaches, IT departments, therefore, need to ensure that they conduct their internal

2Running Head: IT Regulatory and Compliance Challenges
audit and compliance reviews. More importantly is the need to ensure that log information
and setting up of analytics capabilities.

IT Regulatory and Compliance Requirements

IT Departments will need to move from the traditional defend-the-perimeter approach
to security protection as well as compliance and adopt virtualized security controls and
centralized security functions. IT managers need to continually audit their own IT
infrastructure to identify inefficiencies, redundancies as well as extra controls. They need to
streamline reporting and auditing processes while seeking to increase productivity and reduce
costs. There is need to respond quicker in the case of a security breach. Organizations need to
invest to ensure growth in cloud computing and compliance (Daudelin, 2014).
Log management needs to ensure that physical and technical safeguards, technical policies as
well as network and transmission security. IT Departments need to ensure more automation
by removing the human element to provide the increase of data reliability. There is need to
ensure that security software including firewalls, antivirus applications, intrusion and
prevention systems as well as operating systems on servers, workstations and network
equipment are secured from external attacks through log analysis. IT Departments needs to
create layers of access approvals to ensure controls and processes in access privileges
(Daudelin, 2014).

Cases of Non-Compliance with Regulations

New York and Presbyterian Hospital (NYP) and Columbia University were jointly
found culpable of violating HIPAA laws when 6,800 records of patients were inadvertently
exposed to the public. The breach happened as a result of a poorly configured computer
server that was personally owned by one of the doctors. This was a result of NYP lack of
capacity to assess and monitor all its systems, applications as well as its equipment. It was
discovered that the hospital lacked the requisite policies and procedures that authorize access

3Running Head: IT Regulatory and Compliance Challenges
to patients’ data. The two organizations were fined $4.8 million. NYP and Columbia
University could have invested time in ensuring its periodic internal audits and compliance
reviews (Kohgadai, n.d).

References

Daudelin, A., (2014, January). HIPAA, SOX & PCI: The Coming Compliance Crisis in IT
Security: New mandates around datacenter virtualization, enterprise apps, and BYOD
will stretch IT security staffs and budgets to the max in 2014.
Kohgadai, A., (n.d). HIPAA Violations Examples and Cases – 8 Cautionary Tales. Retrieved

4Running Head: IT Regulatory and Compliance Challenges

All Rights Reserved, scholarpapers.com
Disclaimer: You will use the product (paper) for legal purposes only and you are not authorized to plagiarize. In addition, neither our website nor any of its affiliates and/or partners shall be liable for any unethical, inappropriate, illegal, or otherwise wrongful use of the Products and/or other written material received from the Website. This includes plagiarism, lawsuits, poor grading, expulsion, academic probation, loss of scholarships / awards / grants/ prizes / titles / positions, failure, suspension, or any other disciplinary or legal actions. Purchasers of Products from the Website are solely responsible for any and all disciplinary actions arising from the improper, unethical, and/or illegal use of such Products.