Assessment 4 Instructions: Recommendations and Action Plans

Prepare a final risk report (5-7 pages) that identifies privacy and security-related risks from throughout the quarter.
Include evidence-based recommendations; action plans; and best practices, policies, and procedures to support the
recommendations and action plans.
Throughout this course you have examined health care’s legal landscape, considering security and privacy
safeguards set forth by the Health Insurance Portability and Accountability Act (HIPAA). The HIPAA standards
protect the security and privacy of health information. Health care organizations are responsible to ensure proper
controls are in place to make data available, but also to protect patients. Privacy and security violations must be
identified; preventive policies and procedures need to be put in place to mitigate risks related to those violations.
Health care organizations often use risk reports to identify, assess, and monitor risks throughout the organization.
In this final assessment, the risk management director has asked you compile a report based on all of your findings
throughout the quarter. The director has an executive meeting with various stakeholders and would like to discuss
recent risk issues identified throughout the hospital. In addition to identifying the risks, you will also make evidencebased recommendations and develop action items for identified privacy and security risks.

Demonstration of Proficiency
By successfully completing this assessment, you will demonstrate your proficiency in the course competencies
through the following assessment scoring guide criteria:
Competency 3: Analyze the relationship between privacy and security in health care.
Create evidence-based recommendations to avoid privacy and security violations identified in audit
results.
Competency 4: Analyze legal and ethical implications related to Health Information Management.
Develop action plans to accompany recommendations.
Describe best practices, policies, and procedures that directly support the recommendations and
action plans.
Summarize the use of HIPAA standards and legal and ethical implications relating to the
recommendations and action plans.
Competency 5: Communicate effectively in a professional and ethical manner.
Create a clear, well-organized, professional final risk report that is generally free of errors in grammar,
punctuation, and spelling.
Follow APA style and formatting guidelines for citations and references.
Preparation
To successfully prepare to complete this final course assessment:
Review these three Vila Health media pieces:
Vila Health: Identifying Risks.
Vila Health: Privacy.
Course Navigation 
Tutorials Support Log Out Angelica Albert 20
11/16/22, 10:34 PM Assessment 4 Instructions: Recommendations and Action Plans &…
https://courserooma.capella.edu/webapps/blackboard/content/listContent.jsp?course_id=_382399_1&content_id=_11780330_1 2/3
Vila Health: Security.
Review your three previous assessments:
Assessment 1: You prepared a SWOT analysis focused on privacy and security-related issues.
Assessment 2: You developed a release of patient information compliance checklist for hospital staff
members to follow.
Assessment 3: You wrote a security report that identified potential security and technical safeguard
violations in Valley City Regional Hospital’s audit report. Your security report included evidence-based
recommendations to address these potential violations and prevent them from occurring in the future.
Based on the content presented in these media pieces and the work you completed in your previous assessments,
you will compile evidence-based recommendations; action plans; and best practices, policies, and or procedures to
remedy the privacy and security issues that have surfaced at Valley City Regional Hospital.
Instructions
In this final assessment, the risk management director has asked you to compile a final risk report based on all of
your findings related to privacy and security. The director has an executive meeting with various stakeholders and
would like to share the recent risk issues identified throughout the hospital. In addition to identifying the risks, you
will also make evidence-based recommendations and develop action items for the identified privacy and security
related risks.
Download the Final Risk Report Template and use it to complete your assessment. Follow these guidelines when
completing your final risk report template:
Introduction (1 to 2 paragraphs)
The point of the introduction is to orient the reader to the information presented in the final risk
report.
Summarize the main types of risks identified at Valley City Regional Hospital.
Summarize the mains types of recommendations; action plans; and best practices, policies, and
procedures provided.
Consider including a brief explanation of the differences among recommendations; action plans; and
best practices, policies, and procedures.
Identified Privacy or Security Risk (Column 1)
In Column 1 you will create a master list of the privacy and security risks you uncovered throughout the
quarter.
Consider grouping the privacy risks together and the security risks together.
Evidence-Based Recommendations (Column 2)
In Column 2 enter your evidence-based recommendations to address the identified risk and prevent it
from occurring in the future.
Include three recommendations for each identified risk.
Action Plans (Column 3)
In Column 3 enter the action plans associated with each recommendation.
Include three action plans for each recommendation. This will be a total of nine action plans for each
identified risk.
Best Practices, Policies, and/or Procedures to Support Recommendations and Actions Plans (Column 4)
Pay attention to the distinctions among recommendations; action plans; and best practices, policies,
and/or procedures when constructing your plan.
Recommendations indicate what must be done.

Home

Action plans show how it must be done.
Best practices, policies, and/or procedures outline how, by whom, and in which settings and
circumstances the recommendations and action plans will be put into effect.
Summary (1 to 2 paragraphs)
11/16/22, 10:34 PM Assessment 4 Instructions: Recommendations and Action Plans &…
https://courserooma.capella.edu/webapps/blackboard/content/listContent.jsp?course_id=_382399_1&content_id=_11780330_1 3/3
Briefly summarize the use of HIPAA standards and legal and ethical implications relating to the
recommendations and action plans.
Help Valley City Regional Hospital prioritize the most critical recommendations to implement first.
Provide the rationale for your prioritization and substantiate your rationale with references to current,
scholarly, and/or authoritative sources.
Additional Requirements
Format: Complete your assessment using the Final Risk Report Template provided. Use Times Roman, 12-
point type.
Length: 5 to 7 pages.
References: Follow APA style and formatting guidelines for citations and references. Include a separate works
cited page for your references. For an APA refresher, consult this resource: APA Style and Format.
Writing: Create a clear, well-organized, professional final risk report that is generally free of errors in
grammar, punctuation, and spelling.