Describe the concepts of privacy and security as applied to the EHR.
Description should include
- regulatory frameworks
- risk management
- authentication and authorization
- user passwords
- portable devices (e.g., mobile phones, iPads, Google watches)
- physical security of systems
- malware.
Process/Skill Questions:
- What are the goals and focus of the risk management department?
- What is the difference between authentication and authorization?
- What is malware? What are some common examples?
- What constitutes a portable device?
- What makes a strong password?