COMPREHENSIVE MEDICAL SERVICES “CMS”, is a highly advanced teaching and research hospital and medical facility that has gained notoriety around the world for its cutting edge technology and its high success rate in treating critically ill and severely burned patients. Currently there are three “branches” or “facilities” in the United States, located in Los Angeles, Saint Louis and Boston. Patients come from all around the world to receive treatment at one of the three CMS facilities and hospitals. The existing facilities share information between them. If for example a patient presents for treatment at the Boston facility on one visit, his medical providers and account representatives will have access to his personally identifiable information, prior medical diagnosis and treatment records, insurance, billing and payment history in real time regardless of which of the other facilities he has treated at previously. CMS is expanding its serves and will open a fourth facility in the southern United States. To that end, CMS as purchased a 10-acre tract of land just outside the city limits of Galveston, Texas. Other than purchasing the land and retaining an architect, CMS is still in the planning phase. It is CMS’s intention to erect what will most likely be a 10 story structure in which CMS expects to house the hospital facility, doctor’s offices, outpatient surgery center, administrative offices, management services which will include insurance, accounting (accounts payable and receivable included), loading docks for shipping and receiving, multiple parking facilities, and a data center. Your team has been hired by COMPREHENSIVE MEDICAL SERVICES “CMS” to analyze and design a complete access control model for its new facility located in Galveston, Texas. The new Galveston facility should share information with the other three facilities, so that the patient information will be available in real time regardless of which facility the patient presents for treatment. Medical teams at all four facilities should be able to review the patients records and collaborate on the best course of treatment for it patients. The complete access control model that you develop should be written in narrative form using the APA format. Please use ample subsections or subheading as appropriate. Your paper should have a 1-in margin on top, bottom, left and right margins. The paper should be double spaced. Use a cover page with a title, and the name of each team member who contributed to your project/paper. Each page should have a page number in the bottom right margin. The paper should also include a table of contents, that include subject headings, subheadings or subtopics, references or sources, and illustrations as well as page numbers for each. For each major area or section of your model, which you will explain and justify in your paper, you should identify the options you considered in the form of a null and alternative hypothesis. Discuss the alternatives you considered, giving pros and cons of each, and prove information from the research you conducted that assisted you in arriving at your conclusion, or in establishing your hypothesis as to why one alternative was selected over another. You MUST cite the sources for your research any time you make reference to your research, whether that be through direct quotations or in summary. Your work should include no fewer than five (5) sources. In addition to the written research paper that you will use to “sell” CMS on the access control model that you developed, when you present or “pitch” your model to CMS (and the rest of the class) you will use audio visual aids in the form of a Power Point presentation. Also use schematic diagrams, drawings, tables and illustrations where appropriate. For all diagrams, drawings, illustrations, and tables that you use or reference in your oral presentation and Power Point slides, please also include the same visual aids in the appendix of your written paper. Your access control model should include, but is not limited to a discussion of the following:
1. The different types of computing systems and networks that you anticipate will be necessary and the types of databases stored on each network.
2. The types of users you anticipate for your different systems and networks.
3. Which users, if any, will have remote access to the systems.
4. What nature and extent of security that will be necessary for each of the systems or networks that you identify, including a discussion of things such as necessary firewalls.
5. For each or type of user identified which of the systems, databases, networks, and/or classes or types of information or data they will have access to. Include an explanation of why they do or do not have access to certain systems, networks, databases and types of information.
6. For each type or class of users discuss the type(s) and layer(s) of authentication that will be required, discussing the options available and why you made the authentication decision that you selected. Consider and discuss the logical access controls for your subjects as well as authentication factors.
7. Discuss the privileges that will be assigned to users, classes of users or types of users for each of your systems, networks and/or databases. Consider and discuss group access controls.
8. Discuss the classification schemes of information that will reside on your networks, systems and/or databases and explain the security classifications for each. Include how and when information may possibly be declassified.
Need help with this assignment or a similar one? Place your order and leave the rest to our experts!