Assume that you have been hired as a Chief Information Security Officer (CISO) by a local healthcare organization that has no health information privacy and security policy yet

Assume that you have been hired as a Chief Information Security Officer (CISO) by a local healthcare organization that has no health information privacy and security policy yet. Thus, your first assignment is to formulate a health information privacy and security policy for the organization in accordance with the HIPAA and HITECH Privacy and Security Rules. Before the development of the privacy and security policy document, your supervisor advises you to review the HIPPA and HITECH Privacy and Security regulations the organization is required to comply with.

In this assignment, address the following:

1. Outline the specific policy you propose,

2. The consequences of noncompliance with the applicable laws, and

3. Measures to assure the correct application of Privacy and Security Rules. Make sure to consider all perspectives of the user authentication and access controls.

Your 2-4 pages double-spaced APA formatted assignment excluding the Title and References pages and containing 2-3 credible sources of information should be submitted by Tuesday midnight.