The Department of Health and Human Services

The Department of Health and Human Services

Introduction

Information system program is basically the security and protection of information and its associated risks and certain losses, illegal disclosure, or unauthorized continuous use of any data. In short, making investments to prevent illegal activities and also reduce risk is the major objective of such systems (HHS-IRM-2000-0003, 2000).

Information security program and privacy is a growing technology since the last decade. The hackers and cyber robbers have made the life of locals and multinational companies miserable. In fact the government departments have also not made themselves away from this threat. The roots of such problems are not new to the people but it has become very much common in the last few years. The stated goals of any information security system is to reduce the risk of tampering, fraud, unauthorized disclosure and IT infrastructure damage i.e. viruses and worms. The major concerns for any company that leads to maintain its information systems are competitors and other factors which are responsible growing threats about any company or organization (HHS-IRM-2000-0003, 2000).

Discussion

The multinational organizations and government structural frameworks are the most affected victims of hacking and data losses through various viruses and worms. One the major governmental organization in US which has its information security systems is Department of Health and Human Services (US). HHS is one of the government's major agencies for protecting and preserving the health of all US residents and providing necessary and essential human services, particularly for those people who are unable to help themselves (Donald, 2004).

There are various concepts that are helpful in understanding any information security and also the laws that affects it. Laws that usually regulate information security are often use risk management to justify them overcomes basic problems. It is the process of listing down the risks that any organization usually faces and then takes necessary steps to manage them. The HHS also uses risk management system primarily to control such threats.

Other major IT policies and strategies which are documented and use to manage systems are HHS Policy for IT Privacy & Security Incident Reporting and Response, HHS-OCIO-2010-0001 Policy for Machine-Readable Privacy, HHS - OCIO Policy for Information Systems Privacy & Security, HHS Policy for Responding to Breaches of Personally Identifiable Information (PII), HHS IRM Policy for Prevention, Detection, Removal and Reporting of Malicious Software, HHS IRM Policy for IT Security for Remote Access and Implementation of OMB M-10-22 and M-10-23.

These are some particular policies which take care of HHS information privacy & security system. Some other major departments of HHS systems are FDA Central Accounting System, FDA Financial Enterprise Solution, FDA Regulatory Management Systems, and FDA Automated Drug Info Management System (ADIMS) etc (Donald, 2004).

Strategic plans for HHS

There are some objectives and strategies which are set by HHS for the upcoming years to maintain a leading position in the world. Some of its goals are:

To fix their broken health insurance system.

Accelerate the scientific discovery process for better patient ...