Information Sensitivity and Data Protection - Essay Example

TRICARE - Information Sensitivity and Data Protection Military Health System (MHS) maintains the highest standard of information assurance (IA) for TRICARE. The network and information systems’ security measures and patient’s data and info protection efforts, are in compliance with the information IA policies, standards and guidance, issued by the Department of Defense (DoD) (Department of Defense, 2009). All TRICARE operations of information collection, storage, transmission and processing are in accordance with DoD Information Technology System Certification and Accreditation Process (DITSCA).

Thus, TRICARE operates in a standardized secure environment that offers information security features like (Office of the Assistant Secretary of Defense, 2008): A. Data Integrity: All files and installed software are scanned for viruses and malwares on a regular basis to detect any data integrity threats. Checksums are applied for code executables and data archives to detect any data tampering incidents. System logs off automatically after a preset time of inactivity. B. Data Availability: In order to ensure that no data is lost in case of natural disasters, virus or malicious code attacks, the critical data files, protected system files and certain application files on web servers are replicated onto electronic storage media.

These replication servers are in secure locations, separate from the original file servers. Backup copies of software programs are also maintained for every modification. C. Data Confidentiality: Proper authentication and identification procedures are available to provide role based access control for all the Personally Identifiable Information (PII) and Protected Health Information (PHI). The PII and PHI, IDs and passwords are encrypted in both rest and transit state, as per the Federal Information Processing Standards (FIPS) and Instruction Number 8500.

2 (Department of Defence, 2003). TRICARE has comprehensive procedures for risk management for privacy risks and potential security threats (Department of Defense, 2003) ensuring a reliable system. MHS takes measures to keep the system hardware and security software technology updated, to provide a fully secure operating environment for TRICARE. Reference Department of Defense. (23 June 2009). Information Assurance. Retrieved from http://www.tricare.mil/tmis_new/ia.htm Department of Defense. (6 February 2003).

Instruction Number 8500.2. Information Assurance (IA) Implementation. Retrieved from http://www.tricare.mil/tmis_new/ia/i85002p.pdf Office of the Assistant Secretary of Defense. (10 October 2008). Military Health System (MHS) Information Assurance (IA) Policy Guidance and MHS IA Implementation guides. Washington DC. Retrieved from http://www.tricare.mil/tmis_new/ia/07-DataIntegrity-10102008.pdf