The health care sphere’s effectiveness is strongly influenced by the state’s legislation. For instance, the law that establishes the minimum nurse-to-patient staffing ratio implemented in California significantly increases the quality of health care in hospitals (Aiken et al., 2010). We will describe some ways an ordinary nurse could influence the state’s legislation to improve the quality of health services.
The first step would be to join (or establish) a professional nursing organization (Abood, 2007, Ways to Advocate for Health section, para. 1). There are approximately 2.9 million RNs dispersed among the USA (Abood, 2007, The Potential Power of Numbers section, para. 1), so involving more colleagues in the issue is possible and would provide substantial support in achieving legislative results. Once the nurse is a member of a professional organization, it is easier to work with the media to get society’s attention to the issue (Abood, 2007, Ways to Advocate for Health section, para. 4). This work might include organizing press conferences, writing articles, inviting journalists to hospitals and giving interviews, or organizing demonstrations (which usually result in the media’s attention). Once the population is aware of the problem, it becomes interesting to various politicians and political parties, who will want to use the opportunity to get political scores and increase the number of votes they might get in the next elections (Abood, 2007, Reward Power section), in particular, by improving the legislation.
It is also a good idea to create (online) petitions and, once they have gained enough signatures, to send these appeals to legislators, especially to the “key players” such as party leaders, members of legislative committees, etc. (Abood, 2007, Knowing the Key Players section). Contacts with key players are important regardless of petitions (Abood, 2007, Understanding Committees section).
To sum up, the crux of the strategy would be to get society’s attention and make the politicians personally interested in improving the state’s legislation concerning the health care sphere.
References
Abood, S. (2007). Influencing health care in the legislative arena. Online Journal of Issues in Nursing, 12(1). Web.
Aiken, L. H., Sloane, D. M., Cimiotti, J. P., Clarke, S. P., Flynn, L., Seago, J. A.,…Smith, H. (2010). Implications of the California nurse staffing mandate for other states. Health Services Research, 45(4), 904-921.
Kasprak, J. (2004). California RN staffing ratio law. Web.
Security Plan And Recommendation
Introduction
Organizational security is a complex and dynamic phenomenon. It is essential for institutions to invest in the best practices and components to ensure the security of persons, information, and the physical set up. This means that the security plan must encompass all the aspects that pertain to it. Such aspects may include the accuracy of the adopted technology, its relation to the existing systems, and its usability by personnel. It is challenging to come up with a security model that suits a medical facility. This is because other than addressing the medical personnel and equipment, the model must consider the security of the patients as well. In essence, the past trends and experiences in the industry should inform the security scheme and put it in line with the contemporary perspective.
This paper will detail a security plan that includes three security technologies. The three forms of technology are firewalls, multifactor authorization systems to limit unauthorized users, and backup systems to limit the corruption of data. For each of the three technologies, the paper will highlight their descriptions, associated costs, expected return on investment, mitigation of risks, and the barriers to success.
Background Information on Technologies for the Security Plan
Technologies are mainly a function of the hardware, software and users. They function in defined environments that characterize their efficiency and range of applications. The users of a security plan must understand the interface between the real and the virtual world. A plan for the virtual world considers the security of information and the eventual functionality in the physical world. Information security includes aspects of access to the information, procedures of retrieval, guarding against destruction, and unauthorized modification. On the other hand, the real world security considers the physical harm to persons, the destruction of property, and the mechanical damage of hardware (Feruza & Kim, 2007).
Firewalls
Firewalls are electronic components and algorithms that characterize the flow of information between networks and individual user components. Computer networks are envisaged as systems while the individual user’s devices can be considered as the components that form the system. In essence, it serves the individual components of the system and the network on which the components function as a unit. Firewall is designed to sensor data according to its source, the dominant characteristic and the output compatibilities. Four aspects characterize firewall. First, it is contained in the hardware layer. The most common hardware layer is Ethernet, which serves devices and the network between them. The second aspect is the application layer. It aids in sending and receiving information to specific Internet Protocols. Protocols on mailing systems, domain names and the general transfer of information in text use the application layer. The third aspect is the transport layer. The function of firewall in this layer is limited to connectivity. It provides systems with clarity of information transfer and prevents the intermediary disorientation of data. The fourth characteristic is the Internet Protocol Layer. It comes in a number of versions such as version 4 (IPv4) and version 5 (IPv5) that specialize in the transfer of classified sets of data (Scarfone & Hoffman, 2009; Mellado & Rosado, 2012).
Firewalls function with corresponding router technologies such as the Network Address Translation (NAT). This technology facilitates the filtering of information coming to the system of connectivity and electronic devices. This is called ingress filtering. On the other hand, the information getting out of a system or component is called egress filtering (Scarfone & Hoffman, 2009). Information systems for health facilities get traffic related to medical records, drugs, consultations and general information on diseases. They also share information with other health facilities or other organizations related to them. Hospitals may also choose to classify certain information for a patient, medical procedure or research developments. Firewall comes in handy when it comes to filtering the requests from various clients and institutions seeking information.
Authorization System
The multifactor authorization system for limiting unauthorized users is a security procedure that seeks to verify whether the request of access is permissible. Physically, persons seeking to enter a hospital may be under authentication processes from the gate to the specific hospital unit, ward or room of the patient or the doctor. Organizations would like to ensure that the people accessing information are authorized. To achieve this, they employ a number of strategies. Technologically, organizations have different models to authenticate users who wish to access information or a physical location. For efficiency, the prospective user sends a request for registration. On accepting the request, the user is subjected to a process that allows them to give information about themselves, which is later on used for their authentication. Identity proofing is done using a Credential Service Provider (CSP). This tests the authenticity of the user against the information given during registration. The person who sends request for authentication is referred to as the claimant. On the other hand, the system that tallies the information of the claimant with the existing one is known as the verifier (Burr, Dodson & Polk, 2006; Feruza & Kim, 2007).
Multifactor authorization to limit unauthorized users is advanced to provide more security through the application of complex passwords, encryption of the system and sourcing services of an intermediary company. Organizations may cipher information that the claimant enters thus making the system to recognize different forms of information from the one it is receiving. The complexity of the system differs from one cryptographic key to another. Some cryptographic keys are to the order of 279 making it hard to crack the cryptographic operations. An intermediary company that wants to outsource security services should cede the organizational security to the service provider. Kerberos authentication protocol is known to offer intermediary services. It is susceptible to the risks of attacks from eavesdroppers, impostors and hijackers (Burr, Dodson & Polk, 2006; Feruza & Kim, 2007; Mellado & Rosado, 2012). Medical institutions need to authenticate both information and persons. Information to be authenticated includes the kind of treatment undergone by a patient, the results of research processes, and permission to use certain equipment may require authentication. However, personal integrity, confidentiality and privacy play an important role in ensuring that the right people access medical information, place and equipment.
Backup Systems to Limit Data Corruption
Corruption of data is the rearrangement of the order of information into information that is recognized or not recognized but far much different from the original one. Corruption also refers to disorientation of the connectivity between the systems and components. In this light, the corruption of data can be in either physical or logical form. In physical corruption, the database ceases to recognize an entire block of data. This may happen even when the content is still uncorrupted (Chlen, Pedregal, Schupmann & Carpenter, 2012). Medical institutions ought to establish a backup system that will serve them with records and information in case data gets corrupt. The presentation of data in multiple formats, such as text, images, audio, and a combination of audio and visual, provides a wider platform of storage and retrieval of information. Thus, it reduces the chances of corrupting important data.
The Schematic Representation
According to Holodiuk (2011), the above model is a classical centralized security system. This paper has adopted the concept of centrality and modified it to suit the technological components discussed in the plan (Firewalls, Multifactor authorization to limit unauthorized users, and technology to limit the corruption of data).
It demonstrates the individual components and their connectivity. Such components include the staff, credentials, administrative records, archives, medical records and the responsibilities of the employees. They are linked to the main application. The application is designed depending on the complexity of the medical institution. The external authentication mechanism should not necessarily function out of the medical institution. The institution may employ an independent system to monitor the one in operation (Swanson, Hash, & Bowen, 2006; Holodiuk, 2011).
Costing of the System
Estimates ($) ‘000 | Description | |
Expenses: | ||
Hardware | 200.0 | For computer and medical equipments |
Software | 20.0 | Functional programs and customized programs for interfacing |
Contractor Services | 100.0 | May differ from one contractor to another |
Training | 5.0 | Equipping the staff on the nature of technologies |
Encryption Software | 265.0 | |
Purchase and Install Intrusion Detection System with Audit Trail Software | 1 FTE, $750 per server IDS probe; plus $240; plus $1,300, and/or $4,800; plus $2,400 for analysis console; | 1 day for installation;
per workstation agent
per manager/console per network IDS probe
1 FTE, 3 months for monitoring IDS |
Hardware and software authorization and documentation | 800 | Required for all the components |
The costs of an information security system are subject to a number of factors, mainly, the extent of the system’s functionality and the technological ancillaries that are unique to institutions. The technological requirements and configuration differ according to the complexity of the institutions. The extensive analysis of the costing depends on the cost of purchase, the cost of setup, the cost of operations and the cost associated with configuration and changes on the system (NIST, 2011; Avitan, 2012; Brecht & Nowey, 2011; Swanson, Hash & Bowen, 2006).
Subject: Recommendations for Developing a Security Plan For a Medical Facility
The following recommendations are made in light of the information security plan in a medical facility. The plan is fit for a medium sized medical facility. The plan focuses on three technologies; Firewalls, Multifactor authorization system to limit unauthorized users, and backup systems to limit the corruption of data.
Recommendations
Medical institutions ought to balance between the technological domains of information security and the affective domains such as the organizational culture of trust and responsibility. In perspective, technological domain entails hardware, software and the details of connectivity. This will help to foster integrity, confidentiality, need for privacy, and availability.
Authentication of sensitive information should occur hierarchically and through a network that imposters, eavesdroppers and hijackers cannot tamper with. The schematic representation of the plan recommends that the three flagship technologies (Firewalls, Multifactor authorization to limit unauthorized users, and Technology to limit corruption of data) be applied in a centralized system. However, the operations and functionality of the technologies should take place independently.
The medical institution should develop a policy that will culture the staff on the best practices of the adopted technologies. The policy should detail the hardware (Computers and medical equipment), the software, and the interfacing operating systems. This will link the central system and the equipment, besides acting as a database.
References
Avitan, A. (2012). Controlling the cost of Firewall Operations and Compliance. Frost and Sullivan.
Brecht, M. & Nowey, T. (2011). A closer look at Information security costs. University of Regensburg, Germany.
Burr, E.W., Dodson, D. F., & Polk, T. W. (2006). Information Security, Electronic Authentication Guideline. National Institute of Standards and Technology. Special Publication 800-63.
Chlen, T., Pedregal, C., Schupmann, V., & Carpenter, M.L. (2012). Preventing, Detecting, and Repairing block Corruption: oracle Database 11g. Redwood shores, CA:Oracle Corporation.
Feruza, S.Y. & Kim, T. (2007). IT security Review: Privacy, Protection, Access Control, Assurance and System Security. International journal of Multimedia and Ubiquitous Engineering, 2(2), 17-32.
Holodiuk, S. (2011). Modelling a Hospital Information System with Decentralized Label Model. Kongens Lyngby: technical University of Denmark.
Mellado, D. & Rosado, D.G. (2012). An Overview of Current Information Systems Security Challenges and Innovation. Journal of Universal Computer Science, 18(12), 1598-1607.
NIST. (2011). Managing Information Security Risk. National Institute of Standards and Technology. Special Publication 800-39.
Scarfone, K. & Hoffman, P. (2009). Guidelines on Firewalls and Firewall Policy. National Institute of Standards and Technology. Special Publication 800-41.
Swanson, M., Hash, J., & Bowen, P. (2006). Guide for Developing Security Plans for Federal Information Systems. Information Security. National Institute of Standards and Technology. Special Publication 800-18.
Aspects Of Nursing Education
Concept of Excellence as it Relates to Nursing Education
The concept of excellence in nursing education refers to the practice of ensuring that nurses who graduate with diplomas, associate degrees, baccalaureate, master’s degree or doctoral degrees not only have the theoretical knowledge but also practical experience to handle patients (Wittmann-Price, 2008). The concept has gained popularity in the recent past due to the growing partnership between learning institutions and healthcare facilities in various parts of the world. It seeks to ensure that the graduates are competent enough to handle patients in various contexts. The following figure shows fundamental elements of excellence in nursing education.
As shown in the above figure, a nurse can only be considered competent enough to handle patients if he/she has the capacity to the tasks identified in the figure above. They must be able to watch over the patients, assess them, and recognize any complications that may need the attention of a doctor. The graduate must have proper clinical reasoning and decision-making skills. According to Nee (2013), such nurses should have skills in patient engagement before they can start working in healthcare facilities. The concept emphasizes on nursing diagnosis. As Montagu (2010) says, nurses should be able to identify any new complications in their patients as soon as possible. There are also other cases where nursing intervention may be necessary. This is specifically so when the patient develops complications at a time when the doctor is out of reach. All these factors will culminate into nursing outcomes.
How Changes in Nursing Education Relate to Changes in Other Health Professions Education
According to Montagu (2010), nursing education has undergone a number of changes in the recent past. Nurses are no longer mere assistants to the doctors in a healthcare setting. They have become an integral part of the medical staff that can go beyond offering care services. This means that they can do some tasks that were previously considered exclusively for medical doctors. This has been reflected in the nursing curriculum in nursing colleges. Nursing education now seeks to empower nurses to be professionals who are dynamic and multi-skilled.
Changes in nursing education have contributed to changes in other health professions education. Other healthcare experts now have to learn how to work with more skilled nurses who understand human anatomy better than they did in the previous years. For example, it has become necessary for the doctors to find ways through which they can work effectively with modern nurses. As Wittmann-Price (2008) says, doctors must now consider nurses as partners other than assistants who are there to receive instructions. This has forced medical schools to reevaluate their curriculum in order to find a new position of nurses in the medical centers. To ensure that there is harmony and efficiency in hospitals and other medical centers, educators are trying to come up with a new curriculum that will place nurses as partners who can participate in critical decision-making processes. Nurses now have the capacity to operate some of the complex medical equipment that was previously operated by medical doctors. This means that they are taking some of the roles of doctors. To ensure that there is harmony in this new role definition, other health experts must go through a new system of education.
Meaning of Partnership as it Relates to Nursing Education
The concept of partnership in nursing education refers to the relationship that exists between the nurses, their patients, friends, and relatives of the patients. According to Moyer and Wittmann-Price (2008), it is individualized care where nurses make a concerted effort to develop personal relationships with the patient in order to improve the quality of care.
Concept of partnership and how it is mutually beneficial to nurse educators
The concept of partnership is beneficial to nurse educators in the current society where the public has a lot of expectations from the nurses. According to the research by Lee and Tilbury (2008), nurses have been working under very stressful environments making them less efficient. In many instances, they are forced to work with patients who do not want to corporate with them. This makes it difficult to monitor their conditions and determines if they are making any progress. Partnership in nursing is mutually beneficial to the nurses and their patients. A nurse will find it easy to communicate with his/her patient. Through this communication, the nurse may easily know the progress the patient is making and any issue that could be hindering their recovery rates. On the other hand, the patients get to benefit from this partnership because they can easily explain issues that are affecting them within the hospital. As Saleh (2006) says, in this strategy, a patient is made a partner in the caregiving process instead of being dormant. They can give suggestions about the kind of care they want and how they feel about a given medication. This partnership not only benefits the nurses but also doctors who may want specific information from the patient.
References
Laiho, A. (2010). Academisation of nursing education in the Nordic Countries. Higher Education, 60(6), 641-656.
Lee, J. & Tilbury, D. (2008). Changing Environments: The Challenge for Environmental Education in China. Nursing Education Journal, 83(3), 227-236.
Montagu, C. (2010). Civil Society and the Voluntary Sector in Saudi Arabia. Middle East Journal, 64(1), 67-83.
Moyer, B. & Wittmann-Price, R. A. (2008). Nursing education: Foundations for practice excellence. Philadelphia: F.A. Davis.
Nee, P. (2013). The Key Facts on Medicare: Everything You Need to Know About Medicare. Boston: Medical Center.
Saleh, A. (2006). Development of Higher Education in Saudi Arabia. Higher Education, 15(2), 17-23.