Step 1

Write a 1- to 2-page high-level executive summary of the legal and regulatory compliance requirements for Health Coverage Associates executives. The summary should provide:

Accurate information on the HIPAA requirements for securing PHI

FISMA and HIPAA requirements for a security plan

Scope of the work you will perform to meet the Health Coverage Associates requests

Step 2

Compile a 1-to 2-page list of at least 10 of the CIS controls that provide key alignment with the administrative (policies), physical (secured facilities), and technical safeguards required under HIPAA to protect against the attacks listed above. Include corresponding NIST controls mapped to the selected CIS controls.

Step 3

Write a 1- to 2-page concise outline of the contents of the security management plan. Include

Policies Health Coverage Associates will need to manage, protect, and provide access to PHI

The recommended risk management framework Health Coverage Associates should adopt

Key elements Health Coverage Associates should include in its plan of actions and milestones

Cite all sources using APA guidelines.

Please note sources if used