Health Insurance Portability and Accountability Act (HIPAA) and Payment Card Industry Data Security Standard (PCI DSS) Compliance: the Problems facing Small Businesses Managing BYOD (Bring Your Own Devices) Policies

Health Insurance Portability and Accountability Act (HIPAA) and Payment Card Industry Data Security Standard (PCI DSS) Compliance: the Problems facing Small Businesses Managing BYOD (Bring Your Own Devices) Policies

3 pages of introduction are already completed need to add 3 more pages. Introduction attached and copy of original thesis for assistance with writing the objective of introduction and must conform to these:
• The background of the topic
• Statement of the problem
• Statement of the purpose
• Research questions
• Significance of the study
• Definitions of unclear terms
• Limitations/delimitations (you may also provide in the Methodology area as well),
• Assumptions
• Theoretical framework




In recent years, data breaches have become one of the key concerns for many organizations. These include the unauthorized access to digital data, including client identities and other details. Healthcare practitioners and practices have become one of the most prime targets of these data breaches, which could be because of the highly sensitive information that healthcare institutions and practitioners keep to help them care for their patients (Kardas & Tunali, 2006; Appari & Johnson, 2010). This problem has grown even worse in the past few years- and increasingly so- in the face of growing use of Electronic Health Records (EHR) and particularly the emergence of ‘bring your own device’ (BYOD) policy.


To deal with this problem, Health Insurance Portability and Accountability Act of 1996 (HIPAA) Payment Card Industry Data Security Standard (PCI DSS) have been put in place as part of electronic Protected Health Information (ePHI) interventions. Businesses are required to comply with HIPAA and PCI directives, with government imposing exorbitant fines for non- compliance (PCI & HIPAA Brochure, 2012).


However, compliance with these HIPAA and PCI comes at a cost (that is, installation and maintenance of security equipment, among others). These costs may be easy to deal with for big businesses. But on the other hand, small businesses might lack the capacity to comply with the requirements and rules outline under these two policy fruits. Levin (2014) declares BYOD the most dangerous policy for small businesses.

This proposal is for a research on the challenges and difficulties that small business may face in their endeavors toward HIPAA and PCI compliance in relation to Bring Your Own Devices (BYOD) to work policies.

HIPAA and PCI DSS: Background Information

This section provides details on what constitutes HIPAA and PCI compliance: HIPAA

  • Technical security measures toward guarding against unauthorized entry to their systems and access to sensitive information transmitted over the entire system
  • Hardware, software and procedural mechanisms to facilitate the recording and examination of information systems that utilize or contain ePHI
  • Technical organizational policies and procedures to ensure only the authorized persons access these institutional ePHI, and
  • Policies and procedures to help avoid the improper alteration or destruction of ePHI PCI DSS
  • Secure systems and applications
  • Firewall configuration
  • Security parameters
  • Anti-virus software


  1. ) What is BYOD?

This section defines what BYOD is in relation to IT security and identity theft.

  1. b) General Positive Aspects of BYOD in Healthcare Facilities

This concerns the general advantages of using BYOD

  1. c) General BYOD-Related Issues Facing Healthcare Institutions i.  A Decisive Mobile Device Policy
  2. ii. Development, Control and Management of Healthcare IT

This covers the development of IT and the testing of mobile BYOD applications iii. Establishing Healthcare Security Procedures

This covers issues of supporting platforms, firewall constraints, network support, and the issue of cloud storage and data sharing.

  1. i Liabilities related to HIPAA Compliance

Problem Statement

his statement will state the problem; that is, the challenges that small businesses might face in the effort to implement BYOD policies (as an aspect of HIPAA and PCI compliance).

Aims and Objectives

This section outlines the main purpose for conducting this study: merely to gather information or as a path toward solution-finding.

Literature Review

This section reviews various literatures on the issue of IT and data security, as well as

BYOD. Particularly, this literature review covers:

  • IT security and identity theft, including the extent of the problem
  • The purpose of HIPAA and PCI DSS compliance in the face of this problem
  • The benefits of HIPAA and DSS
  • The place of BYOD in this problem, including cloud technology


Get a 10 % discount on an order above $ 100
Use the following coupon code :
error: Content is protected !!