Essay project|computer engineering

Essay project|computer engineering

Introduction

The Chief Technology Officer (CTO) for Largo Corporation is responsible for information technology (IT) that supports the company goals. More specifically, the CTO plays a key role in defining the strategy and approach for effectively applying information technology to enable the goals and objectives of the organization to be carried out.

Largo Corporation is a multinational conglomerate corporation that serves a broad range of clients and their needs. Think in terms of a large company like General Electric which is involved in a wide range of businesses. Largo Corporation is a high energy organization in an extremely competitive environment that strives for high quality and timely delivery of products and services to its clients. Ms. Tara Johnson, the Chief Executive Officer (CEO), is a driven leader who has high expectations on her managers and employees.

Ms. Johnson has been disappointed with the poor company performance last quarter. Her personal opinion is that the organization is underutilizing information technology (IT). She feels that there are state-of-the-art and emerging technologies that can be applied to the company that can immediately address current user issues and improve the efficiency and effectiveness of its operations.

She asked the CTO to form an IT modernization team to conduct an analysis to determine where the company’s current IT infrastructure is misaligned with the company’s business needs and to identify recommendations. In addition, the team must prepare a presentation describing a proposal to modernize the IT infrastructure and report to the CEO and other corporate executives.

It is common for organizations to have modernization projects. Reasons for these projects include a new set of business requirements being introduced, the emergence of new technologies that can be leveraged and past political and budget issues that have slowed down the infusion of technology into the organization over time.

You will learn about infrastructure components such as hardware; software; and networks and telecommunications. You will also learn how to evaluate these technologies to meet business requirements with consideration to the corporate mission and culture. In addition you will be developing communication, critical thinking, and leadership skills.

Understanding system capabilities provided by the infrastructure components and the application of this knowledge to enable an organization’s strategic goals and objectives to encompass core knowledge, skills, and abilities are a knowledge base that IT personnel are expected to possess. Effective IT professionals are expected to be up-to-date on trends in technology, current IT innovations, and which technologies will provide a competitive advantage for an organization. Most importantly, IT professionals must be able to communicate effectively (orally and written) to executive level management in a non-jargon, executive level manner that convincingly justifies the need to invest in IT improvements and modernization. This learning demonstration is designed to strengthen these essential knowledge, skills, and abilities needed by IT professionals.

3. Steps to Completion

Your instructor will form the teams. Each member is expected to contribute to the team agreement which documents the members’ contact information and sets goals and expectations for the team.

1) Review the Setting

Largo Corporation is a major multinational conglomerate corporation which specializes in a wide array of products and services. These products and services include healthcare, finance, retail, government services, and many more. The annual revenue is about $750 million and it has about 1,000 employees. The parent company is located in Largo, Maryland and its subsidiaries are headquartered throughout the United States.

The mission of the corporation is to bring the best products and services to people and businesses throughout the world so they can then realize their full potential.

The corporate vision guides every aspect of their business to achieve sustainable, quality growth:

Productivity: Be a highly effective, lean and fast-moving organization.

People: Be a great place to work where people are inspired to achieve their maximum potential.

Partners: Nurture a winning network of customers and suppliers, together we create mutual, enduring value.

Responsible: Be a responsible citizen that makes a difference through ethical behavior.

Revenue: Maximize long-term return while being mindful of our overall responsibilities.

The company’s culture is reflected in their corporate values:

Leadership: Courage to shape a better future.

Collaboration: Leverage collective intelligence.

Accountability: Own up to your responsibility.

Passion: Committed to excellence.

Diversity: Provide new perspectives into our business.

Quality: We will want quality as part of our brand.

The corporation consists of the parent company and the following subsidiaries:

Healthcare – Suburban Independent Clinic, Inc. (medical services)

Finance – Largo Capital (financial services)

Retail – Rustic Americana (arts and crafts), Super-Mart (office products)

Government Services – Government Security Consultants (information security)

Automotive – New Breed (electric cars)

Systems Integration – Solutions Delivery, Inc. (communications)

Media Design – Largo Media (website and app design)

The organization is headed by CEO Tara Johnson who completed her Master’s degree at UMUC and eager to make worthwhile improvements to the corporation. She rose through the ranks of Largo Corporation starting with systems integration, then retail and her last position before becoming CEO was in finance.

The corporation is in a highly competitive environment so the CEO wants savvy employees at many levels to make wise judgments and take an aggressive approach and deliver results towards improving the bottom line yet maintaining corporate social responsibility.

2) Gauging the Current Situation

One area CEO Tara Johnson is most concerned about is the IT infrastructure of her company. Some of the subsidiaries of the corporation underperformed last quarter and she has the opinion that existing IT infrastructure contributed to the decline.

Ms. Johnson set up interviews with various stakeholders both internal and external to the corporation to gain some insight into the IT concerns. They were asked “What is the most problematic issue facing you with regard to information technology.” These were the responses:

“It was difficult to implement new government regulatory requirements due to outdated software systems.” (Chief Counsel, Largo Corporation)

“Our computer workload varies greatly day to day and sometimes our network just cannot keep up the demand.” (Retail Operations Manager, Rustic Americana)

“The organization was not able to properly analyze its data and get the information to make quality decisions quickly.” (Department Head, Largo Capital)

“The networks are often slow and unreliable. It was built in the 1980’s!” (Web Designer, Largo Media)

“It seems that our people who do field work could use IT to improve their operations.” (Communications Field Manager, Solutions Delivery, Inc.)

“Each business unit could not exchange information easily with another business unit. For example, the financial personnel could not send budget information to the operation people without a lengthy period to convert and massage the data”. (Financial analyst, Largo Capital)

“I am concerned that we do not encrypt our corporate wireless networks.” (Security specialist, Government Security Consultants)

“Our employees are creating gigabytes and gigabytes of data. Our hard disks are running out of space!” (Call Center Manager, Rustic Americana)

“We are getting virus and other malware all the time. What should we do?” (Operations analyst, Super-Mart)

“I am worried about the possibility of privacy intrusions in our medical operations.” (Doctor, Suburban Independent Clinic)

“Employees want to bring in their own personal devices but the network people won’t let them connect with our systems.” (Branch Manager, New Breed)

“We business managers think that the IT personnel often fail to listen and understand our specific needs, always want to use cutting edge but unproven tools, do not ask the right questions and lack vision.” (Department Head, Largo Corporation)

“As an IT professional, it seems to me that business people are unclear about their needs, constantly changing their requirements and do not understand the cost and time issues associated with technology implementation.” (Systems Developer, Largo Corporation)

“Many of our younger employees see security as an interference and actually know how to successfully work around security protocols.” (Operational manager, Super-Mart)

“When we call the Helpdesk for support, we never know how soon they will assist us. We have to do our jobs and have no idea what the priority is and when our issue will be addressed.” (Administrative Assistant, Largo Corporation)

3) Analyze the Issues

Your work begins now. As the part of the IT modernization team, this step requires you to study and analyze these IT issues. As a first step you can group these issues into different categories such as software, hardware, networks/telecommunications, management issues, and others.

In analyzing each issue, consider asking these questions:

Do I understand the meaning and nature of the issue?

Should we care about this issue?

What does literature say about this issue?

Who is affected by the issue? How so?

Which issues are most important? Least important?

How does this issue relate to corporate strategy and goals?

Why do you think this issue occurred?

Do not jump the gun and identify solutions. That step comes later.

Deliverable: Prepare a narrative and a summary table that would capture the results of your analysis in this step. Minimum length = 600 words. Be sure to state your assumptions.

4) Research Technologies and Technology Trends

Investigate and evaluate the current and emerging technologies that have the potential of addressing the identified issues. Review your textbook, library resources and other peer-reviewed references.

Evaluate the relevance of the following technology trends: cloud computing, virtualization, mobile computing, Big Data and other contemporary IT cross-functional approaches. Review and evaluate the relevancy of these trends to the current situation. Again, review your textbook, library resources and other peer-reviewed references.

Deliverable: Provide a technical briefing that examines different relevant technologies and technology trends and include a short description of each. Also, explain why these technologies are applicable to Largo Corporation. Minimum length = 1,000 words.

5) Communicate the Overall Findings and Recommendations

Provide a presentation that addresses a set of recommendations on the technologies and trends needed to address the current situation. A suggested agenda is as follows:

Purpose of the Briefing

Description of the Overall Environment

Analysis of the Issues

Relevant Technologies that Address the Issues including Rationale

Relevant Trends that Potentially Address the Issues including Rationale

Overall Recommendations

Conclusions

The audience consists of the CEO and executives representing all of Largo Corporation subsidiaries.

The presentation should consist of 15-20 slides. It should include audio narration (directions are found at: HYPERLINK “https://support.office.com/en-au/article/Add-narration-to-a-presentation-0b9502c6-5f6c-40ae-b1e7-e47d8741161c” https://support.office.com/en-au/article/Add-narration-to-a-presentation-0b9502c6-5f6c-40ae-b1e7-e47d8741161c). The narration should also be captured in the slide notes.

As an alternate method of delivery, you can create a video using YouTube Capture ( HYPERLINK “https://www.youtube.com/capture” https://www.youtube.com/capture) or a similar tool.

Prepare a peer evaluation report.

4. Deliverables

Issue analysis table (from Step 3)

Technology briefing (from Step 4)

Final presentation (from Step 5)

Create a folder to hold all of your deliverables.

Title your files using this protocol: GroupNumber_G-1_AssignmentName_Date.

Please zip (compress) the folder containing all of the files and the team leader is to submit the zipped file in the Assignments area.

In lieu of submitting the presentation, the team leader may provide a link to the presentation file.

NOTE: At the end of the project, each member of the team should email a completed Peer Evaluation form to your instructor.

5. Paper Writing Service – Topic Examples – Rubrics

Research Topics – Criteria

Weight

Score

Analyze technical and non-technical issues that are evident in a given IT infrastructure

20

Identify the appropriate technology solutions to address identified issues

50

Identify the appropriate management solutions to address identified issues

20

Exhibit communication skills

10

Total

=SUM(ABOVE) 100

 

Group Project G-2

1. Title

IT Security Risk Assessment

2. Introduction

You are employed with Government Security Consultants, a subsidiary of Largo Corporation. As a member of IT security consultant team, one of your responsibilities is to ensure the security of assets as well as provide a secure environment for customers, partners and employees. You and the team play a key role in defining, implementing and maintaining the IT security strategy in organizations.

A government agency called the Bureau of Research and Intelligence (BRI) is tasked with gathering and analyzing information to support U.S. diplomats.

In a series of New York Times articles, BRI was exposed as being the victim of several security breaches. As a follow up, the United States Government Accountability Office (GAO) conducted a comprehensive review of the agency’s information security controls and identified numerous issues.

The head of the agency has contracted your company to conduct an IT security risk assessment on its operations. This risk assessment was determined to be necessary to address security gaps in the agency’s critical operational areas and to determine actions to close those gaps. It is also meant to ensure that the agency invests time and money in the right areas and does not waste resources. After conducting the assessment, you are to develop a final report that summarizes the findings and provides a set of recommendations. You are to convince the agency to implement your recommendations.

This learning activity focuses on IT security which is an overarching concern that involves practically all facets of an organization’s activities. You will learn about the key steps of preparing for and conducting a security risk assessment and how to present the findings to leaders and convince them into taking appropriate action.

Understanding security capabilities is basic to the core knowledge, skills, and abilities that IT personnel are expected to possess. Information security is a significant concern among every organization and it may spell success or failure of its mission. Effective IT professionals are expected to be up-to-date on trends in IT security, current threats and vulnerabilities, state-of-the-art security safeguards, and security policies and procedures. IT professionals must be able to communicate effectively (oral and written) to executive level management in a non-jargon, executive level manner that convincingly justifies the need to invest in IT security improvements. This learning demonstration is designed to strengthen these essential knowledge, skills, and abilities needed by IT professionals.

3. Steps to Completion

Your instructor will form the teams. Each member is expected to contribute to the team agreement which documents the members’ contact information and sets goals and expectations for the team.

1) Review the Setting and Situation

The primary mission of the Bureau of Research and Intelligence (BRI) is to provide multiple-source intelligence to American diplomats. It must ensure that intelligence activities are consistent with U.S. foreign policy and kept totally confidential. BRI has intelligence analysts who understand U.S. foreign policy concerns as well as the type of information needed by diplomats.

The agency is in a dynamic environment in which events affecting foreign policy occur every day. Also, technology is rapidly changing and therefore new types of security opportunities and threats are emerging which may impact the agency.

Due to Congressional budget restrictions, BRI is forced to be selective in the type of security measures that it will implement. Prioritization of proposed security programs and controls based on a sound risk assessment procedure is necessary for this environment.

The following incidents involving BRI’s systems occurred and reported in the New York Times and other media outlets:

BRI’s network had been compromised by nation-state-sponsored attackers and that attacks are still continuing. It is believed that the attackers accessed the intelligence data used to support U.S. diplomats.

The chief of the bureau used his personal e-mail system for both official business purposes and for his own individual use.

A software defect in BRI’s human resource system – a web application – improperly allowed users to view the personal information of all BRI employees including social security numbers, birthdates, addresses, and bank account numbers (for direct deposit of their paychecks). After the breach, evidence was accidently destroyed so there was no determination of the cause of the incident or of its attackers.

A teleworker brought home a laptop containing classified intelligence information. It was stolen during a burglary and never recovered.

A disgruntled employee of a contractor for BRI disclosed classified documents through the media. He provided the media with, among other things, confidential correspondence between U.S. diplomats and the President that were very revealing.

Malware had infected all of the computers in several foreign embassies causing public embarrassment, security risks for personnel and financial losses to individuals, businesses and government agencies including foreign entities.

These reports prompted the U.S. Government Accountability Office to conduct a comprehensive review of BRI’s information security posture. Using standards and guidance provided by the National Institute of Standards and Technology and other parties, they had the following findings:

Identification and Authentication Controls

Controls over the length of passwords for certain network infrastructure devices were set to less than eight characters.

• User account passwords had no expiration dates.

• Passwords are the sole means for authentication.

Authorization Controls

BRI allowed users to have excessive privileges to the intelligence databases. Specifically, BRI did not appropriately limit the ability of users to enter commands using the user interface. As a result, users could access or change the intelligence data.

BRI did not appropriately configure Oracle databases running on a server that supported multiple applications. The agency configured multiple databases operating on a server to run under one account. As a result, any administrator with access to the account would have access to all of these databases; potentially exceeding his/her job duties.

At least twenty user accounts were active on an application’s database, although they had been requested for removal in BRI’s access request and approval system.

Data Security

BRI does not use any type of data encryption for data-at-rest but protects data-in-transit using VPN.

A division data manager can independently control all key aspects of the processing of confidential data collected through intelligence activities.

One employee was able to derive classified information by “aggregating” unclassified databases.

System Security

Wireless systems use the Wired Equivalent Privacy (WEP) standard for ensuring secure transmission of data.

The agency permitted the “Bring Your Own Device” (BYOD) concept and therefore users can utilize their personal mobile devices to connect to the agency network freely.

In the event of a network failure due to hacking, the data center manager has his recovery plan but has not shared it with anyone in or out of the center. He was not aware of any requirement to report incidents outside of the agency.

There has never been any testing of the security controls in the agency.

Processes for the servers have not been documented, but in the minds of the system managers.

Patching of key databases and system components has not been a priority. Patching systems have either been late or not performed at all. Managers explained that it takes time and effort to test patches on its applications.

Scanning devices connected to the network for possible security vulnerabilities are done only when the devices are returned to inventory for future use.

System developers involved with financial systems are allowed to develop code and access production code.

Physical Security

An unauthorized personnel was observed “tailgating” or closely following an official employee while entering a secure data center.

The monthly review process at a data center failed to identify a BI employee who had separated from BRI and did not result in the removal of her access privileges. She was still able to access restricted areas for at least three months after her separation.

End User Security

Users even in restricted areas are allowed to use social media such as Facebook. The argument used is that is part of the public outreach efforts of the agency.

Users receive a 5-minute briefing on security as part of their orientation session that occurs typically on their first day of work. There is no other mention of security during the course of employment.

Users are allowed to use public clouds such as Dropbox, Box, and Google Drive to store their data.

BRI has not performed continual background investigations on employees who operate its intelligence applications (one investigation is conducted upon initial employment).

There is no policy regarding the handling of classified information.

An internal audit report indicated that the organization needed several security programs including a security awareness and training program, a privacy protection program and a business continuity/disaster recovery programs. These programs will need special attention.

2) Examine Background Resources

This learning demonstration focuses on the National Institute of Standards and Technology’s (NIST) “Guide for Conducting Risk Assessments”

( HYPERLINK “http://csrc.nist.gov/publications/nistpubs/800-30-rev1/sp800_30_r1.pdf” http://csrc.nist.gov/publications/nistpubs/800-30-rev1/sp800_30_r1.pdf). See Pg. 23 to view the description of the risk management process.

Throughout this learning activity, feel free to use other references such as:

Other NIST publications ( HYPERLINK “http://csrc.nist.gov/publications/PubsSPs.html” http://csrc.nist.gov/publications/PubsSPs.html),

SANS Reading Room ( HYPERLINK “https://monkessays.com/write-my-essay/sans.org/reading-room/” https://monkessays.com/write-my-essay/sans.org/reading-room/),

US-CERT ( HYPERLINK “https://www.us-cert.gov/security-publications” https://www.us-cert.gov/security-publications),

CSO Magazine ( HYPERLINK “https://monkessays.com/write-my-essay/csoonline.com/” https://monkessays.com/write-my-essay/csoonline.com/),

Information Security Magazine ( HYPERLINK “https://monkessays.com/write-my-essay/infosecurity-magazine.com/white-papers/” https://monkessays.com/write-my-essay/infosecurity-magazine.com/white-papers/),

Homeland Security News Wire ( HYPERLINK “https://monkessays.com/write-my-essay/homelandsecuritynewswire.com/topics/cybersecurity”https://monkessays.com/write-my-essay/homelandsecuritynewswire.com/topics/cybersecurity)

Other useful references on security risk management include: HYPERLINK “https://books.google.com/books?id=cW1ytnWjObYC&printsec=frontcover&dq=security+risk+management&hl=en&sa=X&ei=_1JFVdGIJsKkgwSG4IGgCA&ved=0CDEQ6AEwAA%23v=onepage&q=security%20risk%20management&f=false” https://books.google.com/books?id=cW1ytnWjObYC&printsec=frontcover&dq=security+risk+management&hl=en&sa=X&ei=_1JFVdGIJsKkgwSG4IGgCA&ved=0CDEQ6AEwAA#v=onepage&q=security%20risk%20management&f=false

HYPERLINK “https://books.google.com/books?id=FJFCrP8vVZcC&printsec=frontcover&dq=security+risk+management&hl=en&sa=X&ei=_1JFVdGIJsKkgwSG4IGgCA&ved=0CD4Q6AEwAg%23v=onepage&q=security%20risk%20management&f=false” https://books.google.com/books?id=FJFCrP8vVZcC&printsec=frontcover&dq=security+risk+management&hl=en&sa=X&ei=_1JFVdGIJsKkgwSG4IGgCA&ved=0CD4Q6AEwAg#v=onepage&q=security%20risk%20management&f=false

3) Prepare the Risk Assessment Plan

Using the NIST report as your guide, address the following items:

Purpose of the assessment,

Scope of the assessment,

Assumptions and constraints, and

Selected risk model and analytical approach to be used.

Document your above analysis in the “Interim Risk Assessment Planning Report.” (An interim report will be consolidated to a final deliverable in a later step.)

All interim reports should be at least 500 words long and include at least five references for each report. These reports will eventually be presented to management for their review.

4) Conduct the Assessment

Again, use the NIST report to address the following:

1) Identify threat sources and events
2) Identify vulnerabilities and predisposing conditions
3) Determine likelihood of occurrence
4) Determine magnitude of impact
5) Determine risk

You are free to make assumptions but be sure to state them in your findings.

In determining risk, include the assessment tables reflect BRI’s risk levels. Refer to Appendix I. on risk determination in Special Publication 800-30.

Document your analysis from this step in the “Interim Risk Assessment Findings Report.” Be sure to include the final risk evaluations in this report.

5) Identify Needed Controls and Programs

Research and specify security controls needed to close the security gaps in BRI.

Also, be sure to include a description of the following programs for securing BRI:

Security Awareness and Training Program (i.e., communications to employees regarding security)

Privacy Protection Program

Business Continuity/Disaster Recovery Program

You should justify the need for the agency to invest in your recommendations.

Document your findings and recommendations from this step in the “Interim Security Recommendations Report.”

6) Communicate the Overall Findings and Recommendations

Integrate of your earlier interim reports into a final management report. Be sure to address:

Summary of the Current Security Situation at BRI (from Step 1)

Risk Assessment Methodology (from Step 2)

Risk Assessment Plan (from Step 3)

Risk Assessment Findings (from Step 4)

Security Recommendations Report (from Step 5)

Conclusions

Also provide a presentation to management. The presentation should consist of 15-20 slides. It should include audio narration (directions are found at: HYPERLINK “https://support.office.com/en-au/article/Add-narration-to-a-presentation-0b9502c6-5f6c-40ae-b1e7-e47d8741161c” https://support.office.com/en-au/article/Add-narration-to-a-presentation-0b9502c6-5f6c-40ae-b1e7-e47d8741161c). The narration should also be captured in the slide notes.

As an alternate method of delivery, you can create a video using YouTube Capture ( HYPERLINK “https://www.youtube.com/capture” https://www.youtube.com/capture) or a similar tool.

Prepare a peer evaluation report.

4. Deliverables

Interim Risk Assessment Planning Report

Interim Risk Assessment Findings Report

Interim Security Recommendations Report

Final presentation

Create a folder to hold all of your deliverables.

Title your files using this protocol: GroupNumber_G-2_AssignmentName_Date.

Please zip (compress) the folder containing all of the files and the team leader is to submit the zipped file in the Assignments area.

In lieu of submitting the presentation, the team leader may provide a link to the presentation file.

NOTE: At the end of the project, each member of the team should email a completed Peer Evaluation form to your instructor.

5. Paper Writing Service – Topic Examples – Rubrics

Research Topics – Criteria

Weight

Score

Identify threats and vulnerabilities associated with information systems and assess their risks

30

Formulate the appropriate security controls to address the identified threats and vulnerabilities

30

Communicate to employees an awareness of security issues related to IT systems

10

Evaluate organizational information systems to insure they protect the privacy of users and of customers

10

Determine requirements for business continuity/disaster recovery plans and backup procedures

10

Exhibit communication skills

10

Total

=SUM(ABOVE) 100

References

Ross, R. (2014). Security and privacy controls for federal information systems and organizations. NIST Special Publication 800-53. Retrieved from HYPERLINK “http://dx.doi.org/10.6028/NIST.SP.800-53r4” http://dx.doi.org/10.6028/NIST.SP.800-53r4

Swanson, M., Wohl, A., Pope, L., Grance, T., Hash, J. & Thomas, R. (2002). Contingency planning guide for information technology systems. NIST Special Publication 800-34.Retrieved from HYPERLINK “http://ithandbook.ffiec.gov/media/22151/ex_nist_sp_800_34.pdf” http://ithandbook.ffiec.gov/media/22151/ex_nist_sp_800_34.pdf

Wilson, M. & Hash, J. (2003). Building an information technology security awareness and training program. NIST Special Publication 800-50. Retrieved from http://csrc.nist.gov/publications/nistpubs/800-50/NIST-SP800-50.pdf

 

Group Project G-3

1. Title

Health Information Technology Architecture

2. Introduction

Largo Corporation has recently acquired Suburban Independent Clinic, Inc. (SIC) which serves the general outpatient medical needs of a suburb just outside of Washington, D.C. It competes directly with CVS Minute Clinic and Urgent Care Center. The corporation appointed you as the chief information officer (CIO) of the clinic in charge of managing clinical and administrative information, technologies and systems.

The clinic is feeling the pressure in many respects – cost, quality of care, access, and efficiency. Disease and personal injuries are on the rise, requirements for efficient and effective care delivery are increasing, and healthcare costs have climbed over time.

Legislation such as the Affordable Care Act has called for the greater adoption of health information technology to improve access, delivery, efficiency and quality of health care serves and treatments while reducing costs and the occurrence of medical errors. This project explores the development and use of information technology IT since it has emerged as a powerful enabler in helping to achieve multiple goals and objectives across the entire U.S. healthcare system.

As the CIO you realize the value and importance of applying IT and have been asked to analyze the issues faced by the clinic and develop a new IT architecture for the facility.

You will benefit from this project in that it will develop your knowledge of information technology in the context of the health care field. So welcome to the world of health information technology and let’s begin this journey step-by-step.

3. Steps to Completion

Your instructor will form the teams. Each member is expected to contribute to the team agreement which documents the members’ contact information and sets goals and expectations for the team.

1) Understand the Setting

The mission statement of Suburban Independent Clinic is as follows:

1. Provide high quality medical care to the patient regardless of race, ethnicity, and gender.

2. Optimize visit experience, communication standards and patient understanding.

3. Treat patients with respect.

4. Maintain patient confidentiality and security.

5. Provide a pleasing working environment for employees.