The most common types of system access controlsAccess control requires unique user identification, emergency access procedure , automatic disconnection as well as data encryption and decryption. In order to preserve the confidentiality, integrity and availability of data, it is important to control access to the information system. Controls prevent unauthorized users from accessing the system and/or modifying data. They also prevent authorized users from making unauthorized changes to the data. Some common examples are user-based, role-based, and context-based access control, with the highest security on context-based access control. Access controls placed on access are classified in one of three ways: preventative, detective, or corrective. The key to access controls is declaring who you are before entering a system and having the system verify that you are authorized to access. This is called identification and authentication. There are different ways to authenticate users, such as: PIN, password, phrase, passcode, ATM, token, smart card, fingerprint, retina, etc. The steps of access controls are: working by identifying and authenticating a user in the system, then authorizing them, the user, to use or see access to an application or data, and finally making take into account what they do. Three symptoms/indications of inadequate system security protection. • Inadequate policies, procedures and culture governing control system security. Safety starts with the culture and mindset of everyone involved. “We tend to think of security in terms of technical solutions: firewalls, passwords, etc. “While these elements may cover 20% of the overall solution, common-sense safety approaches implemented by plant personnel should make up the remaining 80%. ...... middle of paper ...... hardware, software, etc.) to develop an appropriate security architecture. Information security models are used to organize and formalize security policies by providing a concept and framework. There are three main types of security models:• Access control: This model, common in healthcare, allows organizations to identify users and can classify data to allow or restrict access.• Integrity : This type of model not only protects privacy but also works to protect data integrity. An integrity model prevents information from being modified by unauthorized users and prevents authorized users from making unauthorized changes. • Information flow: In this model, information is classified and flows in a specified manner based on security policies and rules. Works Cited http://www.nist.govhttp://www.himss.org/ASP/index.asphttp://library.ahima.org