Abstract
Healthcare Information Technology (IT) has made great advances over the past few years and while these advances have enable healthcare professionals to provide higher quality healthcare to a larger number of individuals it also provides the criminal element more opportunities to access sensitive information, such as patient protected health information (PHI) and Personal identification Information (PII). Having an Information Assurance (IA) programallows for the protection of information and information systems and ensures the organization is in compliance with all requires regulations, laws and directive is essential. While most organizations have such a policy in place, often it is inadequate to ensure the proper protection to prevent security breaches. The increase of data breaches in the last few years demonstrates the importance of an effective IA program. To ensure an effective IA policy, the policy must manage the operational risk, including identifying risks, assessment and mitigation of identified risks and ongoing monitoring to ensure compliance
Highlights
Advances in today’s Healthcare Information Technology have allowed healthcare professionals to become highly connected to the information highway which provides them greater access to patients and their healthcare information
Medical ID theft is becoming big business, the World Privacy Forum found that a social security number has a street value of one dollar and a stolen medical identity goes for fifty dollars [4]
Senior management has the key responsibility to support and promote the Information Assurance (IA) program to the organization and to ensure that the organization is in compliance with the industry laws and regulations, such as Privacy act, Health Insurance Portability and Accountability Act (HIPAA), etc., because a data breach can be costly for an organization
Summary
Advances in today’s Healthcare Information Technology have allowed healthcare professionals to become highly connected to the information highway which provides them greater access to patients and their healthcare information. Organizations must ensure that that is a Information Assurance program is in place and that it is adequate enough to address the increased threats to the confidentiality, integrity, and availability of sensitive information, such as patient health information, and stays in compliance with all financial, legal and health care compliance regulations. Kingdom Hospital is a factious hospital that is used for this case study and as a hospital has unique requirements, such as medical devices, wireless devices (tablets, blackberries, etc.), Health Insurance Portability and Accountability Act (HIPAA) and Privacy issues that are not currently being fully met This increases the threat to the confidentiality, integrity, and availability of Kingdom resources and assets, such as electronic protected health information (PHI)
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have