Introduction to e-Healthcare Information Security

   

Added on  2020-09-08

6 Pages1419 Words143 Views
1CONCEPT PAPERUniversity of NairobiHealth InformaticsNames: Joan Namwenya SoitaAdm No: P51/73095/2014 Title: Framework for Assessment of the Adequacy of Information Security in E-Healthcare in KenyaIntroductionInformation security is a vital aspect in the healthcare organizations (Appari & Johnson, 2010). Most healthcare organizations use the Electronic Healthcare Record with the patients' information. EHR, however, is considered very sensitive in the healthcare organization (van der Linden, Kalra, Hasman, & Talmon, 2009). The confidential information of patients in the healthcare need to be well managed to assure its safety as well as the security so that the incidences of unauthorized access and data loss are not experienced at all. The high-level quality care to the patients is only made possible if the existing healthcare management system has the capability of providing the right information at the right time at the right place (Rezai-Rad, Vaezi, & Nattagh, 2012). The key aspects of the information security are accessibility and availability. The applicable information is required to be made available and accessible to the user in the healthcare organization and across the organizational borders with lots of ease. Also, it is important to protect the security of the patient from the unauthorized access as well as maintaining the recommended level within the healthcare with regards to the information security (Blobel, 2004).
Introduction to e-Healthcare Information Security_1
2Problem definition There are a larger number of patients interacting with the nurses, pharmacists, anddoctors among other healthcare workers and through the interaction, the patient informationregarding medical status exchanged among the different users of the health care system. This,therefore, calls for an appropriate and well-defined structure for storage, management, andoffering security to the information against threats (Appari & Johnson, 2010). Despite thedemand for higher security in the electronic health records, most healthcare providers in Kenyaare yet to implement frameworks for assessing the information security of the patients' data.Through the ICT, the development has contributed positively to the health care system, butthreats to this electronic information keep increasing simultaneously. It is, therefore, important tosubmit to the fact that efficient management of these information experiences many challengingissues related to security threats (Mohan et al., 2009). The assessment of Information Security Frameworks provides a functional comparison ofIT security controls and policies against respected industry frameworks (Rezai-Rad, Vaezi, &Nattagh, 2012). In Kenya currently, there is no formal adopted framework for the protection ofpersonally identifiable data as it regards to health. However regulatory and compliance issueshave tried to enable controls on the security of individuals’ health information. Definitely, theseapproaches are not sufficient, Kenyan health system should adopt established securityframeworks like ISO 27000, NIST SP 800-53, and HIPAA, etc. to manage information securityin Healthcare. But still, with the adoption of any of this frameworks, there will still exist greatconcerns about the safety posture of Health information systems, or policy changes and newtechnology investments to consider together with compliance and regulatory issues (Rezai-Rad,Vaezi, & Nattagh, 2012). Even with a particular framework to adopt, it can be difficult to set and
Introduction to e-Healthcare Information Security_2
3adjust policy and security controls for specific health information needs, and to know where andhow each framework intersects (GOA/AIMD, 1999).To address this issues and concerns, comprehensive dynamic Information securityassessment framework in health care requires being developed. In my view, no known study hasbeen conducted to develop an information security assessment framework in health care inKenya. This study, therefore, seeks to come up this framework for assessing the adequacy ofadopted information security frameworks.Research questions1.What are the issues in the information management of the investigated areaconcerning information security?2.Which information security assessment framework can be used to improve on theinformation security?The above questions are addressed via the quantitative and qualitative researchrespectively. The answers to the two questions are obtained by first conducting theliterature survey followed by the interviews supplemented by the case study. Answers tothese questions are useful in finding the solutions as well as the guidelines for theimprovement of EHR information security (Jafari et al., 2010).Research aimsTo validate the developed framework in place in e-healthcare.
Introduction to e-Healthcare Information Security_3

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
Analysis of my Health Record System Assignment PDF
|5
|1174
|256

Comprehensive Competency Assessment 2022
|4
|805
|20

Cyber Security: Quantify the System
|4
|700
|376

Electronic Health Records Presentation 2022
|14
|900
|21

Electronic Health Records Assignment
|5
|1075
|129

Data Governance
|9
|1937
|240