Risk Assessment and Management in Healthcare
Added on 2020-07-22
14 Pages3454 Words25 Views
|
|
|
STRATEGICINFORMATIONSECURITY
Table of ContentsSTRATEGIC INFORMATION SECURITY..................................................................................1INTRODUCTION...........................................................................................................................1Main body........................................................................................................................................1Health information and matters related to the privacy and security-..........................................1Information security programme.................................................................................................1Proper identification of the security and the privacy requirements............................................2Information security policy.........................................................................................................3Phases of the security policy development.................................................................................3The system checked as per the accordance with the HIPPA compliance- .................................4Layered approach to privacy and security..................................................................................4Risk management assessment process........................................................................................6Increasing of information security with management of roles and responsibility.....................7CONCLUSION................................................................................................................................9REFERENCES................................................................................................................................2
INTRODUCTIONThe term strategic information security defines objectives of an organisation. To maintainconfidentiality of matter relating to business enterprise is essential for its growth and success.The company should focus on protecting data assets. It is necessary to build and maintainsecurity programme of an organisation. In hospital, it is very hard to management because in thisthere are number of department with the variety of patients. In this file, there is description of thestrategic information security of health organisation of National health service (Ahlholm. f.,2013). The data system of business enterprise should be well secured so that can be protectedfrom unauthorized access. various topics have been addressed in this assignment likeimprovement, risk management and to maintain integrity and confidentiality of services. Somekind of important information should be in access of one person only. The National healthservices is taking various initiative in regard to maintain essential security of organisation.Main bodyHealth information and matters related to the privacy and security-National health service is a kind of the social service which is taking various steps inrelation to maintain the privacy of the patient record so that relationship exist between thediligent and with physician in the healthcare can be improvised. In this person should share theright kind of information to the medical practitioner so he/she can help him to diagnose theillness properly. To create trust and understanding between both of the hospital administrationshould overlook to maintain the confidentiality in the matter relate to their illness. It is the dutyof the hospital information security programme for making improvement on the health carepolicies which are essential in the relation towards the maintaining patient privacy (Al-Alawi andet.al., 2016.). It is very hard to maintain the matter confidential because it passes with the help ofthe electronic medium. It is one kind of the challenge with regard to maintain the integrity andavailability of the data. The NHS is a social care department which are working as treating thenumber of patients to make security management plan in order to have privacy and security inthe data of the patients.Information security programmeThe information security programme should be taken in the health care organisation. Thisthing can be done on the basis of the proactive approach it helps in the way to have protectionwith regard to have unauthorised access. The identification of the process can be done on regular1
basis. The administration should have their eyes on this matter in the regular basis. It is veryessential to understand the subject matter and taking various steps in relation to make effectivesecurity management plan (Cooper, 2017). There are the various elements in order to makeefficient and well defined secures plan in context of strategic data protection are: 1.Making number of implementation in relation to maintain the information securitymanagement program.2.Development and proper identification of the security policies and the number of theprocedures.3.Make proper determination of the role and responsibilities of the various department tohave protection in term to unauthorised assessed of the sensitive data of the patient.4.The staff of the medical organisation should be effective trained that they maintain thework of the firm in the strict and discipline manner.5.The working of the security staff should be well monitored and checked on the regularbasis.In order to make this process more effective the management programme of the NHS is inclusiveof eh three strategies are as- 1.Proper privacy and security programme.2.Risk management3.complianceThe risk management strategy should work in well and effective manner in order to make wellobjective in relation to have proper identification and assessing the data from unauthorisedaccess. The security control management are required to deal with the risk are as risk mitigationand risk avoidance. The effective benefit of the risk management strategy is to allow the hospitalto make informed decision regarding the allocation of the different security resource and thiskind of activity helps in manner to have improved data protection. The audit logs of theorganisation should be well secured in relation to have protective data.Proper identification of the security and the privacy requirementsThe proactive approach should be opted by the health care organisation in order to dealwith the security and the privacy instead of being reactive. The health organisation needs to dothe activity in such manner which can develop both kind of the approaches as preventive andproactive at the same time, so, the risk of the data assess can be well secured from unauthorised2
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents