Threats to health information security
The purpose of this paper is to identify the threats that exist in Healthcare Information Systems (HIS). The study has been carried out in three different departments namely in Information Technology Department (ITD), Medical Record Department (MRD) and X-Ray Department in one of the leading governm...
Main Authors: | , , |
---|---|
Format: | Article |
Language: | English |
Published: |
Dynamic Publishers,
2010.
|
Subjects: | |
Online Access: | Get fulltext |
Summary: | The purpose of this paper is to identify the threats that exist in Healthcare Information Systems (HIS). The study has been carried out in three different departments namely in Information Technology Department (ITD), Medical Record Department (MRD) and X-Ray Department in one of the leading government supported hospital in Malaysia. The hospital was equipped with Total Hospital Information System (THIS) environment. The data were collected using in-depth structured interviews. The study identified 22 types of threats according to major threat categories based on ISO/IEC 27002 (ISO 27799:2008). The result shows the most critical threat for the THIS is the power failure. In addition acts of human error or failure threat also show high frequency of occurrence. The contribution of the paper will be categorization of threats in HIS and can be used to design and implement effective security systems and policies in healthcare setting. |
---|