Medical Information Security: Is it all too hard?
Document Type
Conference Proceeding
Publisher
CSREA Press
Faculty
Faculty of Computing, Health and Science
School
School of Computer and Information Science / Security Research Centre (secAU)
RAS ID
10185
Abstract
The medical information environment has changed dramatically in the past decade with the advent of electronic information exchange and e-health initiatives. With this change have come additional risks to the security of information, particularly to sensitive patient data. Unfortunately, evidence suggests that protection of electronically held patient information is poorly handled in primary care medical practice. Meeting the objectives of best practice security is daunting and in many cases unachievable. A lack of resources, compliance requirements, quality practice and culture are all contributing factors to that need to be addressed and managed. Further, most small organizations do not have IT or security trained personnel and rely on administrative staff to fulfill the security role, which creates considerable exposure of the organization. In seeking solutions, security controls must be contextually relevant and sufficiently practical to allow non-technical staff to implement.
Comments
Williams, P. H. (2010). Medical Information Security: Is it all too hard? . Proceedings of International Conference on Security and Management 2010. (pp. 644-650). Las Vegas, Nevada, USA. CSREA Press. Conference proceedings available here.