Issues and Trends in HBI Ch12 pp

3,069 views
3,317 views

Published on

Published in: Health & Medicine
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
3,069
On SlideShare
0
From Embeds
0
Number of Embeds
2,409
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Issues and Trends in HBI Ch12 pp

  1. 1. Handbook of Informatics for Nurses & Healthcare Professionals Fifth Edition CHAPTER 12 Information Security and Confidentiality Handbook of Informatics for Nurses & Healthcare Professionals, Fifth Edition Toni Hebda • Patricia Czar
  2. 2. Learning Outcomes1. Understand the differences between privacy, confidentiality, information privacy, and information security and the relationships among them.2. Discuss how information system security affects privacy, confidentiality, and security.3. Understand the significance of security for information integrity. Handbook of Informatics for Nurses & Healthcare Professionals, Fifth Edition Toni Hebda • Patricia Czar
  3. 3. Learning Outcomes4. Recognize potential threats to system security and information.5. Identify several security measures designed to protect information and discuss how they function.6. Compare and contrast available methods of authentication in terms of levels of security, costs, and ease of use. Handbook of Informatics for Nurses & Healthcare Professionals, Fifth Edition Toni Hebda • Patricia Czar
  4. 4. Learning Outcomes7. Distinguish between appropriate and inappropriate password selection and processing.8. Provide common examples of confidential forms and communication seen in healthcare settings and identify proper disposal techniques for each. Handbook of Informatics for Nurses & Healthcare Professionals, Fifth Edition Toni Hebda • Patricia Czar
  5. 5. Learning Outcomes9. Discuss the impact that Internet technology has on the security of health-related information.10.Discuss the implications of the HIPAA privacy and security rules as they relate to the protection of medical information. Handbook of Informatics for Nurses & Healthcare Professionals, Fifth Edition Toni Hebda • Patricia Czar
  6. 6. Security• Information security and confidentiality of personal information represent major concerns in today’s society amidst growing reports of stolen and compromised information. Handbook of Informatics for Nurses & Healthcare Professionals, Fifth Edition Toni Hebda • Patricia Czar
  7. 7. Confidentiality• The protection of healthcare information is mandated by the Health Insurance Portability and Accountability Act (HIPAA) and the Joint Commission requirements. Handbook of Informatics for Nurses & Healthcare Professionals, Fifth Edition Toni Hebda • Patricia Czar
  8. 8. Privacy• A state of mind, freedom from intrusion, or control over the exposure of self or of personal information Handbook of Informatics for Nurses & Healthcare Professionals, Fifth Edition Toni Hebda • Patricia Czar
  9. 9. Significance of Privacy• Key concept to understanding significance of information security and privacy• Includes right to determine what information is collected, how it is used, and the ability to review collected information for accuracy and security• International movement to protect privacy Handbook of Informatics for Nurses & Healthcare Professionals, Fifth Edition Toni Hebda • Patricia Czar
  10. 10. Confidentiality• A situation in which a relationship has been established and private information is shared with the expectation that it will not be re- disclosed• Key to client treatment Handbook of Informatics for Nurses & Healthcare Professionals, Fifth Edition Toni Hebda • Patricia Czar
  11. 11. Information/Data Privacy• The right to choose the conditions and extent to which information and beliefs are shared and the right to ensure accuracy of information collected Handbook of Informatics for Nurses & Healthcare Professionals, Fifth Edition Toni Hebda • Patricia Czar
  12. 12. Information Security• …the protection of information against threats to its integrity, inadvertent disclosure, or availability determines the survivability of a system Handbook of Informatics for Nurses & Healthcare Professionals, Fifth Edition Toni Hebda • Patricia Czar
  13. 13. Consent• …the process by which an individual authorizes healthcare personnel to process his or her information based on an informed understanding of how this information will be used• Entails making the individual aware of risks to privacy and measures to protect it Handbook of Informatics for Nurses & Healthcare Professionals, Fifth Edition Toni Hebda • Patricia Czar
  14. 14. Information System Security• Ongoing protection of both information housed on the system and the system itself from threats or disruption• Primary goals – Protection of client confidentiality – Protection of information integrity – Ready availability of information when needed Handbook of Informatics for Nurses & Healthcare Professionals, Fifth Edition Toni Hebda • Patricia Czar
  15. 15. Security Planning• Saves time and money• Guards against: – Downtime – Breeches in confidentiality – Loss of consumer confidence – Cybercrime – Liability – Lost productivity• Helps ensure compliance with HIPAA Handbook of Informatics for Nurses & Healthcare Professionals, Fifth Edition Toni Hebda • Patricia Czar
  16. 16. Steps to Security• Assessment of risks and assets• An organizational plan• A “culture” of security• The establishment and enforcement of policies Handbook of Informatics for Nurses & Healthcare Professionals, Fifth Edition Toni Hebda • Patricia Czar
  17. 17. Threats to System Security and Information• Thieves • Viruses, worms• Hackers and • Flooding sites crackers • Power fluctuations• Denial of service • Revenge attacks attacks• Terrorists Handbook of Informatics for Nurses & Healthcare Professionals, Fifth Edition Toni Hebda • Patricia Czar
  18. 18. Threats to System Security and Information• Pirated Web sites • Fires and natural• Poor password disasters management • Human error• Compromised • Unauthorized device insider access Handbook of Informatics for Nurses & Healthcare Professionals, Fifth Edition Toni Hebda • Patricia Czar
  19. 19. Security Measures• Firewalls—barrier created from software and hardware• Antivirus and spyware detection• User sign-on and passwords or other means of identity management• Access on a need-to-know basis• Automatic sign-off• Physical restrictions to system access Handbook of Informatics for Nurses & Healthcare Professionals, Fifth Edition Toni Hebda • Patricia Czar
  20. 20. Identity Management• Area that deals with identifying individuals in a system and controlling their access to resources within that system by associating user rights and restrictions with the established identity Handbook of Informatics for Nurses & Healthcare Professionals, Fifth Edition Toni Hebda • Patricia Czar
  21. 21. Authentication• Process of determining whether someone is who he or she professes to be• Methods: access codes, logon passwords, digital certificates, and public or private keys used for encryption and biometric measures Handbook of Informatics for Nurses & Healthcare Professionals, Fifth Edition Toni Hebda • Patricia Czar
  22. 22. Password• Collection of alphanumeric characters that the user types into the computer• May be required after the entry of an access code or user name• Assigned after successful system training• Inexpensive but not the most effective means of authentication Handbook of Informatics for Nurses & Healthcare Professionals, Fifth Edition Toni Hebda • Patricia Czar
  23. 23. Password Selection and Handling• Choose passwords • Do not: that are 8-12 – Post or write down characters long. passwords.• Avoid obvious – Leave computers or applications running passwords. when not in use.• Never share – Re-use the same passwords. password for• Change password different systems. frequently. – Use the “browser save” feature. Handbook of Informatics for Nurses & Healthcare Professionals, Fifth Edition Toni Hebda • Patricia Czar
  24. 24. Biometrics• Identification based on a unique biological trait, such as a fingerprint, voice or iris pattern, retinal scan, hand geometry, face recognition, ear pattern, smell, blood vessels in the palm, gait recognition, or keystroke cadence Handbook of Informatics for Nurses & Healthcare Professionals, Fifth Edition Toni Hebda • Patricia Czar
  25. 25. Antivirus Software• Computer programs that can locate and eradicate viruses and other malicious programs from scanned memory sticks, storage devices, individual computers, and networks Handbook of Informatics for Nurses & Healthcare Professionals, Fifth Edition Toni Hebda • Patricia Czar
  26. 26. Spyware Detection Software• Detects and eliminates spyware, a type of software that installs itself without the user’s permission, collects passwords, PIN numbers, and account numbers and sends them to another party Handbook of Informatics for Nurses & Healthcare Professionals, Fifth Edition Toni Hebda • Patricia Czar
  27. 27. Proper Handling and Disposal• Acceptable uses• Audit trails to monitor access• Encourage review for accuracy• Establish controls for information use after hours and off site• Shred or use locked receptacles for the disposal of items containing personal health information Handbook of Informatics for Nurses & Healthcare Professionals, Fifth Edition Toni Hebda • Patricia Czar
  28. 28. The Impact of the Internet• Introduces new threats – E-mail and instant messages may carry personal health information that can be intercepted – Unapproved use of messages or Web sites can introduce malicious programs – Web sites used for personal health information may be inappropriately accessed Handbook of Informatics for Nurses & Healthcare Professionals, Fifth Edition Toni Hebda • Patricia Czar
  29. 29. Implications for Mobile Computing • Devices are easily stolen. • Devices should require authentication and encryption to safeguard information security. • Devices should never be left where information may be seen by unauthorized viewers. • Verify wireless networks before use. Handbook of Informatics for Nurses & Healthcare Professionals, Fifth Edition Toni Hebda • Patricia Czar
  30. 30. Implications for Mobile Computing • Responsibility for information and information system security is shared Handbook of Informatics for Nurses & Healthcare Professionals, Fifth Edition Toni Hebda • Patricia Czar

×