eBook - ePub
Implementing Information Security in Healthcare
Building a Security Program
Terrell Herzig, Tom Walsh
This is a test
Partager le livre
- 312 pages
- English
- ePUB (adapté aux mobiles)
- Disponible sur iOS et Android
eBook - ePub
Implementing Information Security in Healthcare
Building a Security Program
Terrell Herzig, Tom Walsh
DĂ©tails du livre
Aperçu du livre
Table des matiĂšres
Citations
Ă propos de ce livre
Implementing Information Security in Healthcare: Building a Security Program offers a critical and comprehensive look at healthcare security concerns in an era of powerful computer technology, increased mobility, and complex regulations designed to protect personal information. Featuring perspectives from more than two dozen security experts, the book explores the tools and policies healthcare organizations need to build an effective and compliant security program. Topics include information security frameworks, risk analysis, senior management oversight and involvement, regulations, security policy development, access control, network security, encryption, mobile device management, disaster recovery, and more. Information security is a concept that has never been more important to healthcare as it is today. Special features include appendices outlining potential impacts of security objectives, technical security features by regulatory bodies (FISMA, HIPAA, PCI DSS and ISO 27000), common technical security features, and a sample risk rating chart.
Foire aux questions
Comment puis-je résilier mon abonnement ?
Il vous suffit de vous rendre dans la section compte dans paramĂštres et de cliquer sur « RĂ©silier lâabonnement ». Câest aussi simple que cela ! Une fois que vous aurez rĂ©siliĂ© votre abonnement, il restera actif pour le reste de la pĂ©riode pour laquelle vous avez payĂ©. DĂ©couvrez-en plus ici.
Puis-je / comment puis-je télécharger des livres ?
Pour le moment, tous nos livres en format ePub adaptĂ©s aux mobiles peuvent ĂȘtre tĂ©lĂ©chargĂ©s via lâapplication. La plupart de nos PDF sont Ă©galement disponibles en tĂ©lĂ©chargement et les autres seront tĂ©lĂ©chargeables trĂšs prochainement. DĂ©couvrez-en plus ici.
Quelle est la différence entre les formules tarifaires ?
Les deux abonnements vous donnent un accĂšs complet Ă la bibliothĂšque et Ă toutes les fonctionnalitĂ©s de Perlego. Les seules diffĂ©rences sont les tarifs ainsi que la pĂ©riode dâabonnement : avec lâabonnement annuel, vous Ă©conomiserez environ 30 % par rapport Ă 12 mois dâabonnement mensuel.
Quâest-ce que Perlego ?
Nous sommes un service dâabonnement Ă des ouvrages universitaires en ligne, oĂč vous pouvez accĂ©der Ă toute une bibliothĂšque pour un prix infĂ©rieur Ă celui dâun seul livre par mois. Avec plus dâun million de livres sur plus de 1 000 sujets, nous avons ce quâil vous faut ! DĂ©couvrez-en plus ici.
Prenez-vous en charge la synthÚse vocale ?
Recherchez le symbole Ăcouter sur votre prochain livre pour voir si vous pouvez lâĂ©couter. Lâoutil Ăcouter lit le texte Ă haute voix pour vous, en surlignant le passage qui est en cours de lecture. Vous pouvez le mettre sur pause, lâaccĂ©lĂ©rer ou le ralentir. DĂ©couvrez-en plus ici.
Est-ce que Implementing Information Security in Healthcare est un PDF/ePUB en ligne ?
Oui, vous pouvez accĂ©der Ă Implementing Information Security in Healthcare par Terrell Herzig, Tom Walsh en format PDF et/ou ePUB ainsi quâĂ dâautres livres populaires dans Business et Business generale. Nous disposons de plus dâun million dâouvrages Ă dĂ©couvrir dans notre catalogue.
Informations
Chapter 1
The Importance of Information Security in Healthcare
By Terrell W. Herzig, MSHI, CISSP
Today, computers and the Internet are pervasive. We work with computers as a matter of our employment; we attend classes online; we use them for research, entertainment, shopping, banking, and social interactions. We carry laptops, tablets, and smartphones everywhere we travel. There is hardly anything we do today that does not involve interaction with a computing device.
While this technology enables us to be more productiveâaccessing a mass of information with a mere click of the mouseâit brings with it a host of security concerns. If the information on these systems is accessed inappropriately, lost, stolen, or is rendered inaccessible, the consequences could be disastrous. We may discover that our bank accounts have been depleted or our identities have been stolen. Our employers could lose millions of dollars, face prosecution, incur regulatory fines, and lose customer loyalty.
Technology continues to change at a rapid rate, with consumer devices leading the way on an almost-daily basis. Security typically takes a back seat during such drives of innovation and our ability to secure ourselves progresses slowly. This has resulted in a rapid rise in the number of reported incidents and breaches.
Information security is a concept that has never been more important to healthcare than it is today. The advent of more powerful computer technology and increased mobility means we can leverage this rise in technology to treat patients faster, more consistently, and with better outcomes, all while reducing cost. As healthcare moves from traditional brick-and-mortar infrastructures to health information exchanges, home healthcare, and accountable care organizations, mobility and access to information assets will be key to delivering patient care. Securing confidential information will not only be of importance to our patient populations, but to the success of your healthcare organization.
Information security is about protecting our assets. What kinds of assets need protecting? The answer is: a very broad range. While this would obviously include physical items with inherent value and value to the business, it will also include things such as intellectual property and intangible assets such as data, software, and source code. In todayâs information-rich environment, we find many of our logical assets at least as valuable as our physical assets. Finally, no discussion of assets would be complete with-out mentioning our most important organizational assetâpeople. We canât conduct business or treat patients without them.
While we can certainly secure systems, information security must always balance security with the value of the asset and usability of a system. For example, surrounding a hospital with rows of razor wire, attack dogs, and armed guards might contribute to the security of the hospital, but it certainly would not be inviting to patients seeking treatment.
So when do we achieve that ideal balance of security and risk management to cost and usability? First and foremost, security should never overvalue the cost of the assets we are trying to protect. This means we must consider the intangible value of assets, the cost of replacing the asset if it is lost, and establish reasonable levels of protection for the value of the asset.
In healthcare finding this balance point can be particularly challenging. We could look at the threats to our assets and ask ourselves questions. For example:
- Can others scan our systems from the Internet?
- Do we authenticate with passwords?
- Do we keep our systems up-to-date?
- Do we understand how our systems can be exploited?
- Do we monitor our systems for attacks?
- Do we provide a safe work environment for our employees?
- Do we provide a safe environment in which to treat our patients?
If we attempt to answer thes...