A Survey of Security Standards Applicable to Health Information Systems

2013 ◽  
Vol 7 (4) ◽  
pp. 22-36 ◽  
Author(s):  
Francis Akowuah ◽  
Xiaohong Yuan ◽  
Jinsheng Xu ◽  
Hong Wang
Keyword(s):  
Information Systems ◽  
Health Information ◽  
Health Information Systems ◽  
Personal Health Information ◽  
Security And Privacy ◽  
Personal Health ◽  
Healthcare Organizations ◽  
Starting Point ◽  
Wide Range ◽  
Security Standards

The information maintained by Health Information Systems (HIS) is often faced with security threats from a wide range of sources. Some government's regulations require healthcare organizations and custodians of personal health information to take practical steps to address the security and privacy needs of personal health information. Standards help to ensure an adequate level of security is attained, resources are used efficiently and the best security practices are adopted. In this paper, the authors survey security standards applicable to healthcare industry including Control OBjective for Information and related Technology (COBIT), ISO/IEC 27002:2005, ISO/IEC 27001:2005, NIST Special Publication 800-53, ISO 27799:2008, HITRUST Common Security Framework (CSF), ISO 17090:2008, ISO/TS 25237:2008, etc. This survey informs the audience currently available standards that can guide the implementation of information security programs in healthcare organizations, and provides a starting point for IT management in healthcare organizations to select a standard suitable for their organizations.

Emerging Approaches to Evaluating the Usability of Health Information Systems

2010 ◽  
pp. 1-22 ◽  
Author(s):  
Andre W. Kushniruk ◽  
Elizabeth M. Borycki ◽  
Shige Kuwata ◽  
Francis Ho
Keyword(s):  
Information Systems ◽  
Health Information ◽  
Information Needs ◽  
Health Information Systems ◽  
Ease Of Use ◽  
Software Systems ◽  
Clinical Settings ◽  
Healthcare Organizations ◽  
Wide Range ◽  
Usability Data

It is essential that health information systems are easy to use, meet user information needs and are shown to be safe. However, there are currently a wide range of issues and problems with health information systems related to human-computer interaction. Indeed, the lack of ease of use of health information systems has been a major impediment to adoption of such systems. To address these issues, the authors have applied methods emerging from the field of usability engineering in order to improve the adoption of a wide range of health information systems in collaboration with hospitals and other healthcare organizations throughout the world. In this chapter we describe our work in conducting usability analyses that can be used to rapidly evaluate the usability and safety of healthcare information systems, both in artificial laboratory and real clinical settings. We then discuss how this work has evolved towards the development of software systems (“virtual usability laboratories”) capable of remotely collecting, integrating and supporting analysis of a range of usability data.

Emerging Approaches to Evaluating the Usability of Health Information Systems

2011 ◽  
pp. 2057-2078
Author(s):  
Andre W. Kushniruk ◽  
Elizabeth M. Borycki ◽  
Shige Kuwata ◽  
Francis Ho
Keyword(s):  
Information Systems ◽  
Health Information ◽  
Information Needs ◽  
Health Information Systems ◽  
Ease Of Use ◽  
Software Systems ◽  
Clinical Settings ◽  
Healthcare Organizations ◽  
Wide Range ◽  
Usability Data

It is essential that health information systems are easy to use, meet user information needs and are shown to be safe. However, there are currently a wide range of issues and problems with health information systems related to human-computer interaction. Indeed, the lack of ease of use of health information systems has been a major impediment to adoption of such systems. To address these issues, the authors have applied methods emerging from the field of usability engineering in order to improve the adoption of a wide range of health information systems in collaboration with hospitals and other healthcare organizations throughout the world. In this chapter we describe our work in conducting usability analyses that can be used to rapidly evaluate the usability and safety of healthcare information systems, both in artificial laboratory and real clinical settings. We then discuss how this work has evolved towards the development of software systems (“virtual usability laboratories”) capable of remotely collecting, integrating and supporting analysis of a range of usability data.

scholarly journals Developing A General Framework for National Health Information Network for Developing Countries

2020 ◽  
Vol 9 ◽  
pp. 1792
Author(s):  
Hamid Moghaddasi ◽  
Reza Rabiei ◽  
Farkhondeh Asadi ◽  
Ali Mohammadpour
Keyword(s):  
Information Systems ◽  
Health System ◽  
Health Information ◽  
National Health ◽  
General Framework ◽  
Health Information Systems ◽  
Three Dimensions ◽  
Information Network ◽  
Starting Point ◽  
The Usa

Background: The National Health Information Network (NHIN) is one of the key issues in health information systems in any country. However, the development of this network should be based on an appropriate framework. Unfortunately, the conducted projects of health information systems in the Ministry of Health of Iran do not fully comply with the concept of NHIN. The present study was aimed to develop a general framework for NHIN in Iran. Materials and Methods: In this study, in the first stage, the required information about the concept of the NHIN framework and related NHIN documents in the USA and the UK were collected based on a literature review. Then, according to the results of the first stage and with regards to the structure of the Iranian health system, a general framework for Iranian NHIN was proposed. The Delphi technique was conducted to verify the framework. Results: The proposed framework for Iranian NHIN includes three dimensions; components, principles, and architecture. Over 80% of experts have evaluated all three aspects of the framework at an acceptable scale. In total, the proposed framework has been evaluated by 83.8% of the experts at an acceptable scale. Conclusion: The proposed framework was expected to serve as the starting point for moving towards the design and creation of Iranian NHIN. At any rate, the framework could be criticized, and it could only be used for the countries whose health system is similar to the structure of the health system in Iran. [GMJ.2020;9:e1792]

scholarly journals Health Information Systems in the Digital Health Ecosystem—Problems and Solutions for Ethics, Trust and Privacy

2020 ◽  
Vol 17 (9) ◽  
pp. 3006
Author(s):  
Pekka Ruotsalainen ◽  
Bernd Blobel
Keyword(s):  
Information Systems ◽  
Intellectual Property ◽  
Health Information ◽  
Digital Health ◽  
Health Information Systems ◽  
Personal Health Information ◽  
Intellectual Property Right ◽  
Ethical Principles ◽  
Computational Trust ◽  
Trust Models

Digital health information systems (DHIS) are increasingly members of ecosystems, collecting, using and sharing a huge amount of personal health information (PHI), frequently without control and authorization through the data subject. From the data subject’s perspective, there is frequently no guarantee and therefore no trust that PHI is processed ethically in Digital Health Ecosystems. This results in new ethical, privacy and trust challenges to be solved. The authors’ objective is to find a combination of ethical principles, privacy and trust models, together enabling design, implementation of DHIS acting ethically, being trustworthy, and supporting the user’s privacy needs. Research published in journals, conference proceedings, and standards documents is analyzed from the viewpoint of ethics, privacy and trust. In that context, systems theory and systems engineering approaches together with heuristic analysis are deployed. The ethical model proposed is a combination of consequentialism, professional medical ethics and utilitarianism. Privacy enforcement can be facilitated by defining it as health information specific contextual intellectual property right, where a service user can express their own privacy needs using computer-understandable policies. Thereby, privacy as a dynamic, indeterminate concept, and computational trust, deploys linguistic values and fuzzy mathematics. The proposed solution, combining ethical principles, privacy as intellectual property and computational trust models, shows a new way to achieve ethically acceptable, trustworthy and privacy-enabling DHIS and Digital Health Ecosystems.

Privacy and Security: Are Your Health Information Systems up to Standard?

1996 ◽  
Vol 26 (4) ◽  
pp. 197-201 ◽  
Author(s):  
Tina Magennis ◽  
Jennifer Mitchell
Keyword(s):  
Health Care ◽  
Information Systems ◽  
Health Information ◽  
Health Information Systems ◽  
Health Data ◽  
Human Behaviour ◽  
Personal Health ◽  
Privacy And Security ◽  
Patient Health ◽  
Privacy And Confidentiality

As electronic patient health information systems become more fully developed and widespread, there are persistent concerns about the privacy and confidentiality of the personal health data being stored and disseminated. Standards Australia has released two Standards which provide useful guidelines for the organisational, technological and human behaviour solutions required to protect privacy and confidentiality in health care organisations. The major requirements of these Standards are outlined and the implications of the Standards for health information managers are discussed.

Sign in / Sign up

Export Citation Format

Share Document