Safe Teleradiology: Information Assurance as Project Planning Methodology
AUTOR(ES)
Collmann, Jeff
FONTE
American Medical Informatics Association
RESUMO
The Georgetown University Medical Center Department of Radiology used a tailored version of OCTAVESM, a self-directed information security risk assessment method, to design a teleradiology system that complied with the regulation implementing the security provisions of the Health Insurance Portability and Accountability Act (HIPAA) of 1996. The system addressed threats to and vulnerabilities in the privacy and security of protected health information. By using OCTAVESM, Georgetown identified the teleradiology program's critical assets, described threats to the assurance of those assets, developed and ran vulnerability scans of a system pilot, evaluated the consequences of security breaches, and developed a risk management plan to mitigate threats to program assets, thereby implementing good information assurance practices. This case study illustrates the basic point that prospective, comprehensive planning to protect the privacy and security of an information system strategically benefits program management as well as system security.
ACESSO AO ARTIGO
http://www.pubmedcentral.nih.gov/articlerender.fcgi?artid=543831Documentos Relacionados
- Planning serials cancellations and cooperative collection development in the health sciences: methodology and background information.
- Marketing/Planning Library and Information Services
- Active Life: a project for a safe hospital-community transition after arthroplasty
- An information system for health facilities planning.
- Woman to Woman: Community Health Information Project*
