Threats to Health Information Security
The purpose of this paper is to identify the threats that exist in Healthcare Information Systems (HIS). The study has been carried out in three different departments namely, Information Technology Department (ITD), Medical Record Department (MRD) and X-Ray Department in one of the leading government supported hospital in Malaysia. The hospital was equipped with Total Hospital Information System (THIS) environment. The data were collected using in-depth structured interviews. The study identified 22 types of threats according to major threat categories based on ISO/IEC 27002 (ISO 27799:2008). The result shows the most critical threat for the THIS is the power failure. In addition, acts of human error or failure threat also show high frequency of occurrence. The contribution of the paper will be categorization of threats in HIS and can be used to design and implement effective security systems and policies in healthcare setting.
Threats Healthcare Information Systems (HIS) Information Security Risk Analysis
Ganthan Narayana Samy Rabiah Ahmad Zuraini Ismail
Department of Computer Systems and Communications Faculty of Computer Science and Information System Centre for Advanced Software Engineering (CASE) Faculty of Computer Science and Information Systems Department of Science College of Science and Technology Universiti Teknologi Malaysia (UTM) Malaysia
国际会议
The Fifth International Conference on Information Assurance and Security(第五届信息保障与安全国际会议)
西安
英文
540-543
2009-08-18(万方平台首次上网日期,不代表论文的发表时间)