Abstract
The healthcare sector has seen the introduction of information technologies that has helped in the enhancement of health care procedures. This effort has been seen to be going on for a long time. Information processes like information retrieval have helped in achieving efficient management of health care processes and procedures. The source of information that are fed to healthcare information systems should be assessed to ensure that the integrity of data is achieved. Data management is an important aspect of the information process. There should be ways on which e information is ensured to be safe.
Organization’s information security policies
Johns Hopkins hospital has faced many security challenges in securing the information systems. Data security is a serious issue especially when it comes to personal and sensitive data such as hospital patient records. There has been several security measures put in place by the hospital to ensure that data security is enhanced. Each person who wants to access the data in the hospital must have authorization with password and . Security and safety of patient data is one of the principle guidelines of the hospital. It states that hospital information should be fairly protected by the IT personnel regardless of the dynamic nature of the environment. The use of uninterrupted power supply UPS to all the data center is an exercise that the organization undertakes to ensure that there is no loss of information in the event that the external power supply has a problem. Power shorts and power surge are the major sources of damaging storage devices and information systems. Large data centers have high capacity servers and systems that take a long time to boot. While the servers are booting process users will not have services or access information which leads to a denial of service. Reliability and availability of data is very important factor to data integrity and confidentiality of information.
Confidentiality, availability and reliability of data and information
Wireless access points within the hospitals are secured with security certification program (WAP2) technology where data is encrypted. The organization provides an alternative network connection to clients to access internet services within the hospital but linking to internal servers requires use of WAP2 technology. The organization has set up policies and guidelines to ensure that it compliance with several standards such as data governance, information classification and privacy framework.
Centralization of database systems is another method of securing data in Johns Hopkins Hospital. Storing information in different locations makes it difficult for system and database administrators to monitor the use and utilization of the resources. It is easier to monitor all of the data management related issues from a central location. It is easy to establish the source of violation to data regulation. Johns Hopkins hospital has also implemented a single log in systems. The single sign in system will enable the IT personnel to tackle the challenges in security breach.
Catastrophic event such as a fire or other natural disaster
The organization is well prepared for natural disasters such as fire. There are backups of data stored in different locations which are done regularly. The information centres have fireproof data cabinets where backup files are stored. In the event that fire occurs the institution will not loss all of the data. Fire extinguishers are also fixed in different locations of the data centre and other rooms within the organization. Fire alarm systems are also fixed in the hospital to ensure that the damage of fire can be control by the fire fighters.
Organization could do to further enhance information security?
Data security breach in the hospital occurred when one of the computers was stolen from the administrative offices. The computer contained vital information of over five thousands patients. Some of the sensitive information was the social security numbers, medical history as well as the names of the patients. The hospital recovered the computer and assured the patients that their data was not compromised and a specialist was hired to further investigate data breach issues. The organization should put in place measures to ensure that data devices are not easily carried from the institution. The doors to the offices should have biometry features to only allow in those who have the authorization. Portable devices should have tracking devices and ability to sound an alarm once they are outside the designated area. This will improve the security of data.
References
Hebda, T. L., Czar, P., & Mascara, C. M. (2006). Handbook of informatics for nurses & health care professionals.
Kaufman, L. M. (2009). Data security in the world of cloud computing. Security & Privacy, IEEE, 7(4), 61-64.
Saltzer, J. H., & Schroeder, M. D. (1975). The protection of information in computer systems. Proceedings of the IEEE, 63(9), 1278-1308.
