Professional Documents
Culture Documents
Section 2 Due Care Ghada
Section 2 Due Care Ghada
Topics to be Discussed
Due Care
1. Confidentiality
2. Access Control
3. Security
Measures to protect patient confidentiality
and responsibilities.
what the user knows
(PIN, or password)
Text
numbers.
Methods used for controlling access
to HIS data
Biometric Scans
comparison.
Methods used for controlling access
to HIS data
Tokens
• Password History.
The main
functions of the Integrity
security in HIS are
to protect
Availability
the main functions of the security in HIS are to
protect three major issues:
•Confidentiality.
This means ensuring that information is only being seen or used
by people who are authorized to access it.
•Integrity.
This means preventing any unauthorized user from changing
the information, and tracking the changes made by authorized
users.
•Availability.
This means making sure the information will be available when
authorized users need it.
key principles of security within a HIS In
order to provide these functions
data.
•A security policy is a document that
specifies how a healthcare organization plans
to protect their physical devices and medical
records.
The security policy may include:
• Description of how the healthcare organization
plans to educate the employees about protecting
the patients' medical data.
• Explanation of how security measurements will be
carried out and enforced.
• Procedure for evaluating the effectiveness of the
security policy to ensure that necessary corrections
will be made.
Security threats:
1. Natural disasters, such as earthquakes, floods,
…etc.
2. Shoulder surfing.
passwords.
• It is any program that gathers information about
a person or organization without their
knowledge, and sends it to advertisers,
competitors, or other interested parties.
• Data storage simply means saving the HIS data either
on the main network used daily by the healthcare
workers, or on backup disks, such as an external hard
disk, USB flash drive, CD, DVD, etc.
Incremental
Back up Methods Backup
Differential
Backup
Full Backup
1. Complete, comprehensive.
• Partial backup that stores only the information that has been
changed since the last full or the last incremental backup.