This paper considers the increasing requirement for security in healthcare IT systems and, in particular, identifies the need for appropriate means by which healthcare establishments (HCEs) may respond to incidents. The main discussion focuses upon two significant initiatives that have been established in order to improve understanding and awareness of healthcare security issues. The first is the establishment of a dedicated Incident Reporting Scheme (IRS) for HCEs, enabling the level and types of security incidents faced within the healthcare community to be monitored and advice appropriately targeted. The second aspect presents a description of healthcare security World Wide Web service, which provides a comprehensive source of advice and guidance for establishments when trying to address and prevent IT security breaches. The discussion is based upon work that is currently being undertaken with the ISHTAR (Implementing Secure Healthcare Telematics Applications in Europe) project, as part of the Telematics Applications for Health programme of the European Commission.
[1]
Data security for health care. Volume III. User guidelines.
,
1996,
Studies in health technology and informatics.
[2]
P. Gaunt,et al.
The need for security--a clinical view.
,
1994,
International journal of bio-medical computing.
[3]
John P. Wack.
Establishing a Computer Security Incident Response Capability (CSIRC)
,
1991
.
[4]
Gaunt Pn,et al.
The Need for Security - a Clinical View
,
1994
.
[5]
Chris Hurford,et al.
Opportunity makes a thief — A report on computer abuse from the audit commission
,
1994
.
[6]
D A Gritzalis,et al.
Forming a health care incident reporting scheme.
,
1997,
Studies in health technology and informatics.