Information Sensitivity and Protection of Data - Essay Example

"Information Sensitivity and Protection of Data" is a perfect example of a paper on the health system. Having selected TELUS Health for analysis on an earlier task, it is justified to consider the company’s information security policies to maintain continuity in the SLP. In my opinion, the development of TELUS Health information security policies is developed according to the needs and demands of customers. In addition, the company has its own data security policy that governs how information gathered from customers is supposed to be used and handled in different situations. However, the analysis of how well developed the information security policy is considered two perspectives. An information security policy can be assessed from the employees’ perspective, the company perspective, and the patient or client perspective. While the perspective of the company and the patient are covered by reliable and well-developed policies, employee rights may potentially be endangered with the type of information policies overlooking their activities. For instance, the TELUS Health information security policy for new employees is stated as a disclaimer on the company’s website. The disclaimer points out that as a condition of employment, dictated by the TELUS Health Solutions Data Center Security Policy, all personnel whose job description and functions involve they work at a Data Center or have authority to access detailed client service technology are obligated to undergo a Personnel Security Screening (Workopolis, 2012). This disclaimer shows the importance the company puts on information security associated with clients but shows a weaker appreciation of employee privacy.

TELUS Health has two major health information systems, DIS and OACIS, responsible for the organization of patient data as well as other vital data (TELUS Health, 2014a). With regards to the two information databases mentioned above, different policies are defined as implemented to protect data handled for each database. For instance, the disclaimer issued prior to the hiring of employees is applicable to all the employees who have access to technologies that gather essential and detailed data from patients and the organization as a whole. To ensure confidentiality, the TELUS Health information security policy requires that vital information is only accessible by authorized personnel such as nurses, physicians, and doctors if it relates to patient data, medical history, and other forms of personal data. In this case, the limited access of this data ensures that data is safeguarded from unauthorized access. With regards to the availability and reliability of the information security policy, TELUS Health uses uniform coding and language to ensure that data is available in a unified format understandable to all authorized personnel. In addition, data is available for use within a variety of platforms such as mobile devices, handheld computers, desktops, and Notes™ (Hinegardner, 2003). Interaction between nurses and physicians within the information system necessitates that real-time data regarding a patient should be entered into the system allowing easy access by other health care personnel thus cultivating reliability of the information system.

With reference to health informatics trends, information and data sets are of crucial importance to an organization and to clients as well. However, given the certainty of catastrophes, most companies have subscribed for insurance covers to cover assets. However, information stored in databases cannot be recovered if databases were destroyed. In this case, TELUS Health makes use of cloud computing in which information is stored in online databases that cannot be affected by catastrophes that destroy physical assets within an organization (Thompson, n.d)

With reference to health information security, TELUS Health does an excellent job in placing reliable security measures to govern information management, access, and dissemination (TELUS Health, 2014b). However, confidential information regarding patients should be accessed with authority from the patient and the systems administration as corporate espionage threatens the access and availability of personal information. This countermeasure aims at reducing the likelihood of health care professionals who quit their positions within a company to establish their own medical centers by ‘stealing’ clients from their former organizations.

 

 

Read More