Nobody downloaded yet

What security policies and systems are in place to prevent unauthorized access to the EMR and other sources of sensitive patient information - Essay Example

Comments (0) Cite this document
An Electronic Medical Record (EMR) is a programmed medical record which is generated in the organization that provides care to the patients such as healthcare centers or hospitals (Carter, 2001). Electronic medical records incline to be a part of the system of healthcare information which facilitates storage, repossession and alteration of the records…
Download full paperFile format: .doc, available for editing
GRAB THE BEST PAPER97.2% of users find it useful
What security policies and systems are in place to prevent unauthorized access to the EMR and other sources of sensitive patient information
Read TextPreview

Extract of sample "What security policies and systems are in place to prevent unauthorized access to the EMR and other sources of sensitive patient information"

Download file to see previous pages Electronic medical records incline to be a part of the system of healthcare information which facilitates storage, repossession and alteration of the records. EMR enables to augment sharing as well as accessibility of health related records among certified individuals (Skolnik, 2010). Policies in Place to Prevent Unauthorized Access to the EMR The security policies related to EMR have been considered as a major concern under the Health Information and Accessibility Act (AnestaWeb, Inc, 2011). The security policies should be provided major consideration in any organization in order to create an effective functioning environment. Various security policies in relation to EMR have been initiated under certain important measures which are needed to be considered for its development. They are as follows: 1. What the operators want to obtain from the system (i.e. functional requirements). 2. The objects that are required to be protected 3. The objectives which are needed to be acquired with the resources in hand. In the first part, the function of the security policy is to maintain equilibrium between the functional as well as the security aspects of the systems. The requirements for security can be quite difficult due to the costs incurred for the systems and also with the problems faced by the operators while implementing the security systems (Barrows & Clayton, 1996). In the second part, “Inside attacks” is another important aspect of security policy in relation to EMR (Barrows & Clayton, 1996). These attacks are mainly faced by individuals who are the actual users of the system. The actual users can manipulate or abuse the rights for searching different data for their personal motive or to harm the financial viability of the organization. If the information is leaked it can bring disastrous consequences and can affect the functioning environment of the organization. Policies such as management of access control as well as encryption method can enable to prevent such occurrences. Another important aspect for the security policy of EMR depicts threats generated from managed care corporations and insurance companies among others (Barrows & Clayton, 1996). These organizations can attempt to reveal protected patient information for their own benefits. The threats which are discussed describe about the secrecy of the patients information and also about the data available to be kept secure. If such information is leaked, it would be disastrous for the organizations’ welfare. In the third part, the security policies or standards for the data, which are needed to be safeguarded for the organization, are depicted in the threat model, which is provided by the Mayo Clinic/Foundation. These policies are as follows: a. Physical security in relation to data center sites: It deals with issues relating to prevention of theft, disaster recovery, backup of the required data and security of susceptible terminal locations among others (Barrows & Clayton, 1996). b. ‘Access control to system resources’: Issues related to controlling the physical devices as well as logical mechanism including computer programs (Barrows & Clayton, 1996). c. Data protection policies: Certain issues related to ensuring consistent protection of crucial data of organizational system is ascertained under this policy. Moreover, measures to be taken against the users who misuse the rights to use the systems properly (Barrows & Clayton, 1996). d. Security of hard copy materials: This security policy ensures to take relevant measures against security breaches of certain delicate documents, which can occur from paper copies of susceptible patient related data and electronic documents (Barrows & ...Download file to see next pagesRead More
Cite this document
  • APA
  • MLA
(“What security policies and systems are in place to prevent Essay”, n.d.)
Retrieved from
(What Security Policies and Systems Are in Place to Prevent Essay)
“What Security Policies and Systems Are in Place to Prevent Essay”, n.d.
  • Cited: 0 times
Comments (0)
Click to create a comment or rate a document

CHECK THESE SAMPLES OF What security policies and systems are in place to prevent unauthorized access to the EMR and other sources of sensitive patient information

Information systems security management

...Disintermediation Strengthening intermediaries Perfect markets Imperfect markets, brands, and network effects Pure online strategies Integrated, multi-channel bricks-and-clicks strategies First mover advantages Strategic follower strength; complimentary assets Figure 1.1 1.1 Emphasizing Privacy One more study shows that online companies emphasize and focus more on online privacy policy rather than any other aspect. Even online security is considered as the second option. Moreover, the study also concluded that online customers are more worried about their privacy rather than online threats as they are considered to be in control. In addition, the study also demonstrated a comparison...
6 Pages(1500 words)Research Paper

Place/Distribution & Information Systems

...?Place/Distribution & Information Systems Place/Distribution & Information Systems Introduction It is true to argue that product distribution has changed for anything that can be digitalized, such as books, movies, music, and the social media (Mullaney, 2004). In some industries, middlemen such as retailers seem on the verge of extinction. The long predicted elimination of middlemen as opposed to the substitution of one type of middleman for another may just remain to be a dream rather than a reality. In this paper, middlemen are justified to continue being in existence due to their significant roles in the channel of distribution....
3 Pages(750 words)Assignment

Information and Systems Security

...of an organization or on the computer should be authenticated. This helps in restricting any unauthenticated message or email coming in from another source. Detecting the unauthorized use of trademarks, logos and other proprietary imagery. Improving the security patching infrastructure to increase resistance to malware. Authenticating the email directly to the user is a good method of preventing Identity attacks. This can further be improved by personalizing the information and then using it to authenticate the email. The user can be intimated of the reliability of the web-site he is browsing through the use of phishing filters in web...
3 Pages(750 words)Essay

Information systems security incident

...a computer security incident that involves organization interest (GRANCE and et al., 2004). Fig 1. Incident Response Lifecycle (GRANCE and et al., 2004) The responsibilities of CIRT in the incident lifecycle are: Preparation requires acquiring tools & resources, for incident handling, making a jump-kit1 and risk assessment of systems and applications for incident prevention. Detection: incident categorization based on type2 and signs (precursor3 or incident4). Analysis is done by profiling5 and understanding the network systems behavior, studying the logs and security alerts. CIRT must create a centralized logging system & log...
8 Pages(2000 words)Essay

Information Systems Security

...Information Systems Security Intrusion and attack prevention had always been an important topic for businesses particularly those dealing with financial matters. However, with the recent increase in global security concerns, governments have woken up to the security threat of an intrusion coming from a source that wants to harm national interests. America paid the heaviest price possible for a lack of security with the events of 9/11 as even the Pentagon was unable to avoid carnage. After the attacks however, security became a paramount concern and that included digital...
3 Pages(750 words)Essay

Information Systems and Security

.... At the present time, there are better ways to communicate, transfer data, information retrieval as well as distribution, dealing and especially online business, but all these improvements in the fields of information technology also brought the challenges regarding the security. At the present time we are facing the problems of online information security, personal information theft, bank frauds, viruses, and lot of other forms of security problems. Here we have a great concern for the management of the information systems and its security. The aim of...
8 Pages(2000 words)Essay

EMR Information System

..., the collection of data for epidemiology and clinical studies can also be facilitated (Bates,, 2003). EMRs can also easily be constantly updated and the ability to exchange records between the EMR systems can also assist in the coordination of health delivery in other health facilities. Moreover, the data from the EMR can also be used alongside statistical reporting which can assist in quality improvement, as well as resource management and public health disease surveillance (Healthcare Information and Management Systems Society, 2003). EMRs can also facilitate the reading and writing of...
2 Pages(500 words)Article

Information Security Access Control Methods

..., spywares prevention programs, as well as access control lists (ACLs). It also shapes the individual access to particular resources, once connected. c) Operating System Access Control: Access control for an OS establishes the process of implementing access level policies of the system’s resources satisfying the security policies of integrity, availability, and confidentiality. This procedure authorizes processes/users to carry out certain operation different resources of the operating system. d) Cryptography It is method of...
1 Pages(250 words)Assignment

Information Systems Security Survey

...the information system. The program ensures that all the managers that work in the different centers follow the compulsory security requirements that have been put in place and make their decisions with an aim of reducing the risks. The managers should also be made aware of the risks they face when using these automated systems and electronic information. The top priority here is to protect the company’s information. According to previous reports of IRS the recurring cases of information security weakness puts it at a risk of fraud, disruption or inappropriate disclosure of...
3 Pages(750 words)Essay

EMR Implementation and Patient Flow

...providers to share the health information with the other health care providers to improve the quality and productivity of the diagnostic and treatment processes. But, the implementation process of the EHRs is not that quickly, easily and cheap because it requires some period of time for health providers education and adaptation of the health care system to the new model of the patient`s health information. The most difficult environment for the EHRs implementation is an emergence department as there are a lot of barriers such as crowding, limited staffing and increased amount of interruptions. The main question is: “Whether the overflow clinic model...
2 Pages(500 words)Case Study
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.

Let us find you another Essay on topic What security policies and systems are in place to prevent unauthorized access to the EMR and other sources of sensitive patient information for FREE!

Contact Us