Security and integrity of clinical information systems

 

Security and Integrity of Clinical Information Systems

 

Establishing security standards that protect patient data is an important step in the database design process. Protecting the confidentiality of personal health information is not optional; it is mandated under the Health Insurance Portability and Accountability Act (HIPAA). HIPAA violations can result in both fines and legal consequences. Failing to protect private information can also damage a health care organization’s reputation as well as result in the loss of patients’ peace of mind.

 

For this Discussion, you consider the clinical information systems presented in the case studies below and identify the security and integrity problems and risks that need to be addressed.

 

Case Study 1:

 

A busy academic hospital has grown rapidly and acquired multiple clinical information systems that interface with each other. Physicians and practitioners require access to each system and frequently have workflows that require access to multiple systems at the same time. In addition, practitioner responsibilities often require them to complete documentation or access clinical information at home and during off hours.

 

Case Study 2:

 

An increase in the number of clinical research studies and the use of undergraduate students as research assistants for subject recruitment was perceived as a risk for a medium-sized academic hospital. Students were enrolled at the hospital-affiliated university but still required a credentialing process to be able to access clinical areas of the hospital and clinical systems. The hospital wants to meet IRB and HIPAA research regulations, and to exceed HIPAA’s minimum necessary principle.

 

Case Study 3:

 

As a large multi-specialty academic medical practice, providers are often utilizing laptop computers and mobile devices in patient care and research-related activities. Tracking, securing, and managing the numerous devices to mitigate loss, theft, or other breaches is important to the enterprise.

 

To prepare:

 

  • Review the information in this week’s Learning Resources, focusing on the security and integrity of clinical information systems. Consider the importance of security and integrity, as well as the consequences of failing to address these aspects of database design.

  • Select one of the case studies above to examine further for this Discussion.

  • Determine the security or integrity problems in the clinical information system in the case study. What legal, ethical, and organizational risks do these issues pose?

  • Begin to formulate a potential solution or strategy to address the security and integrity problems. How would this solution or strategy mitigate the security or integrity risks you identified?

    Post by tomorrow 07/19/16, 550 words in APA format with 3 references. Include the level one headings below:

      1) A description of the security and integrity problems identified with regards to the case study you selected.

    2) Select at least two specific risks (legal, ethical, or organizational) related to the case study and propose a solution or strategy to address each. Justify your response

     

 

 

Readings

 

  • Coronel, C. & Morris, S. (2015). Database systems: Design, implementation, and management (11th ed.). Stamford, CT: Cengage Learning.

    • Chapter 15, “Database Administration and Security” (pp. 670–713)

      This chapter describes the role of the database manager and highlights responsibilities covered in the database administration process. These responsibilities ensure that data is protected and continually monitored to yield the most accurate information.

 

  • Murray, M. C. (2010). Database security: What students need to know. Journal of Information Technology Education, 9, IIP61–IIP77.
    Retrieved from the Walden Library databases.

    Security is an important requisite of database design. This article describes the pitfalls of vulnerability in databases and the importance of data security methods.

 

  • Forrest, M., Maclean, D., Towers, H. K., & Younes, H. (2012). The accuracy of real-time procedure coding by theatre nurses: A comparison with the central national system. Health Informatics Journal, 18(1), 3–11.
    Retrieved from the Walden Library databases.

    The authors compare the differences in real-time coding performed by clinical coders and non-clinical coders. They observed that complications arose during attempts to embed coding in clinical workflow.

 

  • Imran, S.,&  Hyder, I. (2009). Security issues in databases. Future Information Technology and Management Engineering, 2009. FITME ’09. Second International Conference, 541–545.
    Retrieved from the Walden Library databases.

    This article explains discretionary and mandatory database security models, their implementation, and their efficiency. It also evaluates how these methods may be inefficient with regard to specific database designs.

Gaff, B. M., Smedinghoff, T. J., & Sor, S. (2012). Privacy and security. Computer, 45(3), 8–10.
Retrieved from the Walden Library databases.

Privacy regulation and the protection of sensitive information are still inconsistently established and enforced. This article addresses the legal issues surrounding database security. It also evaluates protection methods that are the most effective