Case Study 1:
A busy academic hospital has grown rapidly and acquired multiple clinical information systems that interface with each other. Physicians and practitioners require access to each system and frequently have workflows that require access to multiple systems at the same time. In addition, practitioner responsibilities often require them to complete documentation or access clinical information at home and during off hours.
Case Study 2:
An increase in the number of clinical research studies and the use of undergraduate students as research assistants for subject recruitment was perceived as a risk for a medium-sized academic hospital. Students were enrolled at the hospital-affiliated university but still required a credentialing process to be able to access clinical areas of the hospital and clinical systems. The hospital wants to meet IRB and HIPAA research regulations, and to exceed HIPAA’s minimum necessary principle.
Case Study 3:
As a large multi-specialty academic medical practice, providers are often utilizing laptop computers and mobile devices in patient care and research-related activities. Tracking, securing, and managing the numerous devices to mitigate loss, theft, or other breaches is important to the enterprise.
- Review the information in this week’s Learning Resources, focusing on the security and integrity of clinical information systems. Consider the importance of security and integrity, as well as the consequences of failing to address these aspects of database design.
- Select one of the case studies above to examine further for this Discussion.
- Determine the security or integrity problems in the clinical information system in the case study. What legal, ethical, and organizational risks do these issues pose?
- Begin to formulate a potential solution or strategy to address the security and integrity problems. How would this solution or strategy mitigate the security or integrity risks you identified?
By Day 3
Post a description of the security and integrity problems identified with regards to the case study you selected. Select at least two specific risks (legal, ethical, or organizational) related to the case study and propose a solution or strategy to address each. Justify your response.
Use these references:
Coronel, C. & Morris, S. (2017). Database systems: Design, implementation, and management (12th ed.). Boston, MA: Cengage Learning.
Murray, M. C. (2010). Database security: What students need to know. Journal of Information Technology Education, 9, IIP61–IIP77.
Forrest, M., Maclean, D., Towers, H. K., & Younes, H. (2012). The accuracy of real-time procedure coding by theatre nurses: A comparison with the central national system. Health Informatics Journal, 18(1), 3–11.
Imran, S.,& Hyder, I. (2009). Security issues in databases. Future Information Technology and Management Engineering, 2009. FITME ’09. Second International Conference, 541–545.
Gaff, B. M., Smedinghoff, T. J., & Sor, S. (2012). Privacy and security. Computer, 45(3), 8–10.