This thesis considers the current requirements for security in European healthcare
establishments. Information Technology is being used increasingly by all areas of
healthcare, from administration to clinical treatment and this has resulted in increased
dependence upon computer systems by healthcare staff.
The thesis looks at healthcare security requirements from the European perspective.
An aim of the research was to develop security guidelines that could be used by
healthcare establishments to implement a common baseline standard for security.
These guidelines represent work submitted to the Commission of European
Communities SEISMED (Secure Environment for Information Systems in Medicine)
project, with which the research programme was closely linked. The guidelines were
validated by implementing them with the Plymouth and Torbay Health Trust.
The thesis also describes the development of a new management methodology and
this was developed to allow the smooth implementation of security within healthcare
establishments. The methodology was validated by actually using it within the
Plymouth and Torbay Health Authority to implement security countermeasures.
A major area of the research was looking at the use of risk analysis and reviewing all
the known risk analysis methodologies. The use of risk analysis within healthcare was
also considered and the main risk analysis methods used by UK healthcare
establishments were reviewed.
The thesis explains why there is a need for a risk analysis method specially developed
for healthcare. As part of the research a new risk analysis method was developed, this
allows healthcare establishments to determine their own security requirements. The
method was also combined with the new management methodology that would
determine any implementional problems. The risk analysis methodology was
developed into a computerised prototype, which demonstrated the different stages of
the methodology.
Date of Award | 1996 |
---|
Original language | English |
---|
Awarding Institution | |
---|
A Security Advisory System for Healthcare Environments
Warren, M. J. (Author). 1996
Student thesis: PhD