Document Type
Project
Publication Date
Winter 2022
Instructor
Tugrul Daim
Course Title
Decision Making
Course Number
ETM 530
Subjects
Computer networks -- Security measures, Computer security, Medical informatics, Health facilities -- Management
Abstract
Technology offers significant advantages in improving the delivery of healthcare to patients. The technology creates electronic data associated with each patient. The data journey starts from the collection point, through the data warehouses that store the data, the application that processes the data, and the medium that transfers the data throughout the patient's life. Data collection starts with patients filling out web forms on a provider's website. This information is stored for the Healthcare organization in remote servers managed by developers and is shared with healthcare specialists, hospitals, labs, pharmacists, insurance providers, and billing software among many other healthcare workers. Each of these players receives the data via the internet and stores it on their remote servers or internal computers. Many regulations and laws are issued to improve the security of the data that is collected, transferred, and stored across these data users. Unlike reissuing a credit card or closing a bank account when compromised, patients' health records cannot be changed, and the data breach is permanent. Consequently, the security of the data while being collected, stored, and transferred is extremely important. Patients will likely visit multiple healthcare facilities as they age. Each facility has its own cybersecurity system to meet the laws and regulations as a baseline. How do we assess the system’s maturity to build a baseline of its conditions then prepare a roadmap to constantly improve the existing conditions based on the objectives set by the facilities’ decision-makers? This report used the Hierarchical Decision Model (HDM) method that Dr. Bridget Barnes developed to assess the information security maturity level of the Grande Ronde Hospital in La Grande, Oregon.
Rights
In Copyright. URI: http://rightsstatements.org/vocab/InC/1.0/ This Item is protected by copyright and/or related rights. You are free to use this Item in any way that is permitted by the copyright and related rights legislation that applies to your use. For other uses you need to obtain permission from the rights-holder(s).
Citation Details
Agrawal, Pallavi; Alharithi, Riad; Manjunath, Karthik; Thapa, Kamal; Ingersoll, Eric; and Rajagopal, Sujitha, "Healthcare Information Security Maturity Model Grande Ronde Hospital" (2022). Engineering and Technology Management Student Projects. 2322.