Healthcare Information Security Maturity Model Grande Ronde Hospital

Authors

Pallavi Agrawal, Portland State UniversityFollow
Riad Alharithi, Portland State University
Karthik Manjunath, Portland State University
Kamal Thapa, Portland State University
Eric Ingersoll, Portland State University
Sujitha Rajagopal, Portland State University

Document Type

Project

Publication Date

Winter 2022

Instructor

Tugrul Daim

Course Title

Decision Making

Course Number

ETM 530

Subjects

Computer networks -- Security measures, Computer security, Medical informatics, Health facilities -- Management

Abstract

Technology offers significant advantages in improving the delivery of healthcare to patients. The technology creates electronic data associated with each patient. The data journey starts from the collection point, through the data warehouses that store the data, the application that processes the data, and the medium that transfers the data throughout the patient's life. Data collection starts with patients filling out web forms on a provider's website. This information is stored for the Healthcare organization in remote servers managed by developers and is shared with healthcare specialists, hospitals, labs, pharmacists, insurance providers, and billing software among many other healthcare workers. Each of these players receives the data via the internet and stores it on their remote servers or internal computers. Many regulations and laws are issued to improve the security of the data that is collected, transferred, and stored across these data users. Unlike reissuing a credit card or closing a bank account when compromised, patients' health records cannot be changed, and the data breach is permanent. Consequently, the security of the data while being collected, stored, and transferred is extremely important. Patients will likely visit multiple healthcare facilities as they age. Each facility has its own cybersecurity system to meet the laws and regulations as a baseline. How do we assess the system’s maturity to build a baseline of its conditions then prepare a roadmap to constantly improve the existing conditions based on the objectives set by the facilities’ decision-makers? This report used the Hierarchical Decision Model (HDM) method that Dr. Bridget Barnes developed to assess the information security maturity level of the Grande Ronde Hospital in La Grande, Oregon.

Rights

In Copyright. URI: http://rightsstatements.org/vocab/InC/1.0/ This Item is protected by copyright and/or related rights. You are free to use this Item in any way that is permitted by the copyright and related rights legislation that applies to your use. For other uses you need to obtain permission from the rights-holder(s).

Citation Details

Agrawal, Pallavi; Alharithi, Riad; Manjunath, Karthik; Thapa, Kamal; Ingersoll, Eric; and Rajagopal, Sujitha, "Healthcare Information Security Maturity Model Grande Ronde Hospital" (2022). Engineering and Technology Management Student Projects. 2322.