Health Devices. 2001 Jan-Feb;30(1-2):31-48.
As more and more hospitals have begun storing patient information in electronic form, data security has become a hot topic. With the passage of the Health Insurance Portability and Accountability Act (HIPAA) in the United States, as well as other security legislation across the globe, even more attention has been focused on the subject. In this article, we discuss the various types of security threats faced by healthcare institutions, from external attacks via the Internet to internal violations resulting from malice or simple carelessness. We also discuss what you can do to maintain the privacy and integrity of your electronic records--not only the computer-based safeguards that are available, but also the internal systems and procedures you need to have in place. We tell you how to go about setting up (or beefing up) your institutional security system. And we describe the security efforts being made around the world by governments and standard-setting organizations. This article also includes an extensive glossary of computer-security terms and a listing of useful data-security Web sites.
随着越来越多的医院开始以电子形式存储患者信息,数据安全已成为热门话题。随着美国《健康保险流通与责任法案》(HIPAA)的通过,以及全球其他安全立法的出台,人们对这一主题的关注更加集中。在本文中,我们将讨论医疗机构面临的各种安全威胁,从通过互联网的外部攻击到恶意或单纯疏忽导致的内部违规行为。我们还将讨论如何维护电子记录的隐私和完整性——不仅包括可用的基于计算机的安全防护措施,还包括你需要建立的内部系统和程序。我们会告诉你如何着手建立(或加强)机构安全系统。并且我们会描述世界各地政府和标准制定组织正在进行的安全工作。本文还包括一份丰富的计算机安全术语词汇表以及一份有用的数据安全网站列表。
