IT security: developing a response to increasing risks.

The move to computerization in health care requires attention to security issues because the risks to violate patients rights for privacy are dramatically increasing. As providers in many countries are moving toward computerization, it is important to understand the dangers of computerization. Unathorized users can access, copy, alter, delete, or distort hundreds or thousands of medical records within minutes. Information can be violated by individuals and by system failures. It is important to understand the potential harm to patients and to our society. The relationship between privacy rights, confidentiality measures, and system security measures must be addressed. It is dangerous to create computer systems in health care without establishing appropriate security measures. Special attention should be given to the weaknesses of the internet and the requirements of network security for a future 'global information infrastructure'. The internet is based on messaging as are many communication standards such as Edifact, HL7 etc. Messaging systems in general need to be examined with regard to security and accountability issues.