You are here
An Approach for Measuring the Confidentiality of Data Assured by the Confidentiality of Information Security Systems in Healthcare Organizations
- Date Issued:
- 2012
- Abstract/Description:
- Because of the expansion in health information technology and the continued migration toward digital patient records as a foundation for the delivery of healthcare services, healthcare organizations face significant challenges in their efforts to determine how well they are protecting electronic health information from unauthorized disclosure. The disclosure of one's personal medical information to unauthorized parties or individuals can have broad-reaching and long-term impacts to both healthcare providers and consumers. Although several classes and types of methodologies exist for measuring information security in general, a number of overarching issues have been identified which prevent their adaptation to the problem of measuring the confidentiality (the protection from unauthorized disclosure) of electronic information in complex organizational systems.In this study, a new approach for measuring the confidentiality of electronic information in healthcare-related organizations is developed. By leveraging systemic principles and concepts, an information security system (ISS) for assuring the confidentiality of electronic information in healthcare organizations is synthesized. The ISS is defined as a complex system composed of the Health Insurance Portability and Accountability Act (HIPAA) Security Rule information security safeguards and the people, processes, and technologies that contribute to these safeguards. The confidentiality of the ISS (-) a desired emergent property defined in terms of the systemic interactions which are present (-) represents the measure of protection from the unauthorized disclosure of electronic information.An information security model (ISM) that leverages the structure and parametric modeling capabilities of the Systems Modeling Language (SysML) was developed for specifyingan ISS in addition to the contained systemic interactions which are present. Through the use of a parametric solver capability, the complex system of equations which quantify the contained interactions was executed for the purpose of generating a measure of confidentiality using a set of user-provided input values (-) a process referred to as ISM instantiation.
Title: | An Approach for Measuring the Confidentiality of Data Assured by the Confidentiality of Information Security Systems in Healthcare Organizations. |
32 views
13 downloads |
---|---|---|
Name(s): |
Gallaher, Shawn, Author Elshennawy, Ahmad, Committee Chair Sala-Diakanda, Serge, Committee CoChair Karwowski, Waldemar, Committee Member Xanthopoulos, Petros, Committee Member Yousef, Nabeel, Committee Member University of Central Florida, Degree Grantor |
|
Type of Resource: | text | |
Date Issued: | 2012 | |
Publisher: | University of Central Florida | |
Language(s): | English | |
Abstract/Description: | Because of the expansion in health information technology and the continued migration toward digital patient records as a foundation for the delivery of healthcare services, healthcare organizations face significant challenges in their efforts to determine how well they are protecting electronic health information from unauthorized disclosure. The disclosure of one's personal medical information to unauthorized parties or individuals can have broad-reaching and long-term impacts to both healthcare providers and consumers. Although several classes and types of methodologies exist for measuring information security in general, a number of overarching issues have been identified which prevent their adaptation to the problem of measuring the confidentiality (the protection from unauthorized disclosure) of electronic information in complex organizational systems.In this study, a new approach for measuring the confidentiality of electronic information in healthcare-related organizations is developed. By leveraging systemic principles and concepts, an information security system (ISS) for assuring the confidentiality of electronic information in healthcare organizations is synthesized. The ISS is defined as a complex system composed of the Health Insurance Portability and Accountability Act (HIPAA) Security Rule information security safeguards and the people, processes, and technologies that contribute to these safeguards. The confidentiality of the ISS (-) a desired emergent property defined in terms of the systemic interactions which are present (-) represents the measure of protection from the unauthorized disclosure of electronic information.An information security model (ISM) that leverages the structure and parametric modeling capabilities of the Systems Modeling Language (SysML) was developed for specifyingan ISS in addition to the contained systemic interactions which are present. Through the use of a parametric solver capability, the complex system of equations which quantify the contained interactions was executed for the purpose of generating a measure of confidentiality using a set of user-provided input values (-) a process referred to as ISM instantiation. | |
Identifier: | CFE0004378 (IID), ucf:49380 (fedora) | |
Note(s): |
2012-08-01 Ph.D. Engineering and Computer Science, Industrial Engineering and Management Systems Doctoral This record was generated from author submitted information. |
|
Subject(s): | information security -- information security measurement | |
Persistent Link to This Record: | http://purl.flvc.org/ucf/fd/CFE0004378 | |
Restrictions on Access: | public 2012-08-15 | |
Host Institution: | UCF |