Security Management in Health Care Information Systems — A Literature Review

摘要

Health care information systems play an important role for communication across the organizational borders of health care services. The electronic health record represents the main entity in the management, exchange and storage of medical information. Health care organizations must adopt strategies for security and privacy risks associated with access to health care information systems, but on the other hand, the information needs to be accessible and readable for authorized health care professionals carrying out patient treatment. This paper presents a literature review on security management in health care information systems. The aim was to analyze descriptions and definitions of information security policy, access control management and the usability of security solutions.