Use this URL to cite or link to this record in EThOS: http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.294467
Title: A security advisory system for healthcare environments
Author: Warren, Matthew John
ISNI:       0000 0001 2414 2706
Awarding Body: University of Plymouth
Current Institution: University of Plymouth
Date of Award: 1996
Availability of Full Text:
Access through EThOS:
Access through Institution:
Abstract:
This thesis considers the current requirements for security in European healthcare establishments. Information Technology is being used increasingly by all areas of healthcare, from administration to clinical treatment and this has resulted in increased dependence upon computer systems by healthcare staff. The thesis looks at healthcare security requirements from the European perspective. An aim of the research was to develop security guidelines that could be used by healthcare establishments to implement a common baseline standard for security. These guidelines represent work submitted to the Commission of European Communities SEISMED (Secure Environment for Information Systems in Medicine) project, with which the research programme was closely linked. The guidelines were validated by implementing them with the Plymouth and Torbay Health Trust. The thesis also describes the development of a new management methodology and this was developed to allow the smooth implementation of security within healthcare establishments. The methodology was validated by actually using it within the Plymouth and Torbay Health Authority to implement security countermeasures. A major area of the research was looking at the use of risk analysis and reviewing all the known risk analysis methodologies. The use of risk analysis within healthcare was also considered and the main risk analysis methods used by UK healthcare establishments were reviewed. The thesis explains why there is a need for a risk analysis method specially developed for healthcare. As part of the research a new risk analysis method was developed, this allows healthcare establishments to determine their own security requirements. The method was also combined with the new management methodology that would determine any implementional problems. The risk analysis methodology was developed into a computerised prototype, which demonstrated the different stages of the methodology.
Supervisor: Not available Sponsor: Plymouth and Torbay Health Authority
Qualification Name: Thesis (Ph.D.) Qualification Level: Doctoral
EThOS ID: uk.bl.ethos.294467  DOI: Not available
Keywords: Healthcare security Medical care Management Computer software
Share: