CMMI Frequently Asked Questions and their responses from CMMI Consultant(s)
Patient Data and Information Security
23rd November, 2013
Handling of confidential data is a big and complex activity and when it comes to handling patient data it become nightmare to handle such data. HIPAA Compliance has put a define confidentiality and care require to handle the Protected Health Information (PHI).
As the technology is improving and advancing with new methods to share and store data it is becoming difficult to protect the data from unknown attacks. In the case of healthcare problem increases to manifold when data is shared between different providers and is done using secure or insecure channels. In this scenario, it is quite challenging to the secure the Protected Health Information (PHI). And most of the violations occur by accident during the information handling.
Most of the data breaches happen due to the manpower handing the information. Personal IT devices like Laptops, Tablets, Mobiles, Pen drives are handled carelessly without any encryption and are left unlocked at public places. Problem also arises when most of us want to have easy and convenient access to data, using public email services (like Gmail, Hotmail and Dropbox) at public places. All this makes the confidential data available to unknown and unwanted users
As per a study in USA during the year 2012, there were 28,765 records exposed and compromised amounting to around $5.4 million.
What are best practices to protect the Patient Data?
There can be different methods applied to increase the protection to the patient data, some of them are:
- Solution to these issues lies in creating awareness among management, employees, patient, vendors and all others who are involved with the patient information.
- Create a culture of privacy among them.
- Providing training on regular frequency on improving and implementing Information Security
- Regular Information Security Audits
DQS India can help in implementing Information Security practices, providing training on Information Security Best Practices and conducting Information Security audits and consulting.
Previous Post
Gap in Information Security skill set and staff requirements in IndiaNext Post
CMMI Institute to Improve Organizational Performance GloballySidebar
Author: Rajendra Khare
Rajendra's LinkedIn Profile
Rajendra is a qualified and certified Lead Appraiser and Instructor for the following :
- SCAMPI High Maturity Lead Appraiser (Certified)
- CMMI Institute-Certified SCAMPI v1.3 Lead Appraiser for Acquisition (Certified)
- CMMI Institute-Certified SCAMPI v1.3 Lead Appraiser for Development (Certified)
- CMMI Institute-Certified SCAMPI v1.3 Lead Appraiser for Services (Certified)
- CMMI Institute-Certified Introduction to CMMI-DEV v1.3 Instructor (Certified)
- CMMI Institute-Certified Services Supplement for CMMI-DEV Instructor (Certified)
- CMMI Institute-Certified CMMI-DEV Level 2 for Practitioners Instructor (Certified)
- CMMI Institute-Certified CMMI-DEV Level 3 for Practitioners Instructor (Certified)
- CMMI Institute-Certified SCAMPI B & C Team Leader for Acquisition (Certified)
- CMMI Institute-Certified SCAMPI B & C Team Leader for Development (Certified)
- CMMI Institute-Certified SCAMPI B & C Team Leader for Services (Certified)
Rajendra is Lead Assessor for ISO 9001 (QMS), ISO 14001 (EMS), OHSAS 18001 (OHSMS) since 1994
International Automotive Task Force (IATF) approved Lead Assessor for Automotive Standard TS 16949:2009
Lead Assessor for ISO 27001 (ISMS) and ISO 20000-1 (ITSM)
Rajendra has 25 years experience in the industry.