Avaliação do grau de conformidade às normas e recomendações em gestão da segurança da informação digital em hospitais. / Assessment of the level of conformity of hospitals to electronic information security standards and recommendations.

AUTOR(ES)
DATA DE PUBLICAÇÃO

2010

RESUMO

CONTEXT: Confidentiality, integrity and availability of patient information are intrinsic to hospital services and nowadays computerization is growing in day to day operations of these institutions. OBJECTIVE: This work intends to assess the level of conformity to the standards and literature recommendations in Information Security of an exploratory group of hospitals using Electronic Health Records Systems (EHR-S). METHODS: From the study of international standards and of resolution 1821/07 of the Federal Council of Medicine (CFM), we have developed a ―gold standard‖ of information security management and electronic health record systems, elaborated a questionnaire and released it via the Internet where each hospital can achieve an ―estimated‖ degree of compliance with this standard and identify which areas are more (or less) compliant to this desirable level. RESULTS: From the replies obtained with a group of hospitals, we have seen an average a degree of compliance of 37% in information security management processes (on a scale from 0% to 100%) and 38% in compliance of EHR-S. CONCLUSION: We finalize showing that the issue of information security management (ISM) is incipient on concerns and investments of hospitals, and that even though specific knowledge and material is available, managers have not yet implemented solutions that meet the specific characteristics and information security demands of the healthcare industry.

ASSUNTO(S)

gestão hospitalar informática em saúde gestão da informação segurança da informação de saúde saude coletiva hospital management health informatics information management health information security

ACESSO AO ARTIGO

Documentos Relacionados