Expérience des soins
décembre 19, 2017
The American Health Information Management Association (AHIMA), a consortium of health information management professionals and organizations, published recommendations for hospital cybersecurity approaches. It recommends a model that emphasizes competency in privacy, security, IT governance, enterprise information management, data governance, legal and regulatory and awareness and adherence. Here are AHIMA's 17 guidelines:
- Conduct a risk analysis of all applications and systems.
- Recognize record retention as a cybersecurity issue.
- Patch vulnerable system.
- Deploy advanced security endpoint solutions that provide more effective protections than standard antivirus tools.
- Encrypt workstations, smartphones, tablets, laptops, backups and portable media.
- Improve identity and access management.
- Refine web filtering, block bad traffic.
- Implement mobile device management.
- Develop incident response capability.
- Monitor audit logs to selected systems.
- Leverage existing security tools like intrusion prevention systems or intrusion detection systems to detect unauthorized activities.
- Evaluate business associates.
- Improve tools and conduct an internal phishing campaign.
- Hire an outside security firm to conduct technical and non-technical evaluations.
- Prepare a 'State of the Union' type presentation for an organization's leaders on cybersecurity.
- Apply a 'defense in depth' strategy.
- Detect and prevent intrusion.