Information Security Standards in Healthcare Activities

Information Security Standards in Healthcare Activities

José Gaivéo (Polytechnic Institute of Setubal, Portugal)
DOI: 10.4018/978-1-7998-1204-3.ch084
OnDemand PDF Download:
No Current Special Offers


Information is mandatory in healthcare activities and in all that are related to it. In this same sense, people that deal with those information requires attention because patient´s information could be exposed. The use of directions stated by information security standards might allow a proactive attitude in the face of the diversity of threats that as the potential to explore the vulnerabilities of organizational assets. This article intends to recognize information threats and vulnerabilities that could be explored, using information security international standards to support the activities needed to assume information safeguard. Another intention is the establishment of a basis of references in information security to define a level of risk classification to build a referential to the potential that a given threat has to exploit the vulnerabilities of informational assets, preventing damages to personal and organizational property, and also activity continuity, assuming information as the main resource.
Chapter Preview


In a sector where main activities are conducted by people, as healthcare, the foremost resource relates to information about patient’s life. In this sense, information needs to be adequately protected against misuse and disclosure of any kind.

Few years ago, health patient’s data were essentially supported by paper, and the major problems was their handling and storage, this contributes to several difficulties in its usage. Nowadays, despite people are more awarded about information systems and ICT usage implications, data and information remain without appropriate attention related to their security.

Complete Chapter List

Search this Book: