Defining a security policy
A broad program was undertaken in France to generalise electronic patient files. The medical data which health professionals rely on to treat their patients are now managed by computer. Securing information systems to guarantee medical confidentiality and data quality has thus become a priority for French hospitals.
The Challenge
Hospitals are faced with a major challenge: they must learn risk management strategies whilst reconciling budget difficulties. It is important to note that information systems at healthcare institutions are exposed to multiple threats (breakdowns, manipulation, theft...) that could engage liability of the medical staff and the organisations. The impact could be critical.
Our Solution
Within a perspective of regional sharing and coherence, the approach that our consultants implemented was founded upon three key stages:
- Raising the awareness of the personnel about security, in particular through a 4-day training programme for quality and IT representatives from these institutions.
- A security maturity audit for each organisation, and the establishment of a security master plan suited for protecting medical data.
- The development of a reference database, and the creation of a security improvement plan.
Download PDF (1.5mb)
Logica
Skip to content
