Today there is a growing concern for the security of confidential electronic patient health information in the health care organization. The health care network administrator is usually responsible for implementing information security in the health care organization. The problems faced by the health care organization are the following: third party access to confidential electronic medical records, limited IT budgets and resources, noncompliance and the Health Insurance Portability and Accountability Act, security attacks, resting databases in clear text, attainable security policies and educating users on the confidentiality and the security of electronic patient health information. Third party access is a concern because only physicians were responsible for managing the patient
Currently, accounting personnel, health information management companies, and health care organizations are also handling patient's health information. In addition, there are third-party organizations who are not involved in direct patient care accessing electronic health information such as, marketers, database developers, and insurers. Limited IT budgets are another concern faced by the health care organization. Finding a viable solution that is cost-effective and compatible with the network infrastructure is sometimes hard to locate and implement. Noncompliance and Health Insurance Portability and Accountability Act mean serious consequences for the health care organization such as fines and penalties. Security Attacks in any form are of concern because this also compromises the integrity and confidentiality of patient data. In addition, the problem of resting databases in clear text means any person that has direct access to the database can read the information. Although the centralized storage of patient information in large databases has benefited the health care organization in the many ways, security policies, as well as criminal and civil offense for protecting this data is also important.

The link for this article located at Infosec Writers is no longer available.