This course consists of weekly lectures, labs, and online sessions with an emphasis on healthcare computer security. Topics include identifying threats and points of vulnerability in healthcare information technology (HIT) systems; access control and its relation to the Health Insurance Portability and Accountability Act (HIPPAA); security related to patient data; workflow challenges; healthcare regulations that impact data security; and preparing for various security attacks.
Course Learning Objectives
- Describe the effects of HIPAA on system security in a healthcare environment.
- Recognize the potential vulnerabilities that result from the interaction of multiple systems in a healthcare environment.
- Discuss ways to employ access controls to protect patient data and meet HIPAA requirements.
- Describe ways to mitigate the challenges to system security posed by clinical workflows.
- Discuss ways to enhance the usability of security measures to encourage compliance.
- Identify potential security issues in system acquisition and implementation.
- Discuss ways to maintain security so that it meets governmental regulations.
- Privacy and Security laws and regulations
- Potential points of vulnerability in a healthcare IT system – covers the interfaces between systems
- Interoperability Standards and Certification
- Impact of end users on HIT security, particularly in applications
- Access control and its relation to HIPAA
- Security related specifically to patient data (influence of HIPAA and other regulations)
- Workflows and their challenges to security
- Importance of usability to maintaining security