| Description |
1 online resource (260 pages) : color illustrations. |
|
text txt rdacontent |
|
computer c rdamedia |
|
online resource cr rdacarrier |
| Series |
NIST special publication ; 1800-1 |
|
NIST special publication ; 1800-1.
|
| Note |
"July 2018." |
| Bibliography |
Includes bibliographical references. |
| Contents |
volume A. Executive summary -- volume B. Approach, architecture, and security characteristics -- volume C. How-to guides -- volume D. Standards and controls mapping -- volume E. Risk assessment and outcomes. |
| Summary |
Health care providers increasingly use mobile devices to receive, store, process, and transmit patient clinical information. According to our own risk analysis, discussed here, and in the experience of many health care providers, mobile devices can present vulnerabilities in a health care organization's networks. At the 2012 Health and Human Services Mobile Devices Roundtable, participants stressed that mobile devices are being used by many providers for health care delivery before they have implemented safeguards for privacy and security. This NIST Cybersecurity Practice Guide provides a modular, open, end-to-end reference design that can be tailored and implemented by health care organizations of varying sizes and information technology sophistication. Specifically, the guide shows how health care providers, using open source and commercially available tools and technologies that are consistent with cybersecurity standards, can more securely share patient information among caregivers using mobile devices. The scenario considered is that of a hypothetical primary care physician using her mobile device to perform reoccurring activities such as sending a referral (e.g., clinicalinformation) to another physician, or sending an electronic prescription to a pharmacy. While the design was demonstrated with a certain suite of products, the guide does not endorse these products in particular. Instead, it presents the characteristics and capabilities that an organization's security experts can use to identify similar standards-based products that can be integrated quickly and cost-effectively with a health care provider's existing tools and infrastructure. |
| Note |
Description based on online resource; title from PDF title page (viewed July 27, 2018). |
| Subject |
United States. Health Insurance Portability and Accountability Act of 1996.
|
|
Medical records -- Data processing.
|
|
Computer security.
|
|
Risk management.
|
|
Health Insurance Portability and Accountability Act of 1996 (United States) (OCoLC)fst01386851
|
|
Computer security. (OCoLC)fst00872484
|
|
Medical records -- Data processing.
(OCoLC)fst01014552
|
|
Risk management. (OCoLC)fst01098164
|
| Indexed Term |
Patient health information |
|
Electronic health record security |
|
Electronic health records system |
|
Mobile device security standards |
|
Theft of health records |
|
Theft of medical information |
|
HIPAA |
| Added Author |
Lesser, Nate, author
|
|
Pleasant, Brett, author
|
|
Wang, Sue, author
|
|
Zheng, Kangmin, author
|
|
Bowers, Colin, author
|
|
Kamke, Kyle, author
|
|
National Cybersecurity Center of Excellence (U.S.), issuing body.
|
| Gpo Item No. |
0247 (online) |
| Sudoc No. |
C 13.10:1800-1 |
|
