Information Systems 1 Running head: INFORMATION SYSTEMS Information Systems Security at Kent General Hospital Amanda Ridgeway BAC 435 Mr. Chuck Donovan Aug. 15, 09
Information Systems 2 Information Systems Security at Kent General Hospital Information systems security evaluates the potential risks within the company’s computer systems and software. These potential risks are weighted in whether they are detrimental or mediocre. Every company has precious information that competitors or thieves would profit from. Anywhere from account balances to personal information that would be caustic if stolen or lost. It is very important that the people in charge of creating the security systems have great knowledge of systems and creating a secure lock so others can’t hack into this information. At Kent General Hospital the information systems (IS) team is responsible for analyzing vulnerabilities or threats, actions to take against these threats, what to do in a disastrous situation and aspects of the system its self. There is a cycle that the IS team should follow when making and maintaining a security system. “Computer security systems are developed by applying the established methods of system analysis; design; implementation; and operation, evaluation, and control (p155).” Systems analysis is the process of investigate the potential risks to the systems information if it was taken or lost. In a hospital there are many different files that need to be protected. There are accounting information files and patient files. The accounting information files contain all the financial information of the company like financial statements, patient finance, insurance payment documents, state or federal payment documents, and much more. The patient files include all patient information from address and social security numbers to procedures done. If these documents were tampered or lost this could be detrimental. The hospital keeps back-up files in order to prevent files from being lost. The system must be secure to ensure that hackers aren’t changing account amounts and so employees aren’t changing numbers in order to steal from the company. Security must be in place in order to keep the company safe from external
Information Systems 3 and internal threats. The design is used to have different controls like password entry and limited access to different people. In the hospital not all workers are able to get to all files in the system. Every worker has an access account that is linked to them. This account is password protected and is programmed by IS. Each employee account has access to information pertaining to their job, rank, and need. For example, a unit secretary has access to inpatient accounts for patients in the hospital but limited to only seeing information for that specific stay in the hospital. They don’t get access to all patient medical records for all procedures and stays in the hospital. In order to get information they must go through the medical records department. These employees
This is the end of the preview. Sign up to
access the rest of the document.