Pacific Medical Technology Symposium (1998)
Aug. 17, 1998 to Aug. 20, 1998
Jeff Collmann , Georgetown University
Anna-Lisa Silvestre , Kaiser Permanente Health Plan Medical Center
This paper presents general principles and case examples of how health care providers might prepare themselves to become data security capable organizations; that is, organizations in which ensuring the security and confidentiality of medical information becomes incorporated into the every day working routines of all staff.Building a security capable organization requires institutionalizing a security surveillance process, not just implementing security measures. Implementing a security surveillance process requires several steps, including: 1. Monitoring the changing legal and regulatory environment; 2. Enhancing patient understanding of the organization's data security efforts, and; 3. Continuously updating data security policies, procedures and practices in light of changing mission. Case examples from KP Online, an interactional patient tool from Kaiser Permanente Health Care and Project Phoenix, a telemedicine project from Georgetown University Medical Center illustrate the general points.
J. Collmann and A. Silvestre, "Building a Security Capable Organization: A Workshop," Pacific Medical Technology Symposium(PACMEDTEK), Honolulu, Hawaii, 1998, pp. 2.