Digital health initiatives lead to a significant improvement in healthcare. However, Introduction of information systems also increases the risk of exposing the information to unauthorized parties as health information systems carry very sensitive and personal information. Therefore, the issue of maintaining the privacy and security of health information has become a major challenge that needs to be addressed if the digitization of the health sector is to move forward.
At present, most public health facilities and some hospitals use health IT systems establishing a reliable system of patient care for the citizens of Sri Lanka. In order to regulate and govern such systems, the absence of a national health information security policy or legislation on protection of privacy is presently considered as a major drawback which hinders further health IT expansions.
In addition, it has also been noted that the majority of health staff, including health administrators, have a minimal understanding and interest in information security and data privacy.
Therefore, it is essential to maintain the information security and data privacy at the optimal level. As a initial step this “Information Security Guideline for Healthcare Institutions” was drafted. This guideline is intended in providing a compact and easily understandable overview of the most relevant security safeguards. The focus is on organizational safeguards and on illustrating threats through practical examples.
You can download the document from the link below. Please send your comments & suggestions to the firstname.lastname@example.org