Public Trust in Health Information: Foundational Principles for Dependable Systems Dixie B. Baker, Ph.D. Vice President for Technology CTO, Enterprise.

Slides:



Advertisements
Similar presentations
Connected Health Framework
Advertisements

©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering 2.
Enterprise Architectures
Brave New World: Understanding and Managing Privacy Programs in an E-Health World e-Health Conference 2013: Accelerating Change May 28, 2013, a.m.
Business Continuity and DR, A Practical Implementation Mich Talebzadeh, Consultant, Deutsche Bank
©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.
Ensuring Non-Functional Properties. What Is an NFP?  A software system’s non-functional property (NFP) is a constraint on the manner in which the system.
Critical Infrastructure Protection (and Policy) H. Scott Matthews March 25, 2004.
McGraw-Hill/Irwin © 2008 The McGraw-Hill Companies, All Rights Reserved Business Plug-In B4 Enterprise Architecture.
Chapter 5. Describe the purpose, use, key attributes, and functions of major types of clinical information systems used in health care. Define the key.
Managing Information Systems Information Systems Security and Control Part 2 Dr. Stephania Loizidou Himona ACSC 345.
©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.
©Ian Sommerville 2006Critical Systems Slide 1 Critical Systems Engineering l Processes and techniques for developing critical systems.
Enterprise Architecture
Oracle High Availability Doug Smith CIS 764 Fall Semester 2007.
Software Dependability CIS 376 Bruce R. Maxim UM-Dearborn.
©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 23 Slide 1 Software testing.
Resiliency Rules: 7 Steps for Critical Infrastructure Protection.
Getting Smarter with Information An Information Agenda Approach
ATIF MEHMOOD MALIK KASHIF SIDDIQUE Improving dependability of Cloud Computing with Fault Tolerance and High Availability.
Information Security Governance 25 th June 2007 Gordon Micallef Vice President – ISACA MALTA CHAPTER.
Lee Kinsman (soon to be) Consultant, Chamonix IT Consulting
CS 325: Software Engineering April 14, 2015 Software Security Security Requirements Software Security in the Life Cycle.
1 Get Ready to RHIO Health Information Exchanges and Emergency Preparedness Jeff Odell, Senior Vice President MedVirginia x227
Confidentiality and Security Issues in ART & MTCT Clinical Monitoring Systems Meade Morgan and Xen Santas Informatics Team Surveillance and Infrastructure.
How Hospitals Protect Your Health Information. Your Health Information Privacy Rights You can ask to see or get a copy of your medical record and other.
Computer Science Open Research Questions Adversary models –Define/Formalize adversary models Need to incorporate characteristics of new technologies and.
Figures – Chapter 14. Figure 14.1 System layers where security may be compromised.
ISO17799 Maturity. Confidentiality Confidentiality relates to the protection of sensitive data from unauthorized use and distribution. Examples include:
Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin Business Plug-In B4 Enterprise Architectures (on OLC)
Imagine IT February, Our goals for today  Review why we need an electronic Health Record  Present a high level overview of the plan  Steps we.
The Status of Health IT in British Columbia Elaine McKnight.
Chapter 1 Overview The NIST Computer Security Handbook defines the term Computer Security as:
SOA-39: Securing Your SOA Francois Martel Principal Solution Engineer Mitigating Security Risks of a De-coupled Infrastructure.
Dependable Systems For Quality Care
HIT Policy Committee Report from HIT Standards Committee Privacy and Security Workgroup Dixie Baker, SAIC December 15, 2009.
Federal Cybersecurity Research Agenda June 2010 Dawn Meyerriecks
Lecture slides prepared for “Computer Security: Principles and Practice”, 3/e, by William Stallings and Lawrie Brown, Chapter 1 “Overview”. © 2016 Pearson.
Chapter 15 : Dependable Systems for Quality care.
Physicians and Health Information Exchange (HIE) The Value of HIE to a Physician’s Practice and Consumers.
ORGANIZING IT SERVICES AND PERSONNEL (PART 1) Lecture 7.
Clinical Computing Secure, reliable technology that improves clinical workflow at the point of care.
Electronic Health Record systems: U.S. Federal initiatives and Public/ private partnerships.
PDA’s and Remote Patient Care By Cassandra Kennicott, RN.
1 Remember me? The patient is key Including the patient’s perspective improves health outcomes Chair: Dr Zoran Bolevich Acting Chief Executive eHealth.
Health Management Information Systems Unit 3 Electronic Health Records Component 6/Unit31 Health IT Workforce Curriculum Version 1.0/Fall 2010.
Health Management Information Systems Unit 8 Consumer Health Informatics.
 BEFORE Inefficient Costly Manually intensive Crisis-driven model of care delivery  AFTER Efficient Consumer-centric Science-based model  Changes brought.
Slide 1 Security Engineering. Slide 2 Objectives l To introduce issues that must be considered in the specification and design of secure software l To.
QUERI Robert L Jesse, MD, PhD Chief Consultant Medical Surgical Service.
1 HIT Standards Committee Hearing on Health Information Technology Security Issues, Challenges, Threats, and Solutions - Introduction Dixie Baker, SAIC.
Information Resource Stewardship A suggested approach for managing the critical information assets of the organization.
©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 23 Slide 1 Software testing.
 To explain the relationship between dependability and health care quality and safety.  To identify and explain five guidelines for dependability.
INFORMATION ASSURANCE POLICY. Information Assurance Information operations that protect and defend information and information systems by ensuring their.
Lecturer: Eng. Mohamed Adam Isak PH.D Researcher in CS M.Sc. and B.Sc. of Information Technology Engineering, Lecturer in University of Somalia and Mogadishu.
Welcome to the ICT Department Unit 3_5 Security Policies.
CS457 Introduction to Information Security Systems
Chapter 1 Characterization of Distributed Systems
CompSci 280 S Introduction to Software Development
Network Security Basics: Malware and Attacks
Enterprise Architecture
Security Engineering.
INFORMATION SYSTEMS SECURITY and CONTROL
Cloud Consulting Services and Solutions
Cybersecurity ATD technical
THE 13TH NATIONAL HIPAA SUMMIT HEALTH INFORMATION PRIVACY & SECURITY IN SHARED HEALTH RECORD SYSTEMS SEPTEMBER 26, 2006 Paul T. Smith, Esq. Partner,
Web Information Systems Engineering (WISE)
Conceptual Data Flow Model Between PHIN Systems
Presentation transcript:

Public Trust in Health Information: Foundational Principles for Dependable Systems Dixie B. Baker, Ph.D. Vice President for Technology CTO, Enterprise and Infrastructure Solutions Group Presented by Kathleen A. McCormick, Ph.D. Senior Scientist/Vice President SAIC, Health Solutions

2 Realization of the Vision Brings Risk IT Dependency and Value eHealth – Realization of NHIN Time RISK Stage 3: The Digital Doctor Patient ownership of record Integrated EMR available anywhere, exchangable across caregivers, minable for syndromic surveillance Integrated, individualized decision support Data exchanged over shared, public networks (Internet) Stage 2: The Bewildered Doctor “System of systems” through the miracle of integration engines Electronic clinical data Electronic administrative transactions with trading partners General-use decision-making tools (e.g., drug-drug interactions) Stage 1: The Family Doctor Minimal use of IT in clinical care “Departmental” systems Private networks Decision making as an “art”

3 Confronting Risk – Assuring Public Trust System reliability Service availability Information confidentiality Data integrity Software safety As provider organizations increase their dependence on information technology in the delivery of clinical care, DEPENDABILITY becomes essential for business success, quality care, and patient safety!

4 From:Baker, D. Dependable Systems for Quality Care. in Saba, VK and McCormick, KA. Essentials of Nursing Informatics, 4th Edition, New York:McGraw-Hill Book Co., in press Guidelines for Dependability 1.Architect for dependability.  Architect enterprise systems from the bottom up so that no critical component is dependent upon a component less trustworthy than itself.  Minimize complexity – the simplest design and integration strategy will be the most understandable, maintainable, and recoverable.  Avoid/eliminate single-point failures – distributed architectures can tolerate failure more easily than large, centralized systems.  Incorporate redundancy & fail-over for critical components.  Implement security in depth to protect sensitive information from unauthorized disclosure, critical data from corruption and destruction, and essential services from interruption.

5 Dependability Requires Architectural Assurance Confidence that enterprise systems will: Deliver services as described in functional specification; Deliver services as described in functional specification; Not exhibit behaviors that are unexpected, malicious, or harmful; and Not exhibit behaviors that are unexpected, malicious, or harmful; and Be available when they are needed. Be available when they are needed.

6 Dependable Architectures Recognize Dependencies Safety FUNCTIONAL CAPABILITIES Security FUNCTIONAL CAPABILITIES

7 5 Guidelines for Dependability 2.Expect failures.  Implement application-transparent features to detect faults, failover to redundant components, and recover from infrastructure failures.  Implement application-specific features to handle exceptions in software execution.  Implement features to detect, recover from, and survive malicious attacks while preserving system stability and security.  Design and build safety-critical systems to fail in a safe state. 3.Expect success.  Plan for scalability.  Plan for integration with other systems.  Model use-case scenarios and associated data flows, system loading, and network impact.

8 5 Guidelines for Dependability 4.Hire meticulous managers (with just a touch of paranoia) to manage your systems and networks.  Use middleware to manage workload.  Use out-of-band tools to monitor and manage system and network performance.  Develop and execute plans and procedures for managing emergencies and recovering from disasters. 5.Don’t be adventurous.  Use proven methods, tools, technologies, and products that have been in production, under conditions and at a scale similar to yours.  Don’t be the first (or second) to adopt a new technology.

9 Contact Information

10 Local Health Solutions Kathleen A. McCormick, Ph.D. Senior Scientist/Vice President SAIC Health Solutions Falls Church, VA and Rockville, MD

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.