How can regional health care providers prevent data breaches by implementing PII controls?
2022 (English)Independent thesis Advanced level (degree of Master (Two Years)), 10 credits / 15 HE credits
Student thesis
Abstract [en]
PII controls presented in ISO/IEC 27701:2019 can increase information security when implementing a suitable set of controls, including policies, processes, procedures, organisational structures, and software and hardware functions. In ISO/IEC 27701:2019, the PII controls are explained and adapted by organisations. In retrospect, it is interesting to know how adapted these PII controls are to healthcare when a completely different level of confidential data comes into play. Such confidential data would have exceptionally large consequences for humans, not always based on economic loss, such as bank data. Instead, it could have a psychological impact and effect on human life, depending on what health information becomes leaked in a data breach.
To get an insight into the challenges with data breaches in regional healthcare and how they can be prevented with PII controls, the following research question was formulated: How can regional healthcare providers prevent data breaches by implementing PII controls? A challenge arises when Swedish health care has laws and regulations that must be followed. The interviews show several risks that PII controls work toward preventing to decrease further incidents. From a societal aspect, the research will contribute research that extends today’s analysis regarding the prevention of data breaches in regional health care.
Place, publisher, year, edition, pages
2022. , p. 37
Keywords [en]
Regional health care, data breaches, PII controls, limit collection, temporary files, documentation, access, erasure, copy of processed PII
National Category
Computer Sciences Health Care Service and Management, Health Policy and Services and Health Economy
Identifiers
URN: urn:nbn:se:his:diva-21511OAI: oai:DiVA.org:his-21511DiVA, id: diva2:1679563
Subject / course
Informationsteknologi
Educational program
Privacy, Information and Cyber Security - Master's Programme 120 ECTS
Supervisors
Examiners
2022-07-012022-07-012022-07-06