News‎ > ‎

MSc: hospital security

posted Mar 19, 2012, 7:58 AM by Marco Spruit
Today Geert Wirken graduated with an 8.0 on his thesis Information secuirty in Dutch hospitals for which I was the second supervisor. Here's what it was about:

This thesis researches how Dutch hospitals improve information security. Information security has become an important topic for many Dutch hospitals, as they are since a few years required to comply with information security regulations. However, hospitals face various difficulties when improving information security and earlier research has shown that many hospitals did not comply with information security standards. Common practice in hospitals sometimes conflicts with information security measures: timely and unrestricted access to critical medical information is essential for effective treatment of patients, but on the other hand, medical information is often confidential and sensitive information which should not be disclosed to unauthorized persons. Furthermore, it is important that information systems are reliable and that the integrity of information is ensured.
This study aims to find out which problems Dutch hospitals face when improving information security, and how hospitals mitigate these problems. The conflicts of interest described above are important causes, but there are also other problems which prevents hospitals from complying to information security standards.
The research is divided in two phases. The first phase consists of a case study in one hospital, where problems with improving information security are analyzed in a detailed method. The second phase of the study is a validation study where the results of the case study are validated among a representative set of hospitals.