Hakili, Joseph
Hello All,
Being a first time contributor here, I would like to express my gratitude to participate in the group. Please excuse and correct any error in the format or content. I present the topic “System Security” to the group for discussion.
As we move to implement the BID (better immunization data) initiative, let us share experiences, best practices and possibly technical expertise on system security as it pertains to health information systems.
The dictionary defines Security as “freedom from danger, risk, etc; safety” while Wikipedia defines System/Computer security as “security applied to computing devices such as computers and smart phones, as well as computer networks such as private and public networks, including the whole internet…it includes physical security to prevent theft of equipment and information security to protect the data on that equipment, sometimes referred to as cyber security”. Further, the U.S. National Information Systems Security Glossary defines Information Systems Security as" the protection of information systems against unauthorized access to or modification of information, whether in storage, processing or transit, and against the denial of services to authorized users or the provision of service to unauthorized users, including those measures necessary to detect, document and counter such threats”.
Please provide input to the following questions/scenarios below:
Is is there real need for robust security strategies for health information systems in Africa? Do the norms here negate the urgency that is evident in developed nations? And especially for a system that captures "just" vaccination/immunization data?
Are there respective government (i.e. Zambia and Tanzania) security strategies/policies in place for health information systems? And to what extent are they being reinforced?
Is system security infrastructure cost beneficial? Is there a trade-off between an excellent system security infrastructure and its cost? What provider e.g. Cisco, Symantec etc. is best placed to provide a security system that meets required standards?
Who should conduct security risk analysis? Should the set up of security systems be outsourced? What are the criteria for selecting vendors? What is the best practice on where/how to host the system?
Danovaro, Dr. Carolina (WDC)
Dear Dr. Hakili,
You raise an extremely important issue that goes far beyond immunization information systems. I work in Latin America, but the issues of system security, data safety and patient confidentiality keep coming up. In our Region, they tend to be addressed in the countries’ eHealth policies, as part of the standards for quality, safety, interoperability, and ethics that are (or should be) included.
I attach the eHealth Resolution from our Region, that advocates for eHealth strategies and policies, in case anybody in the group finds it useful.
All the best,
Carolina
M. Carolina Danovaro, MD, MSc
Regional Immunization Advisor
Department of Family, Gender and Life Course/Comprehensive Family Immunization Unit (FGL/IM)
Pan American Health Organization,
525 Twenty-third St, NW, Washington DC 20037 - USA
Tel. 1-202-974-3856 E-mail: dano...@paho.org Web: www.paho.org/immunization
--
You received this message because you are subscribed to the Google Groups "BID Initiative Discussions" group.
To unsubscribe from this group and stop receiving emails from it, send an email to
bidinitiativ...@googlegroups.com.
To post to this group, send email to
bidini...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/bidinitiative/BN1PR07MB93539C654C4C2EE9FC36EE2C7130%40BN1PR07MB935.namprd07.prod.outlook.com.
For more options, visit https://groups.google.com/d/optout.
Hakili, Joseph
Thank you very much for your response. Hopefully the Initiative will gain from your input and the document you shared. I look forward for more suggestions/recommendations from you.
Regards,
Joseph
Sent from my Windows Phone
From: Danovaro, Dr. Carolina (WDC)
Sent: 3/7/2015 4:39 AM
To: Hakili, Joseph; bidini...@googlegroups.com
Cc: Novillo, Mr. David (WDC)
Subject: RE: System Security
Hakili, Joseph
Hello All,
I am sharing attached document from our BID Library. It addresses especially the question on available strategies/ policies available for Health Information Systems, specifically in Tanzania. You will excuse me for duplication if this document has been shared before.
Regards,
Joseph
To view this discussion on the web visit https://groups.google.com/d/msgid/bidinitiative/BN1PR07MB935185425F2DA32EFC81CE0C71D0%40BN1PR07MB935.namprd07.prod.outlook.com.
Fazilah Shaik Allaudin
This is useful, thank you Carolina.
Dr. Fazilah Shaik Allaudin
Deputy Director
Telehealth Division
Ministry of Health Malaysia
From: bidini...@googlegroups.com [mailto:bidini...@googlegroups.com]
On Behalf Of Danovaro, Dr. Carolina (WDC)
Sent: Saturday, March 7, 2015 9:40 AM
To: Hakili, Joseph; bidini...@googlegroups.com
Cc: Novillo, Mr. David (WDC)
Subject: RE: System Security
Dear Dr. Hakili,
To view this discussion on the web visit https://groups.google.com/d/msgid/bidinitiative/3B2D67A89DE5234C8ADAB6DEE1481862B983914F%40HQ-EXCH-MB04.wdc.paho.org.