Abstract
Because of the expansion in health information technology and the continued migration toward digital patient records as a foundation for the delivery of healthcare services, healthcare organizations face significant challenges in their efforts to determine how well they are protecting electronic health information from unauthorized disclosure. The disclosure of one’s personal medical information to unauthorized parties or individuals can have broad-reaching and long-term impacts to both healthcare providers and consumers. Although several classes and types of methodologies exist for measuring information security in general, a number of overarching issues have been identified which prevent their adaptation to the problem of measuring the confidentiality (the protection from unauthorized disclosure) of electronic information in complex organizational systems. In this study, a new approach for measuring the confidentiality of electronic information in healthcare-related organizations is developed. By leveraging systemic principles and concepts, an information security system (ISS) for assuring the confidentiality of electronic information in healthcare organizations is synthesized. The ISS is defined as a complex system composed of the Health Insurance Portability and Accountability Act (HIPAA) Security Rule information security safeguards and the people, processes, and technologies that contribute to these safeguards. The confidentiality of the ISS – a desired emergent property defined in terms of the systemic interactions which are present – represents the measure of protection from the unauthorized disclosure of electronic information. An information security model (ISM) that leverages the structure and parametric modeling capabilities of the Systems Modeling Language (SysML) was developed for specifying iv an ISS in addition to the contained systemic interactions which are present. Through the use of a parametric solver capability, the complex system of equations which quantify the contained interactions was executed for the purpose of generating a measure of confidentiality using a set of user-provided input values – a process referred to as ISM instantiation
Notes
If this is your thesis or dissertation, and want to learn how to access it or for more information about readership statistics, contact us at STARS@ucf.edu
Graduation Date
2012
Semester
Summer
Advisor
Elshennawy, Ahmad
Degree
Doctor of Philosophy (Ph.D.)
College
College of Engineering and Computer Science
Department
Industrial Engineering and Management Systems
Degree Program
Industrial Engineering
Format
application/pdf
Identifier
CFE0004378
URL
http://purl.fcla.edu/fcla/etd/CFE0004378
Language
English
Release Date
August 2012
Length of Campus-only Access
None
Access Status
Doctoral Dissertation (Open Access)
Subjects
Dissertations, Academic -- Engineering and Computer Science, Engineering and Computer Science -- Dissertations, Academic
STARS Citation
Gallaher, Shawn Michael, "An Approach For Measuring The Confidentiality Of Data Assured By The Confidentiality Of Information Security Systems In Healthcare Organizations" (2012). Electronic Theses and Dissertations. 2199.
https://stars.library.ucf.edu/etd/2199