Abstract

Because of the expansion in health information technology and the continued migration toward digital patient records as a foundation for the delivery of healthcare services, healthcare organizations face significant challenges in their efforts to determine how well they are protecting electronic health information from unauthorized disclosure. The disclosure of one’s personal medical information to unauthorized parties or individuals can have broad-reaching and long-term impacts to both healthcare providers and consumers. Although several classes and types of methodologies exist for measuring information security in general, a number of overarching issues have been identified which prevent their adaptation to the problem of measuring the confidentiality (the protection from unauthorized disclosure) of electronic information in complex organizational systems. In this study, a new approach for measuring the confidentiality of electronic information in healthcare-related organizations is developed. By leveraging systemic principles and concepts, an information security system (ISS) for assuring the confidentiality of electronic information in healthcare organizations is synthesized. The ISS is defined as a complex system composed of the Health Insurance Portability and Accountability Act (HIPAA) Security Rule information security safeguards and the people, processes, and technologies that contribute to these safeguards. The confidentiality of the ISS – a desired emergent property defined in terms of the systemic interactions which are present – represents the measure of protection from the unauthorized disclosure of electronic information. An information security model (ISM) that leverages the structure and parametric modeling capabilities of the Systems Modeling Language (SysML) was developed for specifying iv an ISS in addition to the contained systemic interactions which are present. Through the use of a parametric solver capability, the complex system of equations which quantify the contained interactions was executed for the purpose of generating a measure of confidentiality using a set of user-provided input values – a process referred to as ISM instantiation

Notes

If this is your thesis or dissertation, and want to learn how to access it or for more information about readership statistics, contact us at STARS@ucf.edu

Graduation Date

2012

Semester

Summer

Advisor

Elshennawy, Ahmad

Degree

Doctor of Philosophy (Ph.D.)

College

College of Engineering and Computer Science

Department

Industrial Engineering and Management Systems

Degree Program

Industrial Engineering

Format

application/pdf

Identifier

CFE0004378

URL

http://purl.fcla.edu/fcla/etd/CFE0004378

Language

English

Release Date

August 2012

Length of Campus-only Access

None

Access Status

Doctoral Dissertation (Open Access)

Subjects

Dissertations, Academic -- Engineering and Computer Science, Engineering and Computer Science -- Dissertations, Academic

Share

COinS