View Item 
        •   Utrecht University Student Theses Repository Home
        • UU Theses Repository
        • Theses
        • View Item
        •   Utrecht University Student Theses Repository Home
        • UU Theses Repository
        • Theses
        • View Item
        JavaScript is disabled for your browser. Some features of this site may not work without it.

        Browse

        All of UU Student Theses RepositoryBy Issue DateAuthorsTitlesSubjectsThis CollectionBy Issue DateAuthorsTitlesSubjects

        Information security in Dutch hospitals

        Thumbnail
        View/Open
        Thesis.pdf (1.240Mb)
        Publication date
        2012
        Author
        Wirken, G.P.J.W.F.
        Metadata
        Show full item record
        Summary
        This thesis researches how Dutch hospitals improve information security. Information security has become an important topic for many Dutch hospitals, as they are since a few years required to comply with information security regulations. However, hospitals face various difficulties when improving information security and earlier research has shown that many hospitals did not comply with information security standards. Common practice in hospitals sometimes conflicts with information security measures: timely and unrestricted access to critical medical information is essential for effective treatment of patients, but on the other hand, medical information is often confidential and sensitive information which should not be disclosed to unauthorized persons. Furthermore, it is important that information systems are reliable and that the integrity of information is ensured. This study aims to find out which problems Dutch hospitals face when improving information security, and how hospitals mitigate these problems. The conflicts of interest described above are important causes, but there are also other problems which prevents hospitals from complying to information security standards. The research is divided in two phases. The first phase consists of a case study in one hospital, where problems with improving information security are analyzed in a detailed method. The second phase of the study is a validation study where the results of the case study are validated among a representative set of hospitals. Various problems have been found by this study, but also many best practices have been found. These best practices are useful for other hospitals: they provide workable solutions that address both information security requirements, as well as medical requirements. The main conclusions of this study are that hospitals should address information security seriously, and that hospitals should solve problems together when possible.
        URI
        https://studenttheses.uu.nl/handle/20.500.12932/10525
        Collections
        • Theses
        Utrecht university logo