Regresar

Cybersecurity Mechanisms for Information Security in Patients of Public Hospitals in Ecuador

Abstract:

Information is considered the most important asset for most organizations in the healthcare sector, being sensitive and critical as it contains detailed patient data on their socioeconomic status, analysis, diagnoses and medical treatments that are administered by healthcare centers, avoiding unauthorized alteration or theft of data, which is a latent problem that can affect both the information systems managed in these environments and patients. Cybersecurity in public hospitals must be in line with clear assurance policies, in order to respond quickly and effectively to any type of threat, which are becoming more and more advanced. This paper analyzes the current situation of security and confidentiality of patient information in type II public hospitals in Ecuador, establishing an analysis methodology based on laws, standards, agreements and national and international regulations, applied to each of the health entities taken as a sample. Finally, guidelines are defined for an adequate treatment of patient information, which is an essential component of data confidentiality. As a result, it was found that patient information in the health units becomes a control mechanism in accordance with HIPAA and ISO 27799, and this study also shows the shortcomings in the assurance of patient information, despite the efforts made by the institutions, so that processes for continuous improvement are proposed.