The incorporation of new information technologies into health services and the development of information systems for the management of
medical data, such as Electronic Health Records, have promoted an increase in the quality and efficiency of health services and an
improvement in the security of patient care, while the protection of health data has become a priority.
The implementation of a medical data security and protection model under the new General Data Protection Regulation (GDPR) must consider the rights of citizens to their information and the ethical laws and rules that protect those rights, which provide a challenge for ICTs in healthcare.
This document’s goal is to guide health practitioners and managers in their work to assure the security and protection of health data. For that purpose, we will list different aspects that affect the security of information, providing the reader with the necessary knowledge to question whether the health information system used is secure.
Furthermore, we will expand on the advantages of cloud solutions for health sector security.
The proper management of healthcare data security needs a strong implication of healthcare organizations from 3 different perspectives: legal, organizational and technological.