Navegando por Palavras-chave "Política de segurança da informação e comunicação"

Agora exibindo 1 - 1 de 1
  • Imagem de Miniatura
    Item
    Acesso aberto (Open Access)
    Guia de contribuição da segurança em sistemas informatizados em saúde
    (Universidade Federal de São Paulo (UNIFESP), 2016-12-31) Pereira, Samaris Ramiro [UNIFESP]; Paiva, Paulo Bandiera [UNIFESP]; http://lattes.cnpq.br/0947654602498462; Universidade Federal de São Paulo (UNIFESP)
    Introduction. An increasing number of transactions are migrating to the digital world. In Health, electronic records have advantages such as cost, availability and integration. However, to achieve these benefits, it is necessary to ensure that the information security is maintained and provided by the systems. The lack of security can lead to serious consequences such as legal proceedings and medical errors. The information security management is complex and comprehensive. Researches for the development and improvement of technologies are a constant in computer science, as well as researches in information science to point out good and safe practices in the information lifecycle. An inadequate control of the flow of information, since the creation of a data until its disposal may give rise to several vulnerabilities. Goal. Based on ISO 27001, SBIS Certification and other important references, this study aims to present a wide number of topics that need to be analyzed in the development and analysis of a computer system for health to ensure safety and quality. Since developers and managers do not have time to read, research doubts, study and analyze extensive safety standards, many important topics may be forgotten or disregarded. Methods. This research was based on quantitative issues to map the important requirements found on literature about safety systems in health and also an explanatory research to analyze these requirements, justify and present them through a non-exhaustive list. Results. The result of this thesis enabled the creation of a non-exhaustive reference guide to assist in the development of efficient and effective policies in line with the strategy of each company to be used in the development or implementation of computer health systems. Conclusions. According to the type and purpose of this research, its contribution is distributed throughout the text, mainly on the reference guide. The analysis of each topic has its importance in the final quality of the system and offers important reflections for professionals who wish to manipulate health systems safely.