TABLE 3.2 Types of Threat to Health Information Held by Health Care Organizations and Possible Countermeasures

Type

System Authorization

Data Authorization

Site Access

Threat

Countermeasure

1

Yes

Yes

Yes

Mistakes

Organizational and simple technical mechanisms

2

Yes

Yes

n/a

Improper use of access privileges

Organizational and technical mechanisms such as authentication and auditing

3

Yes

No

n/a

Unauthorized use for spite or profit

Organizational and technical mechanisms such as authentication and auditing

4

No

No

Yes

Unauthorized physical intrusion

Physical security and technical mechanisms such as authentication and access controls

5

No

No

No

Technical break-in

Technical mechanisms such as authentication, access controls, and cryptography



The National Academies | 500 Fifth St. N.W. | Washington, D.C. 20001
Copyright © National Academy of Sciences. All rights reserved.
Terms of Use and Privacy Statement