. "3 Privacy and Security Concerns Regarding Electric Health Information." For the Record: Protecting Electronic Health Information. Washington, DC: The National Academies Press, 1997.
The following HTML text is provided to enhance online
readability. Many aspects of typography translate only awkwardly to HTML.
Please use the page image
as the authoritative form to ensure accuracy.
TABLE 3.2 Types of Threat to Health Information Held by Health Care Organizations and Possible Countermeasures
Type
System Authorization
Data Authorization
Site Access
Threat
Countermeasure
1
Yes
Yes
Yes
Mistakes
Organizational and simple technical mechanisms
2
Yes
Yes
n/a
Improper use of access privileges
Organizational and technical mechanisms such as authentication and auditing
3
Yes
No
n/a
Unauthorized use for spite or profit
Organizational and technical mechanisms such as authentication and auditing
4
No
No
Yes
Unauthorized physical intrusion
Physical security and technical mechanisms such as authentication and access controls
5
No
No
No
Technical break-in
Technical mechanisms such as authentication, access controls, and cryptography
