The application of data security management in healthcare organizations

Sammanfattning: Healthcare organizations manage, transfer, and store large amounts of private and sensitive data about their patients over digital solutions, which puts them in a vulnerable situation as intruders try to access and leak this data. However, the risk of data leakage is just as great to occur by the exchange of information made by an inattentive employee. To manage and protect data from unauthorized parties receiving data that was not intended for them, it is important to apply appropriate means. Technical solutions have earlier been considered valuable, but it is not enough to only manage the technical solutions. For this reason, this study aimed to examine organizational activities and security policies that healthcare organizations apply for ensuring that the data is managed and protected in relation to the risk of data leakage. This study concluded that healthcare organizations can manage their data by controlling the distribution of access and encouraging education and awareness of laws, policies, and risks. While technical solutions may indicate a favourable outcome, organizational activities are equally important to include in the data security management.