You are here:
  • B2U.EU
  • News
  • "Deadline for Code of Conduct on Access Security for Hospitals is rapidly approaching!"

"Deadline for Code of Conduct on Access Security for Hospitals is rapidly approaching!"

As more and more patient data is stored in digital files, secure access to this data is a real necessity. Not only to protect against cybercriminals, but also to ensure that only the right staff members have access to the files. That is why hospitals are obliged to carry out an audit to test the security. Trust Guard helps you to prepare and carry out this audit.

In response to various incidents in which staff wrongfully requested patient data and in some cases disclosed this data, the Netherlands Association of Hospitals (NVZ), supported by the Netherlands Federation of University Medical Centres (NFU), decided that a code of conduct should be drawn up, in which the security of digital patient data is laid down. In order to comply with the future "Gedragslijn 1.0" (Code of Conduct for Access to Digital Patient Files), hospitals are obliged to perform an audit.

From baseline measurement to audit

The audit looks at the state of your security relating to the access to your digital patient records. Five components are tested:

  • Authentication
  • Authorisation
  • Logging
  • Monitoring
  • Awareness

This concerns both access to records by hospital staff and the security of your website whether if criminals trying to gain access. Now that healthcare is becoming more and more digital, with patients making appointments or receiving results via the website, this is even more important than before.

To pass the audit, you must first map out the current state of your security. This is the so-called baseline measurement. This baseline measurement is carried out in accordance with the NEN7510 standards. It gives you a clear picture of your information security. On the basis of this baseline measurement, possible improvements can be proposed to bring your digital security up to the right standard.

An extensive scan

Together with partners AssuranceProviders and Cyber Guard we set up a baseline measurement, where Trust Guard takes care of the scanning of the website. The scan assesses the five components mentioned above on the basis of various aspects such as IT security and system management. In addition, compliance with the security policy is examined and the various technical links between your healthcare institution and your suppliers are checked. The findings are reported on the basis of various statutory guidelines such as NEN7510, ISO 27001 and HIPAA.

Based on these findings, we will help you with a plan to bring your security to an even higher level, before the audit deadline of 31 May.

If you would like more information about the audit and the baseline measurement, please contact gedragslijn@assuranceproviders.eu or telephone 0297 - 381 303 / 06- 28 35 79 87.

Back

Trust Guard