Deadline for Code of Conduct on Access Security for Hospitals is rapidly approaching!

blog-codeofconduct

As more and more patient data is stored in digital files, secure access to this data is a real necessity. Not only to protect against cybercriminals, but also to ensure that only the right staff members have access to the files. That is why hospitals are obliged to carry out an audit to test the security. Trust Guard helps you to prepare and carry out this audit.

In response to various incidents in which staff wrongfully requested patient data and in some cases disclosed this data, the Netherlands Association of Hospitals (NVZ), supported by the Netherlands Federation of University Medical Centres (NFU), decided that a code of conduct should be drawn up, in which the security of digital patient data is laid down. In order to comply with the future “Gedragslijn 1.0” (Code of Conduct for Access to Digital Patient Files), hospitals are obliged to perform an audit.

From zero measurement to audit

The audit looks at the state of your security relating to the access to your digital patient records. Five components are tested:

– Authentication
– Authorisation
– Logging
– Monitoring
– Awareness

This concerns both access to records by hospital staff and the security of your website whether if criminals trying to gain access. Now that healthcare is becoming more and more digital, with patients making appointments or receiving results via the website, this is even more important than before.

To pass the audit, you must first map out the current state of your security. This is the so-called baseline measurement. This baseline measurement is carried out in accordance with the NEN7510 standards. It gives you a clear picture of your information security. On the basis of this baseline measurement, possible improvements can be proposed to bring your digital security up to the right standard.

A comprehensive scan

Together with partners AssuranceProviders and Cyber Guard we set up a baseline measurement, where Trust Guard takes care of the scanning of the website. The scan assesses the five components mentioned above on the basis of various aspects such as IT security and system management. In addition, compliance with the security policy is examined and the various technical links between your healthcare institution and your suppliers are checked. The findings are reported on the basis of various statutory guidelines such as NEN7510, ISO 27001 and HIPAA.

Based on these findings, we will help you with a plan to take your security to an even higher level before the May 31 audit deadline.

If you would like more information about the audit and baseline measurement, please contact gedragslijn@assuranceproviders.eu or by phone 0297 – 381 303 / 06- 28 35 35 79 87

Also read

Why conduct regular security scans?

Today, website security is crucial for any business operating online. One of the most effective ways to keep your website secure is to perform periodic security scans. These scans offer numerous benefits, from proactive website security to increasing customer trust. Here we discuss the main reasons why regular security scans are essential for your business.

Responsibility for cybersecurity really lies with the entrepreneur

As an entrepreneur or director of an organization, the responsibility for the security of the website lies with you. At a time when digital threats are becoming increasingly sophisticated, ensuring online security is essential. And that is a responsibility that you cannot simply ignore.

View scan results at basic or expert level

To strengthen trust when your customer wants to place an order, Trust Guard now has a check-out banner available. Thanks to this banner, customers can immediately see that they can safely make an online purchase.