سرمایه گذاری امنیت اطلاعات بهینه در یک تبادل اطلاعات بهداشت و درمان: تجزیه و تحلیل اقتصادی
|کد مقاله||سال انتشار||مقاله انگلیسی||ترجمه فارسی||تعداد کلمات|
|45364||2014||11 صفحه PDF||سفارش دهید||محاسبه نشده|
Publisher : Elsevier - Science Direct (الزویر - ساینس دایرکت)
Journal : Decision Support Systems, Volume 61, May 2014, Pages 1–11
The complexity of the problem, the increasing security breaches, and the regulatory and financial consequences of breached patient data highlight the fact that security of electronic patient information in Healthcare Information Exchanges (HIEs) is an organizational imperative and a research priority. This study applies classical economic decision analysis techniques and models the HIE based on its network characteristics to offer key insights into the issue of determining the optimal level of information security investment. We find that for an organization in a HIE, only security events with the potential loss reaching some critical value are worth protecting, and organizations would only spend a fraction of the intrinsic security risk on protection measures. Even when business benefit from security investment exists, organizations in a HIE tend to invest based on risk reduction alone. The implications of such decisions made at the node level and the resulting built-in moral hazard at the HIE level is discussed.