Design and Application of a Security Analysis Method for Healthcare Telematics in Germany (HatSec)
Proceedings of the Fourth GI Graduate Workshop on Reactive Security (Spring), Number SR-2009-01 in GI SIG SIDAR Technical Reports, Stuttgart, Germany, 15 September 2009, GI SIG SIDAR, p. 19
Posted: 30 Sep 2012
Date Written: September 15, 2009
Purpose: The goal of this work is to provide a method for organisational and technical analysis of security issues in health care (using tools, methods and processes in a structured and traceable way). On the basis of this method the current security status of health care telematics in Germany is evaluated and valuable hints for future developments in the health care sector are derived.
Findings: During the planning stage of designing such an IS security analysis method specific to healthcare industry, it is advisable to base the design procedure on established standards and best practice approaches, so that the security analysis method relies on previously approved frameworks. Based on the PDCA (Plan/Do/Check/Act) model the HealthcAre Telematics SECurity - HatSec - analysis method is built in a compositional manner. This means that the HatSec method was designed from existing IS security analysis approaches (like ISO 27001 and IT-Grundschutzhandbuch), which were subdivided into method fragments. These method fragments were used to construct the HatSec security analysis method. The identified method fragments of selected IS security analysis approaches were methodically composed into the following seven steps: (1) scope identification, (2) asset identification, (3) basic security check, (4) threat identification, (5) vulnerability identification, (6) security assessment and (7) security measures. These steps represent at least one part of an IS security approach that fits best to the current situation. The application of the HatSec method identified 24 deficiencies around the current status of the German health care telematics (including weaknesses, inconsistent and conflicting development documents and violation of security demands) and provided solutions for discovered vulnerabilities accordingly.
Practical implications: Based on the outcome of this research project, a broader understanding of analyzing healthcare security is expected. The created method is designed for chief information security officers (CISO) to analyze forthcoming or already implemented healthcare information systems. A further contribution to practice is the identification of security problems in the current concept of the German healthcare telematics.
Suggested Citation: Suggested Citation