Table of contents exchange of letters with the minister executive summary


party inline with the CCoP requirements and upon specified events ............ 348



Download 5.91 Mb.
View original pdf
Page184/329
Date27.11.2023
Size5.91 Mb.
#62728
1   ...   180   181   182   183   184   185   186   187   ...   329
Report of the COI into the Cyber Attack on SingHealth 10 Jan 2019
party inline with the CCoP requirements and upon specified events ............ 348
43.2.2
Periodic audits on other IT systems should be conducted inline with Audit
Committee requirements ................................................................................. 349
43.2.3
A written protocol for the remediation of audit findings must be established 350
44
RECOMMENDATION #9: ENHANCED SAFEGUARDS MUST BE PUT
IN PLACE TO PROTECT ELECTRONIC MEDICAL RECORDS ................. 354
44.1
A clear policy on measures to secure the confidentiality, integrity and accountability of electronic medical records must be formulated ............... 355
44.1.1
Role-based access for front-end users ............................................................ 355
44.1.2
Database-level access by administrators, developers and support team ....... 356
44.1.3
Logging policy and audit trails ...................................................................... 357
44.1.4
Rate limiting ................................................................................................... 358


COI Report – Part VII
Page 218 of 425

44.1.5
Tagging of sensitive data ................................................................................ 359 Databases containing patient data must be monitored in real-time for suspicious activity ........................................................................................ 359 44.3
End-user access to the electronic health records should be made more secure ........................................................................................................... 361 Measures should be considered to secure data-at-rest ................................. 363 Controls must be put in place to better protect against the risk of data exfiltration .................................................................................................... 365 Access to sensitive data must be restricted at both the front-end and at the database-level............................................................................................... 366

Download 5.91 Mb.

Share with your friends:
1   ...   180   181   182   183   184   185   186   187   ...   329



The database is protected by copyright ©ininet.org 2024
send message
    Main page
united states
total number
vast majority
federal government
other side
next generation
supreme court
information contained
current state
executive director
national association
middle east
east coast
general assembly
private sector
same time
west coast
united kingdom
united nations
total amount
full range
highest level
soviet union
european union
national academy