CLINICAL DECISION SUPPORT SYSTEM (CDSS) & CYBERSPACE

HIPAA (1996) + ePHI (2003) + HITCH (2009) + Breach Notification (2013) + ?

EHR

EMR

EMR

ePHI

Mojdeh Amini
Dec 19- USD
Amini, 2017
 Data Analysis The protected health data breaches in the United States Reported to HYPAA (2010-18)
Electronic Protected Health Information
ePHI: Achilles Heel?

Self-Insurance

Cyber No
Insurance

Yes

Healthcare Data Breach Statistics. (2018). Retrieved November 24, 2019, from https://www.hipaajournal.com/healthcare-data-breach-statistics/.

Meland,, P. H., Tondel, I. A., & Solhaug, B. (2015). Mitigating Risk with Cyberinsurance . Retrieved November 29, 2019, from
https://www.researchgate.net/publication/286489619_Mitigating_Risk_with_Cyberinsurance.
History: CDSS (mid-1960s) & Cyber Attacks (1971)

• Mid-1960s: Health Evaluation through Logical Processing (HELP) in Utah + 3M

• 1968: Computer Stored Ambulatory Record (COSTAR) + Harvard
Input ePHI
Info Categorization Process
Identify information System

Select Review Finalize

Identify Info Assign info
Info level type Info impact impact level Category
Type Quality
level type type

Monitor ePHI Select info category

Process and Analysis
Output ePHI

Kerbs, B. (2019, November 26). Krebs on Security. Retrieved December 1, 2019, from
https://krebsonsecurity.com/2019/11/110-nursing-homes-cut-off-from-health-records-in-ransomware-attack/
 Risk Analysis: CDSS on Cyber Attacks

Physical Move
No Getting
Protection 1St Additional
A New Email @ Code
Protected initiated Injection
Injection 2nd

Physical Move

Yes

Protected

Protected

Yes No
Yes

Database

Deleted

Otto, G. (2017, January 13). It's time to worry about 'just-in-time' malware – report. Retrieved November 29, 2010, from
https://www.fedscoop.com/its-time-to-worry-about-just-in-time-malware/7
 Question?

Mojdeh Amini
Dec 2019-USD
Amini, 2017