Privacy and security are the most critical success factors in any healthcare projects. Privacy and security should be designed, developed and implemented appropriately in any electronic health care solution to ensure protection of privacy and security of Personal Information and Personal Health Information, and compliance with PHIPA legislation. A systematic approach is required to analyze the privacy and security design/implementation/management, determine the impact and identify any gaps or opportunities to enhance the privacy and security controls.
Privacy Impact Assessment (PIA) is a comprehensive process commonly adopted by healthcare organizations to analyze privacy impact and identify enhancement opportunities.
Threat and Risk Assessment (TRA) is a proven process to uncover security threat and vulnerabilities, calculate the risks and provide practical and cost-effective remediation to reduce the risks to the level that is acceptable by the project stakeholders.
BlueImpact has developed comprehensive Privacy Impact Assessment Methodology to guide PIA project for our clients.
I would like a template of a PIA TRA if you have one or ideas of what to put into one. thank you