STRATEGIES FOR DATA PROTECTION AND PRIVACY IN ADMINISTRATIVEINFORMATION SYSTEMS
Keywords:
Access control, administrative information systems, compliance, Data Governance, data protection, privacy, encryption, audit trailsAbstract
Administrative information systems handle sensitive personal data, making data protection and privacy a critical concern. This paper discusses strategies for ensuring patient protection and confidentiality in these systems, highlighting the importance of a multifaceted approach. A comprehensive literature review and a conceptual framework integrating technical, organizational, and legal measures are presented. Technical strategies include encryption, access control, anonymization, and audit trails. Organizational strategies involve data governance, employee training, incident response planning, and compliance with privacy regulations. Legal strategies focus on compliance with data protection regulations and laws, such as GDPR, NDPR, NDPC, and HIPAA. A mixed-methods approach was adopted, combining a survey of administrative information systems professionals (n = 100) with semi-structured interviews (n = 20). The survey and interviews gathered data on the current state of data protection and privacy practices, highlighting the need for improvement. Recommendations are provided for organizations seeking to improve their data protection and privacy practices, including the implementation of technical, organizational, and legal measures. By applying these strategies, organizations can reduce the risks associated with data breaches, unauthorized access, and non-compliance with legal standards, ensuring the integrity, confidentiality, and availability of sensitive data.
Downloads
