DATA MANAGEMENT, FILE DESIGN CONTROL AND SECURITY

SHRI GURU RAM RAI

Institute of Technology and Sciences

BY RAHUL SINGH

Data management, File design control and security:

Health information management (HIM) is information management applied to health and health care. It is the practice of acquiring, analyzing and protecting digital and traditional medical information vital to providing quality patient care. With the widespread computerization of health records, traditional (paper-based) records are being replaced with electronic health records (EHRs). The tools of health informatics and health information technology are continually improving to bring greater efficiency to information management in the health care sector. Both hospital information systems and health human resources information systems (HRHIS) are common implementations of HIM.

Health information management professionals plan information systems, develop health policy, and identify current and future information needs. In addition, they may apply the science of informatics to the collection, storage, analysis, use, and transmission of information to meet legal, professional, ethical and administrative records-keeping requirements of health care delivery. They work with clinical, epidemiological, demographic, financial, reference, and coded healthcare data. Health information administrators have been described to “play a critical role in the delivery of healthcare in the United States through their focus on the collection, maintenance and use of quality data to support the information-intensive and information-reliant healthcare system”.

The World Health Organization (WHO) stated that the proper collection, management and use of information within healthcare systems “will determine the system’s effectiveness in detecting health problems, defining priorities, identifying innovative solutions and allocating resources to improve health outcomes.”

DATA MANAGEMENT

INTRODUCTION : Data management comprises all the disciplines related to managing data as a valuable resource.

The official definition provided by DAMA International, the professional organization for those in the data management profession, is: “Data Resource Management is the development and execution of architectures, policies, practices and procedures that properly manage the full data lifecycle needs of an enterprise.” This definition is fairly broad and encompasses a number of professions which may not have direct technical contact with lower-level aspects of data management, such as relational database management.

Alternatively, the definition provided in the DAMA Data Management Body of Knowledge is: “Data management is the development, execution and supervision of plans, policies, programs and practices that control, protect, deliver and enhance the value of data and information assets.”

The concept of “Data Management” arose in the 1980s as technology moved from sequential processing (first cards, then tape) to random access processing. Since it was now technically possible to store a single fact in a single place and access that using random access disk, those suggesting that “Data Management” was more important than “Process Management” used arguments such as “a customer’s home address is stored in 75 (or some other large number) places in our computer systems.” During this period, random access processing was not competitively fast, so those suggesting “Process Management” was more important than “Data Management” used batch processing time as their primary argument. As applications moved into real-time, interactive applications, it became obvious to most practitioners that both management processes were important. If the data was not well defined, the data would be mis-used in applications. If the process wasn’t well defined, it was impossible to meet user needs.

 

Corporate Data Quality Management

Corporate Data Quality Management (CDQM) is, according to the European Foundation for Quality Management and the Competence Center Corporate Data Quality (CC CDQ, University of St. Gallen), the whole set of activities intended to improve corporate data quality (both reactive and preventive). Main premise of CDQM is the business relevance of high-quality corporate data. CDQM comprises with following activity areas:

  • Strategy for Corporate Data Quality: As CDQM is affected by various business drivers and requires involvement of multiple divisions in an organization; it must be considered a company-wide endeavor.
  • Corporate Data Quality Controlling: Effective CDQM requires compliance with standards, policies, and procedures. Compliance is monitored according to previously defined metrics and performance indicators and reported to stakeholders.
  • Corporate Data Quality Organization: CDQM requires clear roles and responsibilities for the use of corporate data. The CDQM organization defines tasks and privileges for decision making for CDQM.
  • Corporate Data Quality Processes and Methods: In order to handle corporate data properly and in a standardized way across the entire organization and to ensure corporate data quality, standard procedures and guidelines must be embedded in company’s daily processes.
  • Data Architecture for Corporate Data Quality: The data architecture consists of the data object model – which comprises the unambiguous definition and the conceptual model of corporate data – and the data storage and distribution architecture.
  • Applications for Corporate Data Quality: Software applications support the activities of Corporate Data Quality Management. Their use must be planned, monitored, managed and continuously improved.

Topics in Data Management

Topics in Data Management, grouped by the DAMA DMBOK Framework, include:

  1. Data governance
  2. Data Architecture, Analysis and Design
  3. Database Management
  4. Data Security Management
  5. Data Quality Management
  6. Reference and Master Data Management
  7. Data Warehousing and Business Intelligence Management

 

  1. Document, Record and Content Management
  2. Meta Data Management
  3. Contact Data Management

Body of Knowledge

The DAMA Guide to the Data Management Body of Knowledge” (DAMA-DMBOK Guide), under the guidance of a new DAMA-DMBOK Editorial Board. This publication is available from April 5, 2009.

Design Control  

1) Design Control – States that when manufacturers or suppliers develop a product subject to design controls, they shall establish and maintain the proper documentation to ensure the specified design requirements are met.

Data Control and Security

Network security means protecting data, such as a database, from destructive forces and from the unwanted actions of unauthorized users.

Data security technologies

Disk encryption

Disk encryption refers to encryption technology that encrypts data on a hard disk drive. Disk encryption typically takes form in either software (see disk encryption software) or hardware (see disk encryption hardware). Disk encryption is often referred to as on-the-fly encryption (OTFE) or transparent encryption.

Software versus hardware-based mechanisms for protecting data

Software-based security solutions encrypt the data to protect it from theft. However, a malicious program or a hacker could corrupt the data in order to make it unrecoverable, making the system unusable. Hardware-based security solutions can prevent read and write access to data and hence offer very strong protection against tampering and unauthorized access.

Hardware based security or assisted computer security offers an alternative to software-only computer security. Security tokens such as those using PKCS#11 may be more secure due to the physical access required in order to be compromised. Access is enabled only when the token is connected and correct PIN is entered (see two-factor authentication). However, dongles can be used by anyone who can gain physical access to it. Newer technologies in hardware-based security solves this problem offering fool proof security for data.

Working of hardware-based security: A hardware device allows a user to log in, log out and set different privilege levels by doing manual actions. The device uses biometric technology to prevent malicious users from logging in, logging out, and changing privilege levels. The current state of a user of the device is read by controllers in peripheral devices such as hard disks. Illegal access by a malicious user or a malicious program is interrupted based on the current state of a user by hard disk and DVD controllers making illegal access to data impossible. Hardware-based access control is more secure than protection provided by the operating systems as operating systems are vulnerable to malicious attacks by viruses and hackers. The data on hard disks can be corrupted after a malicious access is obtained. With hardware-based protection, software cannot manipulate the user privilege levels. It is impossible for a hacker or a malicious program to gain access to secure data protected by hardware or perform unauthorized privileged operations. This assumption is broken only if the hardware itself is malicious or contains a backdoor. The hardware protects the operating system image and file system privileges from being tampered. Therefore, a completely secure system can be created using a combination of hardware-based security and secure system administration policies.

Backups

Backups are used to ensure data which is lost can be recovered from another source. It is considered essential to keep a backup of any data in most industries and the process is recommended for any files of importance to a user.

Data masking

Data masking of structured data is the process of obscuring (masking) specific data within a database table or cell to ensure that data security is maintained and sensitive information is not exposed to unauthorized personnel. This may include masking the data from users (for example so banking customer representatives can only see the last 4 digits of a customer’s national identity number), developers (who need real production data to test new software releases but should not be able to see sensitive financial data), outsourcing vendors, etc.

Data erasure

Data erasure is a method of software-based overwriting that completely destroys all electronic data residing on a hard drive or other digital media to ensure that no sensitive data is leaked when an asset is retired or reused…