OpenMRS Security Assessment

OpenMRS is an open-source medical record management system. It is very popular in some parts of the world, but requires work to make it compatible with Department of Health and Human Services regulations authorized by the Health Insurance Portability and Accountability Act (HIPAA). This series of assignments aims to identify specific changes that are required to achieve HIPAA compliance to use OpenMRS in the context of a small medical practice or hospital. (Larger medical practices and hospitals typically have more complex situations and unique risks that require them to conduct their own assessment.)

This is a series of assignments that walk a computer security class through the process of conducting a security assessment of OpenMRS.

Assignments

• OpenMRS Security Assessment 1 Gather documentation
• OpenMRS Security Assessment 2 Interview
• OpenMRS Security Assessment 3 Set up the environment
• OpenMRS Security Assessment 4 Identify assets and threats
• OpenMRS Security Assessment 5 Assess risks and design principles
• OpenMRS Security Assessment 6 Make recommendations and write final report

This work by Steven P. Crain (...@plattsburgh.edu) is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License