Document Type



This item is available under a Creative Commons License for non-commercial use only


Computer Sciences

Publication Details

Successfully submitted inpartial fulfilment of the requirements of Technological University Dublin for the degree of M.Sc. in Computing (Information Technology), July, 2011.


Small medical practices store and process the health information of their patients in order to aid in providing care to them. Because of this a level of trust exists between the patients and the practice to ensure the sensitive medical data is kept private and secure. There was no formalised way to test if this trust was well deserved and what level of protection was applied to such sensitive health records. A security model that is applicable to small medical practices for the purpose of protecting and securing the personal health information they store was constructed and validated by a security expert from the security industry. This model was then applied to a number of small medical practices to assess the level of data protection and computer security of medical information present in the surveyed practices. In general the practices were found to be complying with the security model, some discrepancies were discovered and noted. A formalised way to test if the trust patients place in their medical practices is well deserved now exists. The trust that the patients of the small medical practices surveyed placed in their practices was well deserved.