n South African Computer Journal - A new approach to risk management in the health-care domain

Volume 2001, Issue 27
  • ISSN : 1015-7999
  • E-ISSN: 2313-7835



This paper is devoted to the presentation of a risk-management methodology (RiMaHCoF) that is specifically tailored for the health-care environment. The proposed methodology includes five successive stages in all, namely initiation, domain analysis, risk assessment, risk analysis and domain monitoring. This paper focuses on the risk analysis stage. The RiMaHCoF ("Risk Management in Health Care - using Cognitive Fuzzy techniques") methodology enhances risk management in the specific domain of health care in the sense that it deems the patient's health-care information, processed and stored in a typical health-care institution, to be of utmost importance to such institution. The methodology further enhances risk management in this domain in that it incorporates cognitive fuzzy-logic techniques - as opposed to quantitative techniques such as annual loss exposure (ALE) calculation - to assess and analyse the information-technology risks. In this way, it is ensured that full cognisance is taken of the intuitive nature of human observation when assessing the possible IT risks to be incurred in a health-care institution. In addition, the methodology takes into account the vagueness of the decision making process with respect to securing patient information. The cognitive fuzzy approach to the assessment and analysis of information technology risks in health care does not only identify the high-risk areas within a typical health-care institution, but also helps to manage risks by facilitating the decision-making process with respect to securing patient information.

Loading full text...

Full text loading...


Article metrics loading...


This is a required field
Please enter a valid email address
Approval was a Success
Invalid data
An Error Occurred
Approval was partially successful, following selected items could not be processed due to error