Medical insecurity: when one size does not fit all
Document Type
Conference Proceeding
Faculty
Faculty of Computing, Health and Science
School
School of Computer and Information Science / Centre for Security Research
RAS ID
4218
Abstract
Security is most commonly seen as a business concept. This is one, reason for the poor uptake and implementation of standard security processes in non-business environments such as general medical practice. It is clear that protection of sensitive patient information is imperative yet the overarching conceptual business processes required to ensure this protection are not well suited to this context. The issue of sensitivity of information. together with the expectation that security can be effectively implemented by non-security trained professionals creates an insecure environment. The general security processes used by business, including those for risk assessment, are difficult to operationally put into practice in the medical environment and this one-sizefits- all approach is shown to be ineffective. Therefore more explicit models are required which provide contextually relevant guidance and can be implemented within the capability of those using them.
DOI
10.4225/75/57b556dcb8766
Access Rights
Free_to_read
Comments
Williams, P. (2007). Medical insecurity: when one size does not fit all. Proceedings of the 5th Australian Information Security Management Conference (pp. 226-233). Perth, Western Australia. : SECAU _ Security Research Centre, ECU. Available here