Title

Medical insecurity: when one size does not fit all

Document Type

Conference Proceeding

Faculty

Computing, Health and Science

School

Computer and Information Science, Centre for Security Research

RAS ID

4218

Comments

This article was originally published as: Williams, P. (2007). Medical insecurity: when one size does not fit all. Proceedings of the 5th Australian Information Security Management Conference (pp. 226-233). Perth, Western Australia. : SECAU _ Security Research Centre, ECU. Original article available here

Abstract

Security is most commonly seen as a business concept. This is one, reason for the poor uptake and implementation of standard security processes in non-business environments such as general medical practice. It is clear that protection of sensitive patient information is imperative yet the overarching conceptual business processes required to ensure this protection are not well suited to this context. The issue of sensitivity of information. together with the expectation that security can be effectively implemented by non-security trained professionals creates an insecure environment. The general security processes used by business, including those for risk assessment, are difficult to operationally put into practice in the medical environment and this one-sizefits- all approach is shown to be ineffective. Therefore more explicit models are required which provide contextually relevant guidance and can be implemented within the capability of those using them.

This document is currently not available here.

 
COinS