An information security governance encounter for Australian primary care health providers
Document Type
Conference Proceeding
Publisher
CSREA Press, USA
Faculty
Faculty of Computing, Health and Science
School
School of Computer and Security Science / Security Research Centre (secAU)
RAS ID
10187
Abstract
The competitive nature of business and society means that the protection of information, and governance of the information security function, is increasingly important. This paper illustrates how a governance framework for information security for health providers might be utilized within a meeting to discuss and report on information security governance in a small Australian medical general practice. It uses the idea of an IT Balanced Scorecard as a process for use in governing information security for primary care health providers (general practices), where IT and security skills may be limited. The challenge is that any governance framework needs to be understandable to the target audience so that they can participate in the decisions to be taken at a meeting where governance is reviewed. This paper addresses that challenge by demonstrating how a meeting might unfold by taking typical breaches and showing how governance issues could be resolved and improved.
Comments
Mcdermid, D. C., Mahncke, R. J., & Williams, P. H. (2010). An Information Security Governance Encounter for Australian Primary Care Health Providers. Proceedings of International Conference on Security & Management. (pp. 637-643). Las Vegas, Nevada, USA. CSREA Press, USA. Conference website available here.