Title

Information security governance: A risk assessment approach to health information systems protection

Document Type

Book Chapter

Publisher

IOS Press

Faculty

Faculty of Health, Engineering and Science

School

School of Computer and Security Science/eHealth Research Group

RAS ID

17234

Comments

This chapter was originally published as: Williams, P. A. (2013). Information security governance: A risk assessment approach to health information systems protection. In E. Hovenga & H. Grain (Eds.). Health information governance in a digital environment (pp. 186-206). Amsterdam, The Netherlands: IOS Press. Original book available here

Abstract

It is no small task to manage the protection of healthcare data and healthcare information systems. In an environment that is demanding adaptation to change for all information collection, storage and retrieval systems, including those for of e-health and information systems, it is imperative that good information security governance is in place. This includes understanding and meeting legislative and regulatory requirements. This chapter provides three models to educate and guide organisations in this complex area, and to simplify the process of information security governance and ensure appropriate and effective measures are put in place. The approach is risk based, adapted and contextualized for healthcare. In addition, specific considerations of the impact of cloud services, secondary use of data, big data and mobile health are discussed.

Share

 
COinS