Document Type

Journal Article

Publisher

Association of Digital Forensics, Security and Law

Faculty

Faculty of Computing, Health and Science

School

School of Computer and Information Science

RAS ID

4670

Comments

Williams, P. (2007). Information Governance: A Model for Security in Medical Practice. Journal of Digital Forensics, Security and Law. Vol 2(1): 57-73. Available here

Abstract

Information governance is becoming an important aspect of organisational accountability. In consideration that information is an integral asset of most organisations, the protection of this asset will increasingly rely on organisational capabilities in security. In the medical arena this information is primarily sensitive patient-based information'. Previous research has shown that application of security measures is a low priority for primary care medical practice and that awareness of the risks are seriously underestimated. Consequently, information security governance will be a key issue for medical practice in the future. Information security governance is a relatively new term ,and there is little existing research into how to meet 'governance requirements. The limited research that exists describes information security governance frameworks at a strategic level. However, since medical practice is already lagging in the implementation of appropriate security, such definition may not be practical although it is obviously desirable. This paper describes an ongoing action research project undertaken in the area of medical information security, and presents a tactical approach model aimed at addressing information security governance and the protection of medical data.

Creative Commons License

Creative Commons Attribution 4.0 License
This work is licensed under a Creative Commons Attribution 4.0 License.

Share

 
COinS