Information security governance: A risk assessment approach to health information systems protection
Document Type
Book Chapter
Publisher
IOS Press
Faculty
Faculty of Health, Engineering and Science
School
School of Computer and Security Science / eHealth Research Group
RAS ID
17234
Abstract
It is no small task to manage the protection of healthcare data and healthcare information systems. In an environment that is demanding adaptation to change for all information collection, storage and retrieval systems, including those for of e-health and information systems, it is imperative that good information security governance is in place. This includes understanding and meeting legislative and regulatory requirements. This chapter provides three models to educate and guide organisations in this complex area, and to simplify the process of information security governance and ensure appropriate and effective measures are put in place. The approach is risk based, adapted and contextualized for healthcare. In addition, specific considerations of the impact of cloud services, secondary use of data, big data and mobile health are discussed.
DOI
10.3233/978-1-61499-291-2-186
Comments
Williams, P. A. (2013). Information security governance: A risk assessment approach to health information systems protection. In E. Hovenga & H. Grain (Eds.). Health information governance in a digital environment (pp. 186-206). Amsterdam, The Netherlands: IOS Press. Original book available here