Interpreting international governance standards for health IT use within general medical practice

Document Type

Conference Proceeding

Publisher

IOS Press

Faculty

Faculty of Health, Engineering and Science

School

School of Computer and Security Science / eHealth Research Group

RAS ID

19335

Comments

Mahncke, R. J., & Williams, P. A. (2014). Interpreting international governance standards for health IT use within general medical practice. Proceedings of National Health Informatics Conference. (pp. 86-91). Melbourne, VIC. IOS Press. Available here

Abstract

General practices in Australia recognise the importance of comprehensive protective security measures. Some elements of information security governance are incorporated into recommended standards, however the governance component of information security is still insufficiently addressed in practice. The International Organistion for Standardisation (ISO) released a new global standard in May 2013 entitled, ISO/IEC 27014:2013 Information technology - Security techniques - Governance of information security. This standard, applicable to organisations of all sizes, offers a framework against which to assess and implement the governance components of information security. The standard demonstrates the relationship between governance and the management of information security, provides strategic principles and processes, and forms the basis for establishing a positive information security culture. An analysis interpretation of this standard for use in Australian general practice was performed. This work is unique as such interpretation for the Australian healthcare environment has not been undertaken before. It demonstrates an application of the standard at a strategic level to inform existing development of an information security governance framework.

DOI

10.3233/978-1-61499-427-5-86

Access Rights

subscription content

Share

 
COinS