Improving the redistribution of the security lessons in healthcare: An evaluation of the Generic Security Template
نویسندگان
چکیده
CONTEXT The recurrence of past security breaches in healthcare showed that lessons had not been effectively learned across different healthcare organisations. Recent studies have identified the need to improve learning from incidents and to share security knowledge to prevent future attacks. Generic Security Templates (GSTs) have been proposed to facilitate this knowledge transfer. The objective of this paper is to evaluate whether potential users in healthcare organisations can exploit the GST technique to share lessons learned from security incidents. METHODOLOGY We conducted a series of case studies to evaluate GSTs. In particular, we used a GST for a security incident in the US Veterans' Affairs Administration to explore whether security lessons could be applied in a very different Chinese healthcare organisation. RESULTS The results showed that Chinese security professional accepted the use of GSTs and that cyber security lessons could be transferred to a Chinese healthcare organisation using this approach. The users also identified the weaknesses and strengths of GSTs, providing suggestions for future improvements. CONCLUSION Generic Security Templates can be used to redistribute lessons learned from security incidents. Sharing cyber security lessons helps organisations consider their own practices and assess whether applicable security standards address concerns raised in previous breaches in other countries. The experience gained from this study provides the basis for future work in conducting similar studies in other healthcare organisations.
منابع مشابه
Identifying factors affecting hospital holding administration in Social Security Organization in Iran using Structural Equations Modeling
Introduction: Hospitals, major components of health system, have a high contribution to healthcare resources. Therefore, considering the importance of hospital holding in effective and efficient hospital management, the current study aimed to identify and explain the role and importance of factors affecting hospital holding administration in Iran Social Security Organization. Methods: This was...
متن کاملQuantitative evaluation of software security: an approach based on UML/SecAM and evidence theory
Quantitative and model-based prediction of security in the architecture design stage facilitates early detection of design faults hence reducing modification costs in subsequent stages of software life cycle. However, an important question arises with respect to the accuracy of input parameters. In practice, security parameters can rarely be estimated accurately due to the lack of sufficient kn...
متن کاملStatic Security Constrained Generation Scheduling Using Sensitivity Characteristics of Neural Network
This paper proposes a novel approach for generation scheduling using sensitivitycharacteristic of a Security Analyzer Neural Network (SANN) for improving static securityof power system. In this paper, the potential overloading at the post contingency steadystateassociated with each line outage is proposed as a security index which is used forevaluation and enhancement of system static security....
متن کاملNATO in Afghanistan Evaluation of its Challeneges for Establishing the Security in an Islamic Country
متن کامل
Security Challenges in Fog Computing in Healthcare
Background and Aim: The Fog Computing is a highly virtualized platform that provides storage, computing and networking services between the Cloud data centers and end devices. Fog computing fits the characteristics of real-time health monitoring systems. In such systems, a large amount of data is acquired from a multitude of bio and environmental sensors. On the other hand, its distribution and...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- International journal of medical informatics
دوره 84 11 شماره
صفحات -
تاریخ انتشار 2015