Information Security Management Systems in the Healthcare Context
نویسندگان
چکیده
The ISO/IEC 27799 standard for information security management in health was released in 2008. The standard contains a substantial section (Section 6) covering information security management systems in the healthcare context. This raises the question whether the ISO/IEC 27799 purports a difference between the generic standard for information security management systems (as embodied in the ISO/IEC 27001) and what is contained in Section 6 of the ISO/IEC 27799 standard. The aim of this paper is to determine whether this is the case, based on a comparative analysis that was conducted between the ISO/IEC 27001 and ISO/IEC 27799 standards. The results of the comparison are summarized and the additional directives provided by the ISO/IEC 27799, categorized to explain their purpose.
منابع مشابه
Identifying and Ranking Technology-Telecommunications Context of Information Security anagement System in E-Government Using Fuzzy AHP Approach
In recent years, many security threats have entered into the organizations’ information and changed the organizational performance resulting in their exorbitant costs. This question is of particular importanceabout government agencies that use information and Internet systems. This issue enabled the top managers of organizations to implement a security system and minimize these costs. Using In...
متن کاملContext-Aware Recommender Systems: A Review of the Structure Research
Recommender systems are a branch of retrieval systems and information matching, which through identifying the interests and requires of the user, help the users achieve the desired information or service through a massive selection of choices. In recent years, the recommender systems apply describing information in the terms of the user, such as location, time, and task, in order to produce re...
متن کاملEmpirical Study of Nova Scotia Nurses’ Adoption of Healthcare Information Systems: Implications for Management and Policy-Making
Background This paper used the Theory of Planned Behavior (TPB), which was extended, to investigate nurses’ adoption of healthcare information systems (HIS) in Nova Scotia, Canada. Methods Data was collected from 197 nurses in a survey and data analysis was carried out using the partial least squares (PLS) technique. Results In contrast to findings in prior studies that used TPB to investig...
متن کاملArtificial Intelligence Tools in Health Information Management
Application of ICT in health (eHealth) has become an integral part of modern healthcare systems. Electronic health information management has proven useful in improving quality of health care, reducing costs and facilitating health research. However, the increasing complexity of healthcare and the growing demand for high quality healthcare delivery has created a need for eHealth systems with t...
متن کاملExploring the Type of Relationship between Information Security Management and Organizational Culture (Case Study in TAM Iran Khodro Co.)
A culture conducive to information security practice is extremely important for organizations since information has to be critical assets in modern enterprises. Thus for understanding and improving the organizational behavior with regard to information security, enterprises may look into organizational culture and examine how it affects the effectiveness of implementing ISM. This study aims ...
متن کاملامنیت اطلاعات سامانه های تحت وب نهاد کتابخانه های عمومی کشور
Purpose: This paper aims to evaluate the security of web-based information systems of Iran Public Libraries Foundation (IPLF). Methodology: Survey method was used as a method for implementation. The tool for data collection was a questionnaire, based on the standard ISO/IEC 27002, that has the eleven indicators and 79 sub-criteria, which examines security of web-based information systems of IP...
متن کامل