Information Governance and Cyber Security (Part 2)
12 Pages3275 Words90 Views
Added on 2023-01-16
About This Document
This report discusses the purpose, scope, roles & responsibilities, and information governance policy framework for ensuring information security and cyber security in Wallington Trust Hospital. It also includes an implementation plan and monitoring mechanism for addressing security threats and vulnerabilities.
Information Governance and Cyber Security (Part 2)
Added on 2023-01-16
ShareRelated Documents
Information Governance and
Cyber Security
(Part 2)
Cyber Security
(Part 2)
Table of Contents
Introduction......................................................................................................................................1
Purpose........................................................................................................................................1
Scope...........................................................................................................................................1
Roles & Responsibilities.............................................................................................................2
Information Governance Policy Framework...............................................................................3
Implementation plan as well as monitoring mechanism.............................................................6
Conclusion ......................................................................................................................................8
References........................................................................................................................................9
Introduction......................................................................................................................................1
Purpose........................................................................................................................................1
Scope...........................................................................................................................................1
Roles & Responsibilities.............................................................................................................2
Information Governance Policy Framework...............................................................................3
Implementation plan as well as monitoring mechanism.............................................................6
Conclusion ......................................................................................................................................8
References........................................................................................................................................9
Introduction
Information security policy refers to policies which are being issued by firm for ensuring
that all IT users in domain of firm's network comply to all rules as well as guidelines that are
associated with security of information which is digitally stored within boundaries of authority
(Bang, 2018). Generally, they are outcomes of risk assessment where vulnerabilities are
determined as well as safeguard them. This report is based on Wallington Trust Hospital which
renders health services across London. They are making use of clinical management system for
maintaining integrity along with rendering privacy and confidentiality for information of patients
as well as hospital. This report comprises of purpose, scope along with roles & responsibilities
and information governance policy framework. Furthermore, it comprises of execution plan and
monitoring mechanism for addressing security threats along with mitigation of security
vulnerabilities.
Purpose
The rationale of information security policy is to communicate employees of Walington
Trust Hospital of information governance responsibilities along with other policies so that they
can comply to them. The central policy within the suite of policy is to inform employees what to
do, this have been specified below:
To enhance organisational assets by making sure that data of Walington Trust Hospital
is held confidentially & securely, processed lawfully & fairly, record reliably &
accurately.
To protect information assets of firm from all kind of threats whether they are internal or
external (Clarke, 2016). Along with this, data has to be protected against unauthorised
access by assuring its confidentiality.
To ensure integrity of information for ensuring highest quality of data by meeting
legislative as well as regulatory requirements. Along with this, information governance
training has to be furnished to all employees.
Scope
The information security policies must be applied to all the staff of Walington Trust
Hospital and all others who are involved within handling of information that is furnished by
them (Inkster, 2018). Policies has to be related with information that is being stored as well as
1
Information security policy refers to policies which are being issued by firm for ensuring
that all IT users in domain of firm's network comply to all rules as well as guidelines that are
associated with security of information which is digitally stored within boundaries of authority
(Bang, 2018). Generally, they are outcomes of risk assessment where vulnerabilities are
determined as well as safeguard them. This report is based on Wallington Trust Hospital which
renders health services across London. They are making use of clinical management system for
maintaining integrity along with rendering privacy and confidentiality for information of patients
as well as hospital. This report comprises of purpose, scope along with roles & responsibilities
and information governance policy framework. Furthermore, it comprises of execution plan and
monitoring mechanism for addressing security threats along with mitigation of security
vulnerabilities.
Purpose
The rationale of information security policy is to communicate employees of Walington
Trust Hospital of information governance responsibilities along with other policies so that they
can comply to them. The central policy within the suite of policy is to inform employees what to
do, this have been specified below:
To enhance organisational assets by making sure that data of Walington Trust Hospital
is held confidentially & securely, processed lawfully & fairly, record reliably &
accurately.
To protect information assets of firm from all kind of threats whether they are internal or
external (Clarke, 2016). Along with this, data has to be protected against unauthorised
access by assuring its confidentiality.
To ensure integrity of information for ensuring highest quality of data by meeting
legislative as well as regulatory requirements. Along with this, information governance
training has to be furnished to all employees.
Scope
The information security policies must be applied to all the staff of Walington Trust
Hospital and all others who are involved within handling of information that is furnished by
them (Inkster, 2018). Policies has to be related with information that is being stored as well as
1
one which is under processing. ISP's must address all the users of technology, programs,
systems and facilities without any exclusion. The policies must be deliberate for rendering
control, protecting and managing other crucial assets of Wallington Trust Hospital. These
policies are responsible to cover entire information which is present on their database,
computers and the one which is transmitted via network.
Along with this, it has to be acknowledged that all the staff member are in scope of the
policies that are being formulated (Jayanthi, 2017). They comprises of: staff working on behalf
of or in Wallington Trust Hospital (includes embedded staff, secondees, permanent employees,
contractors and temporary staff) and commissioning support units of Wallington Trust Hospital.
Roles & Responsibilities
Information security policies have to be clearly formulated so that the rationale behind
them can be understood by professionals. They have have to be created in such a way that all the
security breaches which might occur can be prevented as well as mitigated. The roles as
responsibilities of different individuals within Wallington Trust Hospital have been illustrated
beneath:
Chief Executive: They are liable for all the procedural documentation within
organisation. As a accountable officer, they have entire responsibility for establishment as well
as maintenance of effectual document management system along with their governance,
acknowledging entire statutory needs by complying to guidance which have been furnished in
context of procedural documents and information governance (Lam, 2016).
Caldicott Guardian: The Wallington Trust Hospital may appoint their medical director
as a caldicott guardian who will be responsible for ensuring that highest practical standards for
handling information. Along with this, they will facilitate as well as enable suitable data sharing
for making decisions on the behalf of Wallington Trust Hospital for adhering to ethical and
lawful processing of information. Furthermore, it will lead to make sure that confidentiality
issues are clearly covered within the policies.
Senior Information risk owner (SIRO): They are liable for taking up entire ownership of
firms information risk policies as well as will acknowledge the ways in which strategic business
goals may be affected by information risks along with there management (Laybats and
Tredinnick, 2016). SIRO will also be responsible for signing off and taking accountability for
formulation of risk based decisions along with reviews in context of processing of personal data.
2
systems and facilities without any exclusion. The policies must be deliberate for rendering
control, protecting and managing other crucial assets of Wallington Trust Hospital. These
policies are responsible to cover entire information which is present on their database,
computers and the one which is transmitted via network.
Along with this, it has to be acknowledged that all the staff member are in scope of the
policies that are being formulated (Jayanthi, 2017). They comprises of: staff working on behalf
of or in Wallington Trust Hospital (includes embedded staff, secondees, permanent employees,
contractors and temporary staff) and commissioning support units of Wallington Trust Hospital.
Roles & Responsibilities
Information security policies have to be clearly formulated so that the rationale behind
them can be understood by professionals. They have have to be created in such a way that all the
security breaches which might occur can be prevented as well as mitigated. The roles as
responsibilities of different individuals within Wallington Trust Hospital have been illustrated
beneath:
Chief Executive: They are liable for all the procedural documentation within
organisation. As a accountable officer, they have entire responsibility for establishment as well
as maintenance of effectual document management system along with their governance,
acknowledging entire statutory needs by complying to guidance which have been furnished in
context of procedural documents and information governance (Lam, 2016).
Caldicott Guardian: The Wallington Trust Hospital may appoint their medical director
as a caldicott guardian who will be responsible for ensuring that highest practical standards for
handling information. Along with this, they will facilitate as well as enable suitable data sharing
for making decisions on the behalf of Wallington Trust Hospital for adhering to ethical and
lawful processing of information. Furthermore, it will lead to make sure that confidentiality
issues are clearly covered within the policies.
Senior Information risk owner (SIRO): They are liable for taking up entire ownership of
firms information risk policies as well as will acknowledge the ways in which strategic business
goals may be affected by information risks along with there management (Laybats and
Tredinnick, 2016). SIRO will also be responsible for signing off and taking accountability for
formulation of risk based decisions along with reviews in context of processing of personal data.
2
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Information Governance And Cyber Securitylg...
|11
|3243
|86
Importance of Information Governance and Cyber Security Threatslg...
|10
|2965
|32
Information Governance and Cyber Securitylg...
|17
|6166
|47
Information Governance Policylg...
|9
|1926
|260
Information Governance Policy for Ryz Digital Solutionslg...
|3
|623
|351
Security Reportlg...
|9
|2703
|64