Information Security Management for Nursing School in Australia
VerifiedAdded on 2023/06/07
|11
|2173
|215
AI Summary
This report discusses legal issues and ethics related to information security management for a nursing school in Australia that is introducing virtual classrooms through satellite campuses. It also suggests measures to prevent staff members from handling information unethically.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running head: INFORMATION SECURITY MANAGEMENT
Information Security Management
Name of the Student
Name of the University
Author Note
Information Security Management
Name of the Student
Name of the University
Author Note
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1INFORMATION SECURITY MANAGEMENT
Abstract
NTN is a health institute that prepares the nurses for their respective services in Australia. Its
main campus is located in Sydney and the satellite campuses are located in Darwin and Cairns.
NTN has made agreements with three private hospitals in Sydney, Darwin and Cairns to provide
the internship and training to the students of the nursing school. All three private hospitals and
the main and satellite campuses of NTN are connected to the Internet. Lecture, tutorial and
laboratory classes are conducted in the campus in Sydney and they are live-video streamed to the
satellite campuses forming a virtual classroom. The instructors and the students in the satellite
campuses can directly communicate with the lecturer in the Sydney campus when a virtual class
is in progress. At any time, there will be at most 200 students in the main campus and a
maximum of 100 students in each satellite campus participating in a virtual class. However, these
numbers are expected to double within the next couple of years. The following report would be
based on handing the information security in the institution after the ICT approach is applied in
the institution since NTN had recently appointed staff for its Information Security Division
headed by a Chief Information Security Officer (CISO) to design and launch an information
security program.
Abstract
NTN is a health institute that prepares the nurses for their respective services in Australia. Its
main campus is located in Sydney and the satellite campuses are located in Darwin and Cairns.
NTN has made agreements with three private hospitals in Sydney, Darwin and Cairns to provide
the internship and training to the students of the nursing school. All three private hospitals and
the main and satellite campuses of NTN are connected to the Internet. Lecture, tutorial and
laboratory classes are conducted in the campus in Sydney and they are live-video streamed to the
satellite campuses forming a virtual classroom. The instructors and the students in the satellite
campuses can directly communicate with the lecturer in the Sydney campus when a virtual class
is in progress. At any time, there will be at most 200 students in the main campus and a
maximum of 100 students in each satellite campus participating in a virtual class. However, these
numbers are expected to double within the next couple of years. The following report would be
based on handing the information security in the institution after the ICT approach is applied in
the institution since NTN had recently appointed staff for its Information Security Division
headed by a Chief Information Security Officer (CISO) to design and launch an information
security program.
2INFORMATION SECURITY MANAGEMENT
Table of Contents
Introduction......................................................................................................................................3
a) Legal issues related to mishandling of information of patients by the mobile teams of NTN 3
b) Ethics in InfoSec of the staff of Information Security Division of NTN................................4
c) The measures that the Information Security Division should take to prevent all staff
members of NTN from handling information unethically...........................................................5
d) Assume that you obtained a job at the Information Security Division of NTN. Your line
manager asked you to study the InfoSec programs and policies of similar health-related
organizations on the web and provide the following information:..............................................6
i) Components of InfoSec programs that you found...............................................................6
ii) National and/or international InfoSec standards that these organizations follow...............7
Conclusion.......................................................................................................................................7
References........................................................................................................................................8
Table of Contents
Introduction......................................................................................................................................3
a) Legal issues related to mishandling of information of patients by the mobile teams of NTN 3
b) Ethics in InfoSec of the staff of Information Security Division of NTN................................4
c) The measures that the Information Security Division should take to prevent all staff
members of NTN from handling information unethically...........................................................5
d) Assume that you obtained a job at the Information Security Division of NTN. Your line
manager asked you to study the InfoSec programs and policies of similar health-related
organizations on the web and provide the following information:..............................................6
i) Components of InfoSec programs that you found...............................................................6
ii) National and/or international InfoSec standards that these organizations follow...............7
Conclusion.......................................................................................................................................7
References........................................................................................................................................8
3INFORMATION SECURITY MANAGEMENT
Introduction
According to the latest technological advancements it is not a very new implementation
that live campuses are introduced within various educational institutions. The provision of the
virtual classrooms has been presented to the educational platforms by the technological
advancements which also comes along with information security management that the
educational institutions need to adapt (Heimes 2016). Following would be a case study report
regarding a Nursing School in Australia called NTN that is going to introduce virtual classrooms
through satellite campuses for over 200 students at once. The report regarding this would consist
of the legal issues and ethics that the nursing Institute needs to maintain and the measures that
the information security division should apply to prevent all the staff members of NTN from
unethically handling the information system.
a) Legal issues related to mishandling of information of patients by the mobile teams
of NTN
There is a possibility of massive legal issues related to the mishandling of the information
system of the patients by the mobile teams of NTN. The legal issues can be implemented on any
member of the team for the various reasons. This can be characterized by disclosing information
about the patient, mishandling the medical records or medical devices been stolen, unethical
handling of the patient data through mobiles and social beaches (Chen and Benusa 2017). For a
person to violate the handling of patient data and treating it on the basis of mismanagement the
breaches that can occur for a patient is also unethical. For this reason legal proceedings can occur
against the person who has violated the law regarding handling of patient data as well as for the
Introduction
According to the latest technological advancements it is not a very new implementation
that live campuses are introduced within various educational institutions. The provision of the
virtual classrooms has been presented to the educational platforms by the technological
advancements which also comes along with information security management that the
educational institutions need to adapt (Heimes 2016). Following would be a case study report
regarding a Nursing School in Australia called NTN that is going to introduce virtual classrooms
through satellite campuses for over 200 students at once. The report regarding this would consist
of the legal issues and ethics that the nursing Institute needs to maintain and the measures that
the information security division should apply to prevent all the staff members of NTN from
unethically handling the information system.
a) Legal issues related to mishandling of information of patients by the mobile teams
of NTN
There is a possibility of massive legal issues related to the mishandling of the information
system of the patients by the mobile teams of NTN. The legal issues can be implemented on any
member of the team for the various reasons. This can be characterized by disclosing information
about the patient, mishandling the medical records or medical devices been stolen, unethical
handling of the patient data through mobiles and social beaches (Chen and Benusa 2017). For a
person to violate the handling of patient data and treating it on the basis of mismanagement the
breaches that can occur for a patient is also unethical. For this reason legal proceedings can occur
against the person who has violated the law regarding handling of patient data as well as for the
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
4INFORMATION SECURITY MANAGEMENT
level of negligence cause the penalties from the team member can be taken at arrange a 100
AUD to 50000 AUD (Silic and Back 2014).
The legal issues show created because latest implementation of Technology enables the
EHR machines do not just store the health date of a patient but also includes the contact
information of patients and including other personal data.
b) Ethics in InfoSec of the staff of Information Security Division of NTN
Information Security Division of NTN falls under the ICT based zone of work. Thus, it
has to abide by the ethics and codes of conducts as per the Ethical set standards the NTN
institution is set in. NTN institution is set up in the continental country of Australia and thus it
has to follow the set standards by the ACS codes of conduct (McLaughlin and Gogan 2017).
Therefore, the staff of Information Security Division of NTN should be following the six ethical
standards as set by the ACS codes of Conduct in the InfoSec.
The six basic set standards that the staff of Information Security Division should follow
are as follows:
1. The Primacy of the Public Interest: The staff of NTN has to make sure that whatever
their conduct is, it should always be dedicated to the requirements of the students only. They are
on the receiving end of the services provided by the nursing institution, therefore it is to be kept
in mid that the ethical conducts should always work for the benefit of the nursing students.
2. The Enhancement of Quality of Life: The live video streaming classes to the nursing
student requires ICT setup within the institution and thus, it is to be made sure that all the
requirements and codes of conduct by the staff should be only towards enhancing the quality of
level of negligence cause the penalties from the team member can be taken at arrange a 100
AUD to 50000 AUD (Silic and Back 2014).
The legal issues show created because latest implementation of Technology enables the
EHR machines do not just store the health date of a patient but also includes the contact
information of patients and including other personal data.
b) Ethics in InfoSec of the staff of Information Security Division of NTN
Information Security Division of NTN falls under the ICT based zone of work. Thus, it
has to abide by the ethics and codes of conducts as per the Ethical set standards the NTN
institution is set in. NTN institution is set up in the continental country of Australia and thus it
has to follow the set standards by the ACS codes of conduct (McLaughlin and Gogan 2017).
Therefore, the staff of Information Security Division of NTN should be following the six ethical
standards as set by the ACS codes of Conduct in the InfoSec.
The six basic set standards that the staff of Information Security Division should follow
are as follows:
1. The Primacy of the Public Interest: The staff of NTN has to make sure that whatever
their conduct is, it should always be dedicated to the requirements of the students only. They are
on the receiving end of the services provided by the nursing institution, therefore it is to be kept
in mid that the ethical conducts should always work for the benefit of the nursing students.
2. The Enhancement of Quality of Life: The live video streaming classes to the nursing
student requires ICT setup within the institution and thus, it is to be made sure that all the
requirements and codes of conduct by the staff should be only towards enhancing the quality of
5INFORMATION SECURITY MANAGEMENT
life of the students with the provision and implementation of the new technically advanced
feature (Ramalingam, Lakshminarayanan and Khan 2016).
3. Honesty: The information security techniques should be applied honestly to the
working strategy for the staff of NTN since it deals with a pile of confidential information of
numerous students and teachers and staff as well. Any dishonesty in the codes of conduct should
be punishable since these data can never be compromised.
4. Competence: The core competence for the institution should be working to maintain
the diligence of their codes of conduct so that it would prevent causing any ruckus in the
institution for initiating digitization and thus help the institution stay ahead of the other nursing
institutes.
5. Professional Development: Ideally, it is justified by the ACS codes of conduct that
maintaining ethical values in the codes of conduct, a person can only develop individually as per
their profession. Thus, the staff of Information Security Division of NTN should also focus
towards this goal.
6. Professionalism: The staff of the Information Security Division for NTN is expected
to be thoroughly professional and should not be driven by any sort of personal interest towards
their duty. There should be a proper balance maintained between the professional and personal
life.
c) The measures that the Information Security Division should take to prevent all
staff members of NTN from handling information unethically
The case study has already predicted that there would be more student incoming every
year. This is also the case with data management in the latest era since it is found that the amount
life of the students with the provision and implementation of the new technically advanced
feature (Ramalingam, Lakshminarayanan and Khan 2016).
3. Honesty: The information security techniques should be applied honestly to the
working strategy for the staff of NTN since it deals with a pile of confidential information of
numerous students and teachers and staff as well. Any dishonesty in the codes of conduct should
be punishable since these data can never be compromised.
4. Competence: The core competence for the institution should be working to maintain
the diligence of their codes of conduct so that it would prevent causing any ruckus in the
institution for initiating digitization and thus help the institution stay ahead of the other nursing
institutes.
5. Professional Development: Ideally, it is justified by the ACS codes of conduct that
maintaining ethical values in the codes of conduct, a person can only develop individually as per
their profession. Thus, the staff of Information Security Division of NTN should also focus
towards this goal.
6. Professionalism: The staff of the Information Security Division for NTN is expected
to be thoroughly professional and should not be driven by any sort of personal interest towards
their duty. There should be a proper balance maintained between the professional and personal
life.
c) The measures that the Information Security Division should take to prevent all
staff members of NTN from handling information unethically
The case study has already predicted that there would be more student incoming every
year. This is also the case with data management in the latest era since it is found that the amount
6INFORMATION SECURITY MANAGEMENT
of data keeps on increasing every day (Laudon and Laudon 2016). It would become difficult to
handle such a huge amount of data and there should also be a set methodology to handle these
with ease even with the increasing amounts per year. Thus, following would be few suggested
measures taken to prevent the staff members of NTN from handling the information unethically:
Handling data as a corporate asset should be the sole priority of the staff.
The CISO should be made the responsible person to look after the data
management procedure
Only the CISO can access and handle the student data at free will and the
unauthorized accessing of data should be absolutely prohibited (Nelson and
Staggers 2016).
There should be a set principle or set or policies implied upon the processing in
the organization which should be ardently followed by all the staff members.
Each member should be adhering to the policies while serving the institution.
The CISO should partner with executive peers to develop and execute the
organization’s data management policies.
d) Assume that you obtained a job at the Information Security Division of NTN.
Your line manager asked you to study the InfoSec programs and policies of similar
health-related organizations on the web and provide the following information:
i) Components of InfoSec programs that you found
The components of InfoSec programs that have been found out of the web researches can
be listed as below:
Network Security
of data keeps on increasing every day (Laudon and Laudon 2016). It would become difficult to
handle such a huge amount of data and there should also be a set methodology to handle these
with ease even with the increasing amounts per year. Thus, following would be few suggested
measures taken to prevent the staff members of NTN from handling the information unethically:
Handling data as a corporate asset should be the sole priority of the staff.
The CISO should be made the responsible person to look after the data
management procedure
Only the CISO can access and handle the student data at free will and the
unauthorized accessing of data should be absolutely prohibited (Nelson and
Staggers 2016).
There should be a set principle or set or policies implied upon the processing in
the organization which should be ardently followed by all the staff members.
Each member should be adhering to the policies while serving the institution.
The CISO should partner with executive peers to develop and execute the
organization’s data management policies.
d) Assume that you obtained a job at the Information Security Division of NTN.
Your line manager asked you to study the InfoSec programs and policies of similar
health-related organizations on the web and provide the following information:
i) Components of InfoSec programs that you found
The components of InfoSec programs that have been found out of the web researches can
be listed as below:
Network Security
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7INFORMATION SECURITY MANAGEMENT
Application Security
Risk Management, including risk assessment, risk treatment and continuous
monitoring of the risks (Amankwa, Loock and Kritzinger 2015).
Compliance management
Disaster recovery
Physical security management
Identity management and data access
Incident management
ii) National and/or international InfoSec standards that these organizations follow
The national and international InfoSec Standards that the health organizations follow
have been found as per web research and can be listed as follows:
NIST framework for improving the critical cyber security
HITRUST standards for cybersecurity (Sallis 2014).
CIS critical security controls
ISO cybersecurity standards
COBIT information security standards
Conclusion
Therefore it can be said that the implementation of any technically advanced form of
educational system in an institution should always be followed by specific set of planning and
knowledge about ethically and legally handling the Information Security System that goes hand
in hand with this implementation. Thus, with a case study report regarding the Nursing School in
Australia called NTN that is going to introduce virtual classrooms through satellite campuses for
Application Security
Risk Management, including risk assessment, risk treatment and continuous
monitoring of the risks (Amankwa, Loock and Kritzinger 2015).
Compliance management
Disaster recovery
Physical security management
Identity management and data access
Incident management
ii) National and/or international InfoSec standards that these organizations follow
The national and international InfoSec Standards that the health organizations follow
have been found as per web research and can be listed as follows:
NIST framework for improving the critical cyber security
HITRUST standards for cybersecurity (Sallis 2014).
CIS critical security controls
ISO cybersecurity standards
COBIT information security standards
Conclusion
Therefore it can be said that the implementation of any technically advanced form of
educational system in an institution should always be followed by specific set of planning and
knowledge about ethically and legally handling the Information Security System that goes hand
in hand with this implementation. Thus, with a case study report regarding the Nursing School in
Australia called NTN that is going to introduce virtual classrooms through satellite campuses for
8INFORMATION SECURITY MANAGEMENT
over 200 students at once, the analysis is made. The report regarding this consisted of the legal
issues and ethics that the nursing Institute needs to maintain and the measures that the
information security division should apply to prevent all the staff members of NTN from
unethically handling the information system.
over 200 students at once, the analysis is made. The report regarding this consisted of the legal
issues and ethics that the nursing Institute needs to maintain and the measures that the
information security division should apply to prevent all the staff members of NTN from
unethically handling the information system.
9INFORMATION SECURITY MANAGEMENT
References
Amankwa, E., Loock, M. and Kritzinger, E., 2015, November. Enhancing information security
education and awareness: Proposed characteristics for a model. In Information Security and
Cyber Forensics (InfoSec), 2015 Second International Conference on (pp. 72-77). IEEE.
Benslimane, Y., Yang, Z. and Bahli, B., 2016, December. Information Security between
Standards, Certifications and Technologies: An Empirical Study. In Information Science and
Security (ICISS), 2016 International Conference on (pp. 1-5). IEEE.
Chen, J.Q. and Benusa, A., 2017. HIPAA security compliance challenges: The case for small
healthcare providers. International Journal of Healthcare Management, 10(2), pp.135-146.
Heimes, R., 2016. Global InfoSec and Breach Standards. IEEE Security & Privacy, 14(5), pp.68-
72.
Laudon, K.C. and Laudon, J.P., 2016. Management information system. Pearson Education
India.
McLaughlin, M.D. and Gogan, J., 2017, January. InfoSec Research in Prominent IS Journals:
Findings and Implications for the CIO and Board of Directors. In Proceedings of the 50th
Hawaii International Conference on System Sciences.
Nelson, R. and Staggers, N., 2016. Health Informatics-E-Book: An Interprofessional Approach.
Elsevier Health Sciences.
Ramalingam, R., Lakshminarayanan, R. and Khan, S., 2016. Information Security Awareness at
Oman Educational Institutions: An Academic Prespective. arXiv preprint arXiv:1605.05580.
Sallis, E., 2014. Total quality management in education. Routledge.
References
Amankwa, E., Loock, M. and Kritzinger, E., 2015, November. Enhancing information security
education and awareness: Proposed characteristics for a model. In Information Security and
Cyber Forensics (InfoSec), 2015 Second International Conference on (pp. 72-77). IEEE.
Benslimane, Y., Yang, Z. and Bahli, B., 2016, December. Information Security between
Standards, Certifications and Technologies: An Empirical Study. In Information Science and
Security (ICISS), 2016 International Conference on (pp. 1-5). IEEE.
Chen, J.Q. and Benusa, A., 2017. HIPAA security compliance challenges: The case for small
healthcare providers. International Journal of Healthcare Management, 10(2), pp.135-146.
Heimes, R., 2016. Global InfoSec and Breach Standards. IEEE Security & Privacy, 14(5), pp.68-
72.
Laudon, K.C. and Laudon, J.P., 2016. Management information system. Pearson Education
India.
McLaughlin, M.D. and Gogan, J., 2017, January. InfoSec Research in Prominent IS Journals:
Findings and Implications for the CIO and Board of Directors. In Proceedings of the 50th
Hawaii International Conference on System Sciences.
Nelson, R. and Staggers, N., 2016. Health Informatics-E-Book: An Interprofessional Approach.
Elsevier Health Sciences.
Ramalingam, R., Lakshminarayanan, R. and Khan, S., 2016. Information Security Awareness at
Oman Educational Institutions: An Academic Prespective. arXiv preprint arXiv:1605.05580.
Sallis, E., 2014. Total quality management in education. Routledge.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
10INFORMATION SECURITY MANAGEMENT
Silic, M. and Back, A., 2014. Information security: Critical review and future directions for
research. Information Management & Computer Security, 22(3), pp.279-308.
Silic, M. and Back, A., 2014. Information security: Critical review and future directions for
research. Information Management & Computer Security, 22(3), pp.279-308.
1 out of 11
Related Documents
![[object Object]](/_next/image/?url=%2F_next%2Fstatic%2Fmedia%2Flogo.6d15ce61.png&w=640&q=75){kind=small}
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.