logo

Planning and Formulation of Security Policy for Royal Melbourne Hospital

This report gives you the opportunity to research, formulate, develop and document a basic security policy for a specific organization in Australia ECXEPT for BANKING/MORTGAGE organisation. Moreover, you are required to analyze, record, resolve security incidents and identify and assess the threats to, and vulnerabilities of the organisation’s networks.

12 Pages3310 Words420 Views
   

Added on  2022-10-14

About This Document

This article discusses the planning and formulation of security policies for Royal Melbourne Hospital to ensure the safety of patients' data. It highlights potential threats and vulnerabilities and suggests ways to mitigate them. The policies are designed for doctors, nurses, and system administrators, and the management of the policies is also discussed. The article emphasizes the importance of compliance with the policies and the need for regular revisiting and monitoring. The article also stresses the need for training and awareness among employees to prevent insider security threats.

Planning and Formulation of Security Policy for Royal Melbourne Hospital

This report gives you the opportunity to research, formulate, develop and document a basic security policy for a specific organization in Australia ECXEPT for BANKING/MORTGAGE organisation. Moreover, you are required to analyze, record, resolve security incidents and identify and assess the threats to, and vulnerabilities of the organisation’s networks.

   Added on 2022-10-14

ShareRelated Documents
PLANNING AND FORMULATION OF SECURITY POLICY 1
PLANNING AND FORMULATION OF SECURITY POLICY FOR ROYAL
MELBOURNE HOSPITAL
Student Name
Tutor
Institutional Affiliations
State
Date
Planning and Formulation of Security Policy for Royal Melbourne Hospital_1
PLANNING AND FORMULATION OF SECURITY POLICY 2
Executive summary
Information system is obligatory for organizations in the current era. We have
experienced drastic change in the way data is generated and managed. This has also changed the
way people interact not only at personal level but also at organizational level. We have amassed
significant benefits from the new era but it is associated with its challenges in terms of privacy
and information security. This is also reflected by the ever growing legislations on information
security around the world.
As a national healthcare organization that is committed high quality healthcare services,
Royal Melbourne Hospital has a legal, ethical as well as professional duty to ensure that sensitive
data it holds for its clients conforms to integrity, confidentiality and availability principles. The
organization is obliged to ensure that the information it holds is secured from any form of
security breach. Following this rationale, the purpose of this document is to research, formulate,
develop and document basic security policies for the organization. The policies will be the
cornerstone of Royal Melbourne healthcare to enhance and manage its information security
procedures.
Table of Contents
Planning and Formulation of Security Policy for Royal Melbourne Hospital_2
PLANNING AND FORMULATION OF SECURITY POLICY 3
Executive summary........................................................................................................ 2
Table of Contents........................................................................................................... 3
PLANNING AND FORMULATION OF SECURITY POLICY FOR ROYAL MELBOURNE
HOSPITAL................................................................................................................... 4
Introduction.................................................................................................................. 4
Security incidents in information system............................................................................. 4
Security policies............................................................................................................. 5
The system access security policy plan................................................................................6
Security policies for information system access.....................................................................6
Doctors......................................................................................................................... 7
Purpose.................................................................................................................. 7
Policy..................................................................................................................... 7
Nurses.......................................................................................................................... 7
Purpose.................................................................................................................. 8
Policy..................................................................................................................... 8
System administrators..................................................................................................... 8
Purpose.................................................................................................................. 8
Policy..................................................................................................................... 8
Managing information system security policy......................................................................8
POTENTIAL THREATS AND VULNERABILITY OF INFORMATION SYSTEM...................9
How the threats can be mitigated..................................................................................... 10
Conclusion.................................................................................................................. 10
References.................................................................................................................. 11
Planning and Formulation of Security Policy for Royal Melbourne Hospital_3
PLANNING AND FORMULATION OF SECURITY POLICY 4
PLANNING AND FORMULATION OF SECURITY POLICY FOR ROYAL
MELBOURNE HOSPITAL
Introduction
Information system of any healthcare organization requires full protection to ensure that
no unauthorized personnel are capable of accessing anything about it. It therefore needs many
procedures and policies to help in accessing and managing information. There are important
details of patients that should not easily be accessed by hackers or stakeholders of any other
organization. Health records should be stored in a safeguarded database since they carry delicate
information. The information security of Royal Melbourne hospital was realized to be low and
can therefore easily experience threats (Puthal, Nepal, Ranjan and Chen, 2016, pp.64-71). They
were making use of windows XP software which was not regularly updated and therefore was
encrypted by unknown personnel.
It is true that every organization has got important information that should be protected
from cybercriminals. This vital information is always protected by strategies and controls. The
process of implementing the laid down policies requires attention of employees such as
clinicians, nurses and professional experts in administration. The management process involves
monitoring the manners of the personnel within the organization.
Security incidents in information system
The hospital experiences a number of incidences of threats in the information system. In
the first case, there exists violence in the department of emergency as reported by nursing staff,
which has increased to the level that calls for total attention (Ferns, 2012, pp12.). This has raised
the incidences of injury presentations. The main causes of violence is said to be influence of
drugs and alcohol. Appropriate policies are therefore required to deal with the risk.
The second incidence is ransomware which is a universal threat hindering business
steadiness as well as reliability of identifiable evidences that are much sensitive at individual
level. More than 1500 files of patients could not be accessed after experiencing an attack which
interfered with the data. Even after payment to the attackers, some files could still not be
accessed containing sensitive medical reports that were to be used in identifying theft. The
Planning and Formulation of Security Policy for Royal Melbourne Hospital_4

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
Information Security: The Royal Children's Hospital
|11
|3171
|107

Security Access Policy Plan and Risk Assessment for Healthcare Organization and Facebook
|12
|2961
|377

Developing System Access Security Policies for Healthcare Organizations
|13
|3040
|271

Enterprise Architecture Applications for Healthcare Industry
|7
|3935
|495

Implementation of Secure Encryption Technologies
|11
|2460
|38

CIS8018 – Strategic Information Security | Assignment
|23
|4579
|195