SBM4304 Report: IS Security and Risk Management in the Medical Sector
VerifiedAdded on  2023/01/16
|10
|2946
|92
Report
AI Summary
This report focuses on IS security and risk management within the medical sector, addressing the increasing risks associated with technological advancements and data storage. It begins with an introduction to the medical sector's use of information systems and the importance of protecting patient data. The report reviews the literature on current and future security issues, including hospital service discontinuity, widespread disasters, malicious attacks, and the vulnerabilities of electronic health records (EHRs) and mobile devices. It explores solutions such as educating staff on cybersecurity, developing procedures, and implementing network security measures like VPN encryption, regular audits, and strict access controls. The report also discusses the significance of CIA requirements and ways to improve information system security, emphasizing the need for a proactive approach to anticipate and mitigate potential threats. The analysis provides a comprehensive overview of the challenges and solutions related to IS security in the medical field.
Running head: IS SECURITY AND RISK MANAGEMENT
IS SECURITY AND RISK MANAGEMENT
Name of the Student
Name of the University
Author Note
IS SECURITY AND RISK MANAGEMENT
Name of the Student
Name of the University
Author Note
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1
IS SECURITY AND RISK MANAGEMENT
Introduction about the medical sector
With the growing technology and implementation of new equipment it is observed
that the risks has also increased within the organization. Thus it becomes important to remove
the risks from the system so that it can ensure proper privacy towards the information stored
in the IS of medical sector. The main purpose behind having an information system within
the medical sector is that it helps in providing better care towards the patients (Narayana
Samy Ahmad and Ismail 2015). The information system of medical sector stores details
regarding each patients and the problems faced by them. This helps the doctor at the time of
providing better healthcare facility towards the patients. The different types of healthcare
information systems available are operation and tactical system that ensures easy
classification of information. Secondly the administrative system is used for the purpose of
managing the details regarding each patients at administrative level. The information system
of healthcare stores details regarding each patients and helps in making proper decision.
The aim of this report is to describe the information system security and risk that
arises in medical sector. Information security and risk management is a major factor that
effects the working of medical sector. The report will describe the working of medical sector
and the important factors that effects these sector. In addition to this the report will also
describe three possible security issues that are likely to impact the system of medical sector in
future (Peltier 2016). Information system plays a major role as it focus on storing the details
regarding every activities taking place within the system. The report will also provide
solutions towards the identified risk in medicals sector. The functionality of chosen sector
will also be described in the report. This will ensure a better working of the information
system within the medical sector.
IS SECURITY AND RISK MANAGEMENT
Introduction about the medical sector
With the growing technology and implementation of new equipment it is observed
that the risks has also increased within the organization. Thus it becomes important to remove
the risks from the system so that it can ensure proper privacy towards the information stored
in the IS of medical sector. The main purpose behind having an information system within
the medical sector is that it helps in providing better care towards the patients (Narayana
Samy Ahmad and Ismail 2015). The information system of medical sector stores details
regarding each patients and the problems faced by them. This helps the doctor at the time of
providing better healthcare facility towards the patients. The different types of healthcare
information systems available are operation and tactical system that ensures easy
classification of information. Secondly the administrative system is used for the purpose of
managing the details regarding each patients at administrative level. The information system
of healthcare stores details regarding each patients and helps in making proper decision.
The aim of this report is to describe the information system security and risk that
arises in medical sector. Information security and risk management is a major factor that
effects the working of medical sector. The report will describe the working of medical sector
and the important factors that effects these sector. In addition to this the report will also
describe three possible security issues that are likely to impact the system of medical sector in
future (Peltier 2016). Information system plays a major role as it focus on storing the details
regarding every activities taking place within the system. The report will also provide
solutions towards the identified risk in medicals sector. The functionality of chosen sector
will also be described in the report. This will ensure a better working of the information
system within the medical sector.
2
IS SECURITY AND RISK MANAGEMENT
Literature review
Information systems plays a major role in every field. This are basically used to store
the details regarding healthcare. This processes the data from organization as inputs and are
being processed to generate the required information that are further considered as output.
However it becomes important to increase the efficiency maintained by the information
system so that it can deliver the result with effectiveness (Shakya and Gupta 2017). The
system has ability to add or modify information as per there need. Medical sector is a sector
that aims at providing healthcare facility towards the people. The information system of a
healthcare includes capturing, managing, storing or transforming the information related to
health of an individual. Medical sector is considered as one of the largely used fields and that
are used for the welfare of human community. The major concern that arises with the
information system includes the security concerns. Over years it is observed that the risks
associated with healthcare system has increased. There are several issues and security
concerns that arises with the information system of medical sector. The information system
security is a major concern for medical sector as it provides data related to patients across the
world. With the development of technology it is observed that there is a high chance of data
getting breached. Each data that are stored within the information system have different
purpose and plays a crucial role in the healthcare sector. Information system within the
healthcare will improve the accuracy of treatment provided towards the customer (Soomro,
Shah and Ahmed 2016). However it is important for the medical sector to have a proper
implementation of the information system so that it can provide the desired outcome. Thus it
becomes important to ensure proper security is being developed within the information
system. The main security issues that are likely to impact the working of information system
are hospital service discontinuity, widespread disaster, and malicious attacks.
IS SECURITY AND RISK MANAGEMENT
Literature review
Information systems plays a major role in every field. This are basically used to store
the details regarding healthcare. This processes the data from organization as inputs and are
being processed to generate the required information that are further considered as output.
However it becomes important to increase the efficiency maintained by the information
system so that it can deliver the result with effectiveness (Shakya and Gupta 2017). The
system has ability to add or modify information as per there need. Medical sector is a sector
that aims at providing healthcare facility towards the people. The information system of a
healthcare includes capturing, managing, storing or transforming the information related to
health of an individual. Medical sector is considered as one of the largely used fields and that
are used for the welfare of human community. The major concern that arises with the
information system includes the security concerns. Over years it is observed that the risks
associated with healthcare system has increased. There are several issues and security
concerns that arises with the information system of medical sector. The information system
security is a major concern for medical sector as it provides data related to patients across the
world. With the development of technology it is observed that there is a high chance of data
getting breached. Each data that are stored within the information system have different
purpose and plays a crucial role in the healthcare sector. Information system within the
healthcare will improve the accuracy of treatment provided towards the customer (Soomro,
Shah and Ahmed 2016). However it is important for the medical sector to have a proper
implementation of the information system so that it can provide the desired outcome. Thus it
becomes important to ensure proper security is being developed within the information
system. The main security issues that are likely to impact the working of information system
are hospital service discontinuity, widespread disaster, and malicious attacks.
3
IS SECURITY AND RISK MANAGEMENT
According to the author Yuliana et al. (2016), with the increase in mobile devices in
healthcare sector the chances of risk also increases. With the use of mobile devices it
becomes easy to breach the details regarding each customer and this can cause huge threat
towards the health facility of the user. Thus using a NAC solutions will ensure that the
connected devices within the sector does not has potential to generate impact on the system.
Moreover there are issues faced with electronic health records that are stored by information
system for each patient. With the use of electronic health records it becomes easy to access
the details by physician and other professionals. This ensures proper access towards the
facilities and insurance matters. The reason behind considering the risks as a major concern is
that, the information system stores details regarding patients records, and detail of provider
networks. Thus once the data gets leaked it will become a threat towards the financial status
of healthcare organization. Apart from this the electronic healthcare reports are vulnerable to
hackers as they offers interconnected features. The hacker has ability to access the data stored
in EHRs. The electronic repot stores every data including names, and disease type. Thus it
can cause huge threat towards the medical sector. According to the author Narayana Samy,
Ahmad and Ismail (2015), malware and phishing attempts are another major concern that has
the ability to effect the information system. The hackers generates malicious scripts on
computers so that they can have credential related to information system. Once the hacker
achieve the details regarding entire system it will become easy for them to steal the details
regarding each customer.
According to the author Luo et al. (2018), one more issue that arises in IS security
includes the misuse of health records. Sometimes it is observed that the health records of a
patient is being stored within the information system. These data are further displayed or sell
to other organization for gaining benefits. In a multi-speciality environment it becomes
difficult to protect the data stored within the system. The medical sector should have the
IS SECURITY AND RISK MANAGEMENT
According to the author Yuliana et al. (2016), with the increase in mobile devices in
healthcare sector the chances of risk also increases. With the use of mobile devices it
becomes easy to breach the details regarding each customer and this can cause huge threat
towards the health facility of the user. Thus using a NAC solutions will ensure that the
connected devices within the sector does not has potential to generate impact on the system.
Moreover there are issues faced with electronic health records that are stored by information
system for each patient. With the use of electronic health records it becomes easy to access
the details by physician and other professionals. This ensures proper access towards the
facilities and insurance matters. The reason behind considering the risks as a major concern is
that, the information system stores details regarding patients records, and detail of provider
networks. Thus once the data gets leaked it will become a threat towards the financial status
of healthcare organization. Apart from this the electronic healthcare reports are vulnerable to
hackers as they offers interconnected features. The hacker has ability to access the data stored
in EHRs. The electronic repot stores every data including names, and disease type. Thus it
can cause huge threat towards the medical sector. According to the author Narayana Samy,
Ahmad and Ismail (2015), malware and phishing attempts are another major concern that has
the ability to effect the information system. The hackers generates malicious scripts on
computers so that they can have credential related to information system. Once the hacker
achieve the details regarding entire system it will become easy for them to steal the details
regarding each customer.
According to the author Luo et al. (2018), one more issue that arises in IS security
includes the misuse of health records. Sometimes it is observed that the health records of a
patient is being stored within the information system. These data are further displayed or sell
to other organization for gaining benefits. In a multi-speciality environment it becomes
difficult to protect the data stored within the system. The medical sector should have the
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
4
IS SECURITY AND RISK MANAGEMENT
ability to aggregate the data properly so that they can have a better records. In this case the
information system becomes an important part thus it is important to ensure proper security
towards the data stored. The system should also maintain proper authentication and should
allow only authenticate user to access the data. The health record contains every details
regarding the patient starting from the name to their present health situation. This records can
be used for causing harm towards the patient. Thus it is important to ensure
Solution
It becomes important to address the issues within the healthcare information system
so that proper security measures can be implemented. Thus for overcoming such situation it
is important to ensure that each employee associated with the sector is under a safe network.
It is important for the healthcare sector to implement proper measures that will aware
employees about the security issues faced by the organization or the healthcare sector. The
general guidelines that will help in protecting the system from risks are described below:
ï‚· Educating staffs: the healthcare sector should aware their employees regarding the
cyber security and the impacts that are created by IS security issues on patients and on
the sector (Loch et al. 2016). Each employee should be aware of the activities that are
needed to be performed while working within the medical sector. Once each
employee becomes aware of the security that is needed to be maintained it will
become easy to protect the information.
ï‚· Developing procedures: each employee within the organization should follow the
procedures set by the healthcare industry. They needs to perform the task efficiently
so that it does not impact any patient or staff.
Apart from all this it is important to report the breach as soon as it is identified within
the system. The main steps that are needed to implement within the system includes reporting
IS SECURITY AND RISK MANAGEMENT
ability to aggregate the data properly so that they can have a better records. In this case the
information system becomes an important part thus it is important to ensure proper security
towards the data stored. The system should also maintain proper authentication and should
allow only authenticate user to access the data. The health record contains every details
regarding the patient starting from the name to their present health situation. This records can
be used for causing harm towards the patient. Thus it is important to ensure
Solution
It becomes important to address the issues within the healthcare information system
so that proper security measures can be implemented. Thus for overcoming such situation it
is important to ensure that each employee associated with the sector is under a safe network.
It is important for the healthcare sector to implement proper measures that will aware
employees about the security issues faced by the organization or the healthcare sector. The
general guidelines that will help in protecting the system from risks are described below:
ï‚· Educating staffs: the healthcare sector should aware their employees regarding the
cyber security and the impacts that are created by IS security issues on patients and on
the sector (Loch et al. 2016). Each employee should be aware of the activities that are
needed to be performed while working within the medical sector. Once each
employee becomes aware of the security that is needed to be maintained it will
become easy to protect the information.
ï‚· Developing procedures: each employee within the organization should follow the
procedures set by the healthcare industry. They needs to perform the task efficiently
so that it does not impact any patient or staff.
Apart from all this it is important to report the breach as soon as it is identified within
the system. The main steps that are needed to implement within the system includes reporting
5
IS SECURITY AND RISK MANAGEMENT
the breach and informing the authorities about the information that is being shared.
Addressing the possible victim and recognizing the attacker behind the breach (Chatterjee,
Sarker and Valacich 2015). Apart from this the federal trade commission is used for the
purpose of providing information that gets shared with the patients. Once the breach is being
identified it becomes important re-examining the network so that it becomes important to
track the loophole from which the breach has occurred.
Ways to protect the organization against functional threats
There are several ways in which the threats associated with information system can be
minimized. This are as follows:
ï‚· Understanding the network map: utilizing the technology so that it can provide
proper overview regarding the device and storage facility that is provided towards the
network (Chiasson et al. 2017). It will help in evaluating the way tasks are going on
within the organization
ï‚· Updating the software: the software that is maintained within thy system should be
updated so that information system can be maintained free from viruses and risks.
ï‚· VPN encryption: proper encryption is needed to be developed within the network so
that it can ensure proper privacy and security within the system. This will also prevent
hacker from entering into the network.
ï‚· Conducting regular audits: there needs to have regular audits by system
administrators so that it can provide proper authentication within the information
system maintained in the sector.
ï‚· Setting strict access: this will ensure that only few people are allowed to access the
data. This will help in tracking the amount of data that is being accessed and will also
ensure there is no unauthorized person within the system.
IS SECURITY AND RISK MANAGEMENT
the breach and informing the authorities about the information that is being shared.
Addressing the possible victim and recognizing the attacker behind the breach (Chatterjee,
Sarker and Valacich 2015). Apart from this the federal trade commission is used for the
purpose of providing information that gets shared with the patients. Once the breach is being
identified it becomes important re-examining the network so that it becomes important to
track the loophole from which the breach has occurred.
Ways to protect the organization against functional threats
There are several ways in which the threats associated with information system can be
minimized. This are as follows:
ï‚· Understanding the network map: utilizing the technology so that it can provide
proper overview regarding the device and storage facility that is provided towards the
network (Chiasson et al. 2017). It will help in evaluating the way tasks are going on
within the organization
ï‚· Updating the software: the software that is maintained within thy system should be
updated so that information system can be maintained free from viruses and risks.
ï‚· VPN encryption: proper encryption is needed to be developed within the network so
that it can ensure proper privacy and security within the system. This will also prevent
hacker from entering into the network.
ï‚· Conducting regular audits: there needs to have regular audits by system
administrators so that it can provide proper authentication within the information
system maintained in the sector.
ï‚· Setting strict access: this will ensure that only few people are allowed to access the
data. This will help in tracking the amount of data that is being accessed and will also
ensure there is no unauthorized person within the system.
6
IS SECURITY AND RISK MANAGEMENT
ï‚· Start thinking like a hacker: it is important to think from the point of view of a
hacker so that it can ensure protection before the issue gets generated. The
information system should be able to assess all the issues that are likely to impact the
system.
ï‚· Using professional services: there are different services offered by professional that
helps in limiting the potential threats (Eriksson 2017). This includes assigning network
security so that proper safety can be adopted within the medical sector.
CIA requirement is known as corporate integrity agreements. This are being described by
U.S government for the healthcare industry. The main requirements that are included within
CIA includes hiring a compliance officer that can perform the tasks, developing a proper
standards and policies that will ensure better working. Apart from this it also includes
implementing a comprehensive way of managing the employees and restricting the
employees from ineligible persons. The main reason behind understanding CIA requirement
is that it includes breach and default provision that ensures proper OIG to impose penalties if
the organization or the sector fails to implement CIA (Iyengar, Kundu and Pallis 2018). Thus
CIA will ensure better working of the system.
Ways for improving the information system security
ï‚· In order to manage the security concerns within the system it is important to secure
the network so that it can be protected from unwanted attacks. It becomes important
to ensure that efficient work is being performed by network. The medical sector needs
to implement proper level for preserving the privacy. This includes providing linkable
access towards the staff and patients. Apart from this it becomes important to ensure
that EHRs are designed to capture the relevant data so that it can be further used for
the purpose of calculating the healthcare information system (Jiang et al. 2016). The
IS SECURITY AND RISK MANAGEMENT
ï‚· Start thinking like a hacker: it is important to think from the point of view of a
hacker so that it can ensure protection before the issue gets generated. The
information system should be able to assess all the issues that are likely to impact the
system.
ï‚· Using professional services: there are different services offered by professional that
helps in limiting the potential threats (Eriksson 2017). This includes assigning network
security so that proper safety can be adopted within the medical sector.
CIA requirement is known as corporate integrity agreements. This are being described by
U.S government for the healthcare industry. The main requirements that are included within
CIA includes hiring a compliance officer that can perform the tasks, developing a proper
standards and policies that will ensure better working. Apart from this it also includes
implementing a comprehensive way of managing the employees and restricting the
employees from ineligible persons. The main reason behind understanding CIA requirement
is that it includes breach and default provision that ensures proper OIG to impose penalties if
the organization or the sector fails to implement CIA (Iyengar, Kundu and Pallis 2018). Thus
CIA will ensure better working of the system.
Ways for improving the information system security
ï‚· In order to manage the security concerns within the system it is important to secure
the network so that it can be protected from unwanted attacks. It becomes important
to ensure that efficient work is being performed by network. The medical sector needs
to implement proper level for preserving the privacy. This includes providing linkable
access towards the staff and patients. Apart from this it becomes important to ensure
that EHRs are designed to capture the relevant data so that it can be further used for
the purpose of calculating the healthcare information system (Jiang et al. 2016). The
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7
IS SECURITY AND RISK MANAGEMENT
system needs to include all the important records that has the ability to get theft by an
outsiders. This data will be stored properly and will ensure that the important records
are being checked at the time of processing. This will safeguard the data from further
threats. Moreover the medical sector has the ability to link the data with the help
HIPPA security rule. Thus security becomes a major concern for maintaining proper
data within the system (McIlwraith 2016). However the interconnected networks for
patients plays a major role in the time of sharing information in medical sector. There
is a high chance of misusing the data stored within the information system. Thus it
becomes important to implement proper audit measures that will protect data from
theft. The ways in which vulnerabilities within the system can be measured includes:
ï‚· The process taking place within the organization needs to be reviewed properly
ï‚· Identifying the source from where threat has occurred
ï‚· Identifying the high risks point
ï‚· Applying effective approach for minimizing the risk
ï‚· Proper measures for overcoming the affected areas.
IS SECURITY AND RISK MANAGEMENT
system needs to include all the important records that has the ability to get theft by an
outsiders. This data will be stored properly and will ensure that the important records
are being checked at the time of processing. This will safeguard the data from further
threats. Moreover the medical sector has the ability to link the data with the help
HIPPA security rule. Thus security becomes a major concern for maintaining proper
data within the system (McIlwraith 2016). However the interconnected networks for
patients plays a major role in the time of sharing information in medical sector. There
is a high chance of misusing the data stored within the information system. Thus it
becomes important to implement proper audit measures that will protect data from
theft. The ways in which vulnerabilities within the system can be measured includes:
ï‚· The process taking place within the organization needs to be reviewed properly
ï‚· Identifying the source from where threat has occurred
ï‚· Identifying the high risks point
ï‚· Applying effective approach for minimizing the risk
ï‚· Proper measures for overcoming the affected areas.
8
IS SECURITY AND RISK MANAGEMENT
References
Chatterjee, S., Sarker, S. and Valacich, J.S., 2015. The behavioral roots of information
systems security: Exploring key factors related to unethical IT use. Journal of Management
Information Systems, 31(4), pp.49-87.
Chiasson, M., Reddy, M., Kaplan, B. and Davidson, E., 2017. Expanding multi-disciplinary
approaches to healthcare information technologies: What does information systems offer
medical informatics?. International journal of medical informatics, 76, pp.S89-S97.
Eriksson, J., 2017. Threat Politics: New Perspectives on Security, Risk and Crisis
Management: New Perspectives on Security, Risk and Crisis Management. Routledge.
Farahmand, F., Navathe, S.B., Sharp, G.P. and Enslow, P.H., 2015. A management
perspective on risk of security threats to information systems. Information Technology and
Management, 6(2-3), pp.203-225.
Iyengar, A., Kundu, A. and Pallis, G., 2018. Healthcare Informatics and Privacy. IEEE
Internet Computing, 22(2), pp.29-31.
Jiang, P., Winkley, J., Zhao, C., Munnoch, R., Min, G. and Yang, L.T., 2016. An intelligent
information forwarder for healthcare big data systems with distributed wearable
sensors. IEEE systems journal, 10(3), pp.1147-1159.
Loch, K.D., Carr, H.H. and Warkentin, M.E., 2016. Threats to information systems: today's
reality, yesterday's understanding. Mis Quarterly, pp.173-186.
Luo, E., Bhuiyan, M.Z.A., Wang, G., Rahman, M.A., Wu, J. and Atiquzzaman, M., 2018.
PrivacyProtector: privacy-protected patient data collection in IoT-based healthcare
systems. IEEE Communications Magazine, 56(2), pp.163-168.
IS SECURITY AND RISK MANAGEMENT
References
Chatterjee, S., Sarker, S. and Valacich, J.S., 2015. The behavioral roots of information
systems security: Exploring key factors related to unethical IT use. Journal of Management
Information Systems, 31(4), pp.49-87.
Chiasson, M., Reddy, M., Kaplan, B. and Davidson, E., 2017. Expanding multi-disciplinary
approaches to healthcare information technologies: What does information systems offer
medical informatics?. International journal of medical informatics, 76, pp.S89-S97.
Eriksson, J., 2017. Threat Politics: New Perspectives on Security, Risk and Crisis
Management: New Perspectives on Security, Risk and Crisis Management. Routledge.
Farahmand, F., Navathe, S.B., Sharp, G.P. and Enslow, P.H., 2015. A management
perspective on risk of security threats to information systems. Information Technology and
Management, 6(2-3), pp.203-225.
Iyengar, A., Kundu, A. and Pallis, G., 2018. Healthcare Informatics and Privacy. IEEE
Internet Computing, 22(2), pp.29-31.
Jiang, P., Winkley, J., Zhao, C., Munnoch, R., Min, G. and Yang, L.T., 2016. An intelligent
information forwarder for healthcare big data systems with distributed wearable
sensors. IEEE systems journal, 10(3), pp.1147-1159.
Loch, K.D., Carr, H.H. and Warkentin, M.E., 2016. Threats to information systems: today's
reality, yesterday's understanding. Mis Quarterly, pp.173-186.
Luo, E., Bhuiyan, M.Z.A., Wang, G., Rahman, M.A., Wu, J. and Atiquzzaman, M., 2018.
PrivacyProtector: privacy-protected patient data collection in IoT-based healthcare
systems. IEEE Communications Magazine, 56(2), pp.163-168.
9
IS SECURITY AND RISK MANAGEMENT
McIlwraith, A., 2016. Information security and employee behaviour: how to reduce risk
through employee education, training and awareness. Routledge.
Narayana Samy, G., Ahmad, R. and Ismail, Z., 2015. Security threats categories in healthcare
information systems. Health informatics journal, 16(3), pp.201-209.
Peltier, T.R., 2016. Information Security Policies, Procedures, and Standards: guidelines for
effective information security management. Auerbach Publications.
Safa, N.S., Von Solms, R. and Furnell, S., 2016. Information security policy compliance
model in organizations. Computers & Security, 56, pp.70-82.
Shakya, S. and Gupta, A., 2017. Concerns on Information System and Security
Audit. Journal of Advanced College of Engineering and Management, 3, pp.127-135.
Sittig, D.F. and Singh, H., 2015. A new socio-technical model for studying health
information technology in complex adaptive healthcare systems. In Cognitive Informatics for
Biomedicine(pp. 59-80). Springer, Cham.
Soomro, Z.A., Shah, M.H. and Ahmed, J., 2016. Information security management needs
more holistic approach: A literature review. International Journal of Information
Management, 36(2), pp.215-225.
Susanto, A., 2016. The Effect of Internal Control on Accounting Infromation
System. International Bussiness Management, 10(23), pp.5523-5529.
Yuliana, M., Darwito, H.A., Sudarsono, A. and Yofie, G., 2016, October. Privacy and
security of sharing referral medical record for health care system. In 2016 2nd International
Conference on Science in Information Technology (ICSITech)(pp. 232-237). IEEE.
IS SECURITY AND RISK MANAGEMENT
McIlwraith, A., 2016. Information security and employee behaviour: how to reduce risk
through employee education, training and awareness. Routledge.
Narayana Samy, G., Ahmad, R. and Ismail, Z., 2015. Security threats categories in healthcare
information systems. Health informatics journal, 16(3), pp.201-209.
Peltier, T.R., 2016. Information Security Policies, Procedures, and Standards: guidelines for
effective information security management. Auerbach Publications.
Safa, N.S., Von Solms, R. and Furnell, S., 2016. Information security policy compliance
model in organizations. Computers & Security, 56, pp.70-82.
Shakya, S. and Gupta, A., 2017. Concerns on Information System and Security
Audit. Journal of Advanced College of Engineering and Management, 3, pp.127-135.
Sittig, D.F. and Singh, H., 2015. A new socio-technical model for studying health
information technology in complex adaptive healthcare systems. In Cognitive Informatics for
Biomedicine(pp. 59-80). Springer, Cham.
Soomro, Z.A., Shah, M.H. and Ahmed, J., 2016. Information security management needs
more holistic approach: A literature review. International Journal of Information
Management, 36(2), pp.215-225.
Susanto, A., 2016. The Effect of Internal Control on Accounting Infromation
System. International Bussiness Management, 10(23), pp.5523-5529.
Yuliana, M., Darwito, H.A., Sudarsono, A. and Yofie, G., 2016, October. Privacy and
security of sharing referral medical record for health care system. In 2016 2nd International
Conference on Science in Information Technology (ICSITech)(pp. 232-237). IEEE.
1 out of 10
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
 +13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024  |  Zucol Services PVT LTD  |  All rights reserved.