Open Access. Powered by Scholars. Published by Universities.®
Articles 1 - 3 of 3
Full-Text Articles in Entire DC Network
Challenges In Improving Information Security Practice In Australian General Practice, Donald C. Mcdermid, Rachel J. Mahncke, Patricia A. Williams
Challenges In Improving Information Security Practice In Australian General Practice, Donald C. Mcdermid, Rachel J. Mahncke, Patricia A. Williams
Australian Information Security Management Conference
The status of information security in Australian medical general practice is discussed together with a review of the challenges facing small practices that often lack the technical knowledge and skill to secure patient information by themselves. It is proposed that an information security governance framework is required to assist practices in identifying weaknesses and gaps and then to plan and implement how to overcome their shortcomings through policies, training and changes to processes and management structure.
Measuring Information Security Governance Within General Medical Practice, Rachel J. Mahncke, Donald C. Mcdermid, Patricia A. Williams
Measuring Information Security Governance Within General Medical Practice, Rachel J. Mahncke, Donald C. Mcdermid, Patricia A. Williams
Australian Information Security Management Conference
Information security is becoming increasingly important within the Australian general medical practice environment as legal and accreditation compliance is being enforced. Using a literature review, approaches to measuring information security governance were analysed for their potential suitability and use within General Practice for the effective protection of confidential information. The models, frameworks and guidelines selected were analysed to evaluate if they were Key Performance Indicator (KPI), or process driven; whether the approach taken was strategic, tactical or operational; and if governance or management assessment tools were presented. To measure information security governance, and be both effective and practical, the approach …
Improving An Organisations Existing Information Technology Policy To Increase Security, Shane Talbot, Andrew Woodward
Improving An Organisations Existing Information Technology Policy To Increase Security, Shane Talbot, Andrew Woodward
Australian Information Security Management Conference
A security policy which includes the appropriate phases of implementation, enforcement, auditing and review is vital to protecting an organisations information security. This paper examined the information security policy of a government organisation in response to a number of perceived shortcomings. The specific issues identified relating to the organisations security policy as a result of this investigation were as follows: a culture of ignoring policies, minimal awareness of policies, minimal policy enforcement, policy updating and review ad hoc at best, policy framework, lengthy policy development and approval process, no compliance program, no formal non-compliance reporting and an apparent inconsistent enforcement …