INFORMATION SECURITY MANAGEMENT SYSTEM - A Case Study in a Brazilian Healthcare Organization

Carlos Eduardo Ribas; Marcelo Nascimento Burattini; Eduardo Massad; Jorge Futoshi Yamamoto

Research.Publish.Connect.

*Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Country:
Subject:

Advanced Search Affiliations Search

If you're looking for an exact phrase use quotation marks on text fields.

Proceedings

Proceedings Search *Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

Papers

Papers Search *Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

Authors

Authors Search *Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

Advanced Search

Paper

INFORMATION SECURITY MANAGEMENT SYSTEM - A Case Study in a Brazilian Healthcare Organization

Topics: Confidentiality and Data Security; Healthcare Management Systems

In Proceedings of the International Conference on Health Informatics - Volume 0BIOSTEC, 147-151, 2012 , Vilamoura, Algarve, Portugal

Authors: Carlos Eduardo Ribas ¹ ; Marcelo Nascimento Burattini ² ; Eduardo Massad ² and Jorge Futoshi Yamamoto ¹

Affiliations: ¹ Academic Network at Sao Paulo, Brazil ; ² School of Medicine and University of Sao Paulo, Brazil

Keyword(s): Information security, ISO standards, ISMS, Assessment, Success factors.

Related Ontology Subjects/Areas/Topics: Biomedical Engineering ; Confidentiality and Data Security ; Health Information Systems ; Healthcare Management Systems

Abstract: ISO 27001 is the international standard for an Information Security Management System (ISMS) that helps to address the triad of information security: Confidentiality, Integrity, and Availability (CIA). An ISMS is a systematic approach focused on managing information security within an organization. It encompasses all the information assets, such as: people, processes and IT systems. This paper describes the implementation process of an ISMS in a Brazilian healthcare organization. We use an information system based on ISO standards as an indicator to assess the information security. Using Chi-square with Yates' correction or Fisher's exact test to compare the proportion of adequacy to the requirements of reference standard used, our case study showed positive results in the first ten months of implementation with significant results on multiple items analysed. However, in an environment of limited budgets, better results were not achieved in the following months due to the financial p roblems to implement specific controls in the organization. The aim of this paper is to present the experience obtained during the implementation of an ISMS in a healthcare organization and to discuss some critical success factors. (More)

CC BY-NC-ND 4.0

Guest: Register as new SciTePress user now for free.

SciTePress user: please login.

My Papers

You are not signed in, therefore limits apply to your IP address 3.143.168.172

In the current month:

Recent papers: 100 available of 100 total

2⁺ years older papers: 200 available of 200 total

Paper citation in several formats:

Ribas, C.; Nascimento Burattini, M.; Massad, E. and Futoshi Yamamoto, J. (2012). INFORMATION SECURITY MANAGEMENT SYSTEM - A Case Study in a Brazilian Healthcare Organization. In Proceedings of the International Conference on Health Informatics (BIOSTEC 2012) - HEALTHINF; ISBN 978-989-8425-88-1; ISSN 2184-4305, SciTePress, pages 147-151. DOI: 10.5220/0003728201470151

@conference{healthinf12,
author={Carlos Eduardo Ribas. and Marcelo {Nascimento Burattini}. and Eduardo Massad. and Jorge {Futoshi Yamamoto}.},
title={INFORMATION SECURITY MANAGEMENT SYSTEM - A Case Study in a Brazilian Healthcare Organization},
booktitle={Proceedings of the International Conference on Health Informatics (BIOSTEC 2012) - HEALTHINF},
year={2012},
pages={147-151},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0003728201470151},
isbn={978-989-8425-88-1},
issn={2184-4305},
}

TY - CONF

JO - Proceedings of the International Conference on Health Informatics (BIOSTEC 2012) - HEALTHINF
TI - INFORMATION SECURITY MANAGEMENT SYSTEM - A Case Study in a Brazilian Healthcare Organization
SN - 978-989-8425-88-1
IS - 2184-4305
AU - Ribas, C.
AU - Nascimento Burattini, M.
AU - Massad, E.
AU - Futoshi Yamamoto, J.
PY - 2012
SP - 147
EP - 151
DO - 10.5220/0003728201470151
PB - SciTePress