StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

Development of the Framework and Organizational Security Strategy for the St Johns Hospital - Case Study Example

Cite this document
Summary
The paper "Development of the Framework and Organizational Security Strategy for the St Johns Hospital" discusses how it is possible to incorporate the client information security policy in the on the whole organizational security policy. Here a multi-dimensional model is purposed for the Hospital…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER91.6% of users find it useful
Development of the Framework and Organizational Security Strategy for the St Johns Hospital
Read Text Preview

Extract of sample "Development of the Framework and Organizational Security Strategy for the St Johns Hospital"

Security and Privacy Table of Contends Abstract 1 Background 3 Information security risk 3 Possible effects 4 Proposed Model 4 Multi-dimensional information security model 5 Multi-dimensional information security areas 5 Protection Strategies 6 Security Policies, Procedures, and Standards 7 Information Security Policy 7 Information Security Procedures 8 Information Security Standards 8 Education 9 Accountability 10 Audit and Validation 10 Conclusion 11 References 11 Abstract Client information security and privacy is the leading concern in any organization. This paper discusses the preservation of the client information and other confidential information of St. John’s Hospital. Here the basic aim is to develop the better information and client data security and privacy policy. This security policy will serve as a framework and organizational security strategy for the St. John’s Hospital. This paper provides the development of the framework and organizational security strategy for the St. John’s Hospital. This paper will analyze the potential hazards of client’s information outflow to non-authenticated persons. By information we indicate data that have been produced into the structure that is consequential and useful to the human beings (Kenneth, 1999). Modern technology poses innovative confronts to the protection of individual privacy which existing (Kenneth, 1999). Background This section will provide the basic insight in to the problem situation that leads to development of this information policy. It is observed on numerous occasions, personnel working late observed the cleaning staff reading discarded printouts. This is really wrong client information exploitation. The administration at St. John’s Hospital takes pride in its sound policies and procedures for the protection of confidential client information. In fact, it serves as a model for other institutions in the area. There is need for the protection of the information and development of the effective information policy. Information security risk Privacy is the declaration of individuals to be theft alone, free from observation or intrusion from other individuals of organizations as well as the state. Declarations to privacy are also caught up at the place of work. Information technology and system pressure individual declarations to privacy by making the incursion of privacy inexpensive, cost-effective, and efficient (Kenneth, 1999). The information security risk can be defined as the concentration of affect on organization processes (encompassing operational tasks, illustrations, or status), organization possessions, or individuals ensuing from the procedure of an business information arrangement offers the possible influence of a hazard and the probability of that intimidation occurring (Rebecca, 2007). Investment risk: business hazards linked by the feasible incapability to attain all-purpose program aims inside distinct price, timetable, and technological limitations. Possible effects In the above section the possible hazard situations are presented. Such situations can lead us towards lot of possible information exploitation cases. For instance, several workers can take information regarding any patient and blackmail him for any reason. It will turn out bad image of the hospital information management. Lot of patients will hesitate to provide their information or even do no come to our hospital. This will be a serious business problem. Proposed Model Executing and systematizing information security within the organizational perimeter is a great deal more intricate than immediately running the safety/security of the organizational perimeter only. This proposal is intelligent when we deem what is disturbed by running business perimeter protection. Big businesses have need of an innovative client’s information security model. Nowadays the frequently used layered information security models are based on a "black list” that is beneath terrific stress because of the scaling troubles plus working/operational operating cost. A Trusted Enterprise Model foundational on confidentiality, trusted relationships, unique and integrity of the client information and data (Rebecca, 2007). Here we need to implement the Multi-dimensional security model that can manage all the potential problems regarding the organizational information security. Multi-dimensional information security model Multi dimensional information security takes on defending the information resources as well as related resources surrounded by every region of a business plus in accomplishment by the intact policy regulatory, in addition contractual necessities. It sets security not basically at the information storage area but as well as everywhere information goes, developed, or conveyed. Multi-dimensional security engages other than immediately expertise or technology way out; it as well employs administrative, operational as well as human outline of protection to facilitate and decrease hazards of information theft or exploitation. Multi-dimensional information security areas This section outlines the areas where the Multi-dimensional information security model will be applied and managed the hospital patient’s confidential information. Our purposed Multi-dimensional information security model will comprise the following given areas that will be addressed for the safety and production of Hospital data and information (Rebecca, 2007). For development of protection strategies Accomplishment of Security procedures, standards and policies justification and Audit Simplifying complexity Multi-dimensional security model diminishes the hazard of safety violations, protect data flows all through the broadcast mode; diminish the influence and expenditure of implementation reviews, guard beside insider assaults, in addition to reveal suitable carefulness. The way of doing 'rip and replace' organizational present arrangement, huge businesses would be able to construct a conviction organizational model in excess of time through affecting expertise’s to facilitate hold up information security standards. In this method, organizational executives would be able to acquire a grassroots move toward, tackle high-risk regions on a strategic foundations, and map for a deliberate design that include the whole1. Protection Strategies There is no magical resolution that has the ability to protect the entire organizational information resources moreover systems in fulfillment by the entire contractual and officially permitted necessities. Many information safety policies have to be employed to the majority successfully diminish and administer the hazard that be present inside today’s extremely decentralized as well as extensively associated arrangements (Rebecca, 2007). As an initial position, the policies are able to be envisioned as a blend of shielding association positions in addition to handing out and storage places also refining the individuals who employ them. All these mechanisms are then carrying out and managing information inside the necessities drawn round inside plans, actions, and values, authoritarian and legal necessities, education, plus below the observe of review and legalization. Security Policies, Procedures, and Standards Organizational information security strategies, measures, as well as standards are entirely significant reflections. Organization has to appropriately file and put into practice to have a successful information safety plan. Every category of such information safety serves a diverse function (Kenneth, 1999). Information Security Policy Organizational information security strategies establish the configuration inside which the company regulations plus policies for management information with plummeting risk are explained. Proficient strategies are fashioned to help out the business into fulfillment by appropriate rules and policies also to tackle how to protect the company information dispensation situations inside the business. Administration must place a obvious strategy track in line by means of company aims and apparently reveal hold up for, and promise to, information safety (Rebecca, 2007). In St. John’s Hospital we have to develop a visible information security policy that has the capability to tackle the overall organizational information and data handling events. Here we have to define the policies regarding the information transportation, access criteria and unnecessary documents handling. Information Security Procedures Information security procedures demonstrate how to put into practice the strategy. Actions articulate the gradually wide-ranging events which are essential to effectively fulfill a job that chains the strategy. Procedures or actions proffer employees the information essential to done a job and offer guarantee to administration that the jobs are being done in a consistent and standard way. Procedures boost efficiencies in worker jobs plus help in the avoidance of exploitation and scam (Christine, 2000). For instance, a strategy possibly will need all information that plants the business to be encrypted. The equivalent process would describe the methods and tools for encrypting business information that we will transfer, like that entails the utilization of a VPN which is also acknowledged as virtual private network, next to by means of aspects regarding every stair to obtain to put into practice the hardware and software essential to employ the VPN in a method that is satisfactory to the business (Rebecca, 2007). In the St. John’s Hospital we will implement the VPN that will facilitate in the effective organizational working and information security. Here the administrator will define the rights for each client. No un-authenticated user will have the permission to enter the organizational database. Information Security Standards This section will discuss about the information security standard that is a comprehensive arrangement for human, hardware and software events to hold up the information safety strategy. Standards are accepted for an extensive assortment of matters, from the hardware to software that have to be employed to the isolated entry protocols that should be executed to recitation who is accountable for producing information safety approvals. Principles offer a recognized method of making sure that agendas as well as arrangements will effort in cooperation. By setting up values, the business confines the likelihood of scoundrel use of hardware, platforms, systems or else software. There is fewer time used in sustaining non-standard actions yields. In conclusion, principles describe cost-savings procedures that hold up the well-organized management of the organization (Christine, 2000). In the St. John’s Hospital we will implement the ISO issued standard for the information security and risk free management of the organization. For doing this we have to incorporate the ISO specified system and security levels for the ensuring the business security. Education It is very essential for an organization to guide its workers about the information security and privacy issues. If our workers will not be familiar with, or will not recognize how to uphold privacy of our business information, or how to protect it properly, we can not risk simply containing one of our the majority precious company assets (that is our business information) mismanaged, inappropriately employed, or gained by means of illegal persons however as well being in disobedience of a rising amount of rules and policies that necessitate definite kinds of information safety and isolation responsiveness and preparation actions. We too risk hurtful one more of our precious possessions that is the business standing (Rebecca, 2007). In the St. John’s Hospital we will educate the workers regarding the information security and its values for our business. We have to educate them in a way that they could be able to understand the critical nature of people personal information. There will also need for the awareness regarding the disproof of the information that is accessible to cleaning staff. Accountability The majority workers make out that if they are being premeditated for influenced proceedings, they have need of being accountable for those proceedings for the reason that those events can be influenced their job by means of the firm in a number of ways. If an association information security fulfillment and attaches it by employ’s performance, workers distinguish additional visibility to their accountability and are still additional probable to obey the rules (Christine, 2000). Audit and Validation Information Security reviews along with fulfillment justification evaluations proffer an in-depth measurement of an association’s safety policies, personnel, communications and events. When carried out productively and productively, they will make out regions of flaws inside the communications. The reviewer or examiner is able to then offer suggestion for suitable events to tackle the faults and decrease the supplementary risks (Oltsik, 2009). Conclusion In this paper we have discovered that how we can implement the organizational information security policy. In this paper it is shown that how it is possible to incorporate the client information security policy in the on the whole organizational security policy. Here a multi-dimensional model is purposed for the St. John’s Hospital. It is probable that this policy will work effectively. References 1. Christine Hagn, Wemhard H. Markwitz, 2000, Mobile Teleworking: Some Solutions and Information Security Aspects, Siemens AG, Information and Communication Products, Information Security, p- 322-325 2. Kenneth. C. Laudon. (1999). Management Information System. (Fifth Edition), New Jersey, Prentice-Hall. 3. Rebecca Herold, 2007, Security Inside the Perimeter, source: realtimepublishers.com, retrieved on 23-03-2009 4. Jon Oltsik, Trusted Enterprise Security, Source; https://www.trustedcomputinggroup.org/news/Industry_Data/ESG_White_Paper.pdf, retrieved on 23-03-2009 5. Flow of Strategic Information, http://iwenchangchien.blogspot.com/, retrieved on 23-3-2009. Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(Development of the Framework and Organizational Security Strategy for Case Study, n.d.)
Development of the Framework and Organizational Security Strategy for Case Study. Retrieved from https://studentshare.org/management/1552733-security-and-privacy
(Development of the Framework and Organizational Security Strategy for Case Study)
Development of the Framework and Organizational Security Strategy for Case Study. https://studentshare.org/management/1552733-security-and-privacy.
“Development of the Framework and Organizational Security Strategy for Case Study”, n.d. https://studentshare.org/management/1552733-security-and-privacy.
  • Cited: 0 times

CHECK THESE SAMPLES OF Development of the Framework and Organizational Security Strategy for the St Johns Hospital

The European Union Health Monitoring Programme

This literature review "The European Union Health Monitoring Programme" presents hospital Data Project as an example of how well hospital data could be integrated for common use in a safe and reliable way.... The program intends to develop comparable hospital utilization data.... hellip; According to the hospital Data Project, “hospital data are now required to serve a variety of purposes including supporting activity monitoring, performance measurement, case-mix-based funding, service planning, and epidemiological analysis” (HDP, 2003)....
6 Pages (1500 words) Literature review

Australian ICT Framework and Mobile Device Management

… Australian ICT framework and Mobile Device Management Customer Inserts Name Customer Inserts Grade Course Customer Inserts Tutor's Name Date of Submission Australian Governments Enterprise ICT framework Information and computing technology policies and frameworks help in the consolidation and rationalization of information technology processes, which is achieved through increment in flexibility, decrement in cost, and enhancement of assets in Information and Communication Technology (ICT)....
9 Pages (2250 words) Essay

How People Are Managed and How They Lead

Indeed, an interview between a candidate and the employer would have more chances to lead to the development of a successful cooperation if both parties were allowed to show their concerns and their perceptions in regard to the issues discussed during the interview (Whetten and Cameron 2011).... Supportive communication is a mode of communication that can be quite important in certain organizational events, such as interviews (Whetten and Cameron 2011)....
20 Pages (5000 words) Essay

Data Envelopment Analysis in Health Care

Since data envelopment analysis (DEA) was initially brought in by Charnes, Cooper and Rhodes in 1978, the just authoritative technique has been vastly advanced and utilized to evaluate the comparative efficiencies of multiple-response multiple-output decision-making units… The acceptance of DEA is because of its capacity to measure comparative efficiencies of multiple-input and multiple-output DMU's devoid of early masses on the contributions and productions....
19 Pages (4750 words) Thesis

Social Entrepreneur and Student Network

The literature published in this area has been reviewed for identifying those strategic choices that would secure the success of the social media strategy involved.... Theories and models explaining the involvement of social media in business environment, including the social… It has been made clear that the design of a successful social media strategy can be a challenging task mainly because the needs and the potentials of organizations tend to change Current paper focuses on the provision of a social media strategy that could support the enhancement of performance of a social enterprise based in UK, the Social Entrepreneur and Student Network (SESNet)....
13 Pages (3250 words) Essay

Assessment of Application of IT in Healthcare Industry

Therefore, there are three main benefits of having IT in a health organization: first, its capacity to provide comprehensive electronic medical records; second, its ability to upgrade hospital information systems; and last, its capability to support intranet that can be used for information distribution, supply chain management, and remote diagnostics.... n this study, we aim to further scrutinize the role of IT in a health organization by looking at the case of Massachusetts General hospital (MGH) in its management of electronic data records (EDR) through its Point of Order....
5 Pages (1250 words) Term Paper

National Health Service

hellip; The Free medicinal service at the point of utilization originates from the principle standards at the establishment of the NHS by the UK Labor government of 1948 Practically speaking, the "free at the point of utilization or use" this  implies that anybody legitimately enrolled with the framework, inclusive of the UK natives and legitimate immigrants get the full-expansiveness.... nbsp; The hospital's Plan of 1962 was defined about this and also subsequent planned on taking into account of the alternating distribution of the population, and also the developments in medical science (Peate, 2010 pg....
8 Pages (2000 words) Research Paper

Project in 3D Printing of Keys in an NHS Clinic

 The development of the project is distinctively distinguished in three main ways: the ways include the software and hardware features, implementers or the user description and unique and innovative management style selected.... The development process had huge consideration for the simultaneous inclusion and incorporation of virtually all the departments including the finance and security and even outsiders in the successful execution and running of the project....
13 Pages (3250 words) Case Study
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us