Welcome to the InfoSci Platform
Information Security Standards for Health Information Systems: The Implementer’s Approach

Information Security Standards for Health Information Systems: The Implementer’s Approach

Evangelos Kotsonis, Stelios Eliakis
Copyright: © 2011 |Pages: 33
ISBN13: 9781616928957|ISBN10: 1616928956|EISBN13: 9781616928971
DOI: 10.4018/978-1-61692-895-7.ch006
Cite Chapter Cite Chapter

MLA

Kotsonis, Evangelos, and Stelios Eliakis. "Information Security Standards for Health Information Systems: The Implementer’s Approach." Certification and Security in Health-Related Web Applications: Concepts and Solutions, edited by Anargyros Chryssanthou, et al., IGI Global, 2011, pp. 113-145. https://doi.org/10.4018/978-1-61692-895-7.ch006

APA

Kotsonis, E. & Eliakis, S. (2011). Information Security Standards for Health Information Systems: The Implementer’s Approach. In A. Chryssanthou, I. Apostolakis, & I. Varlamis (Eds.), Certification and Security in Health-Related Web Applications: Concepts and Solutions (pp. 113-145). IGI Global. https://doi.org/10.4018/978-1-61692-895-7.ch006

Chicago

Kotsonis, Evangelos, and Stelios Eliakis. "Information Security Standards for Health Information Systems: The Implementer’s Approach." In Certification and Security in Health-Related Web Applications: Concepts and Solutions, edited by Anargyros Chryssanthou, Ioannis Apostolakis, and Iraklis Varlamis, 113-145. Hershey, PA: IGI Global, 2011. https://doi.org/10.4018/978-1-61692-895-7.ch006

Export Reference

Mendeley
Favorite

Abstract

Current developments in the field of integrated treatment show the need for IS security approaches within the healthcare domain. Health information systems are called to meet unique demands to remain operational in the face of natural disasters, system failures and denial-of-service attacks. At the same time, the data contained in health information systems are strictly confidential and, due to the ethical, judicial and social implications in case of data loss, health related data require extremely sensitive handling. The purpose of this chapter is to provide an overview of information security management standards in the context of health care information systems and focus on the most widely accepted ISO/IEC 27000 family of standards for information security management. In the end of the chapter, a guide to develop a complete and robust information security management system for a health care organization will be provided, by mentioning special implications that are met in a health care organization, as well as special considerations related to health related web applications. This guide will be based on special requirements of ISO/IEC 27799:2008 (Health informatics — Information security management in health using ISO/IEC 27002).

Request Access

You do not own this content. Please login to recommend this title to your institution's librarian or purchase it from the IGI Global bookstore.