Risk Management For Health Information Security And Privacy

The challenge of securing large amounts of electronic medical records stored in a variety of forms and in many locations, while still making it available to authorized users, is huge. Pressure to maintain privacy and protection of personal information is a strong motivating force in the development of security policies. It is essential for health care organizations to analyze, assess and ensure security policies to meet these challenges and to develop the necessary policies to ensure the security of medical information

Gestion contextualisée de la sécurité : implémentation MDS@Runtime avec FraSCAti

National audienceThe development of security policies for information systems is usually based on a systematic risks analysis, reducing them by adopting appropriate countermeasures. These risks analysis approaches are complex and designed for well-known and static environments. To overcome this limit, we propose to extend the Model Driven Security (MDS) approach to a MDS@Runtime vision to set a Security as a Service component. Plugged on the FraSCAti middleware, our security component selects, composes and orchestrates the security services depending on the execution context to avoid both under and over protection

The “Antijihadist Pact” and fighting strategies against the “violent radicalization”: Legal, Political and Social Implications

En este artículo se analiza la relación entre el reciente desarrollo de políticas securitarias amparadas en la garantía de la democracia y de las libertades sociales en el Estado español, y la configuración de un nuevo sujeto sospechoso: “musulmán/a potencialmente terrorista”. En el seno de estas políticas se ha dotado a la ciudadanía de herramientas de control para participar activamente en la construcción y denuncia de la sospecha, bajo la lógica de la prevención de una amenaza global utilizada para crear y modificar una legislación que, al mismo tiempo, recorta los derechos y libertades individuales de toda la ciudadaníaThis article analyses the relation between the recent development of security policies, based on the guarantee of Democracy and Social Freedoms within the Spanish state, and the construction of a new suspicious subject: “the Muslim as a potential terrorist”. These policies have developed control tools to be used by citizens in order to participate actively in the construction and report of these suspicions. In doing so, global threat is used as a preventive logic to create and modify a legislation that, at the same time, reduces the individual rights and freedoms of all citizensEste artículo se inserta en los procesos de investigación desarrollados en dos proyectos de investigación: “Cambio religioso en España. Secularización, diversidad religiosa e islam” (PPII-2014-020-P) financiado por la Junta de Comunidades de Castilla La Mancha y “Participación política, islam y transnacionalidad en el mundo árabo-islámico y en contexto migratorio” (CSO2014-52998-C3-1-P

Towards Developing A Framework for Managing an Information Security Policy in Healthcare Organizations

In today\u27s interconnected high-tech world, healthcare organizations are especially concerned with managing and securing health-related information. Threats exist from different sources, and breaches have undesirable impact on the healthcare organization. In order to enhance the organization\u27s security, a precise and clear information security policy must be introduced and enforced. This is an important area of concern that should be addressed properly to successfully manage health organizations‟ security. This is a research-in-progress that examines the need for the adoption of standardized policies and regulations when it comes to dealing with the issue of information security in healthcare organizations. As an outcome of this research we hope to develop a simplified framework that can assist healthcare organizations in the implementation and management of an effective information security policy (ISP). The intended framework is expected to be of great benefit to the smaller healthcare organizations that may be lacking the necessary information security expertise. A study will be conducted on the status of information security within Saudi Arabian healthcare organizations in an effort to strengthen the recommendations of the proposed framework

Parameters and Guidelines of Enforceable Information Security Management Systems

It is increasingly important for organizations to set up an Information Security Management System (ISMS) to fulfil their business interests and their legal compliance. The main purpose of these systems is to properly protect the information owned or managed by the organization. Often, the developed ISMS complies with the external regulatory environment, but contains unenforceable rules that impede work, so it is unable to fulfil its function. In order to prevent security incidents, it is not enough to ensure legal compliance. The enforceability of these policies is gaining increasing importance in order to avoid hindering work processes. This article identifies quality parameters and guidelines in order to improve quality, enable and improve enforceability of ISMS systems, in order to fulfil their purpose, mainly protection of company information assets. By adhering to these parameters and guidelines organisations can improve their ISMS systems which enforces security of their information assets