Reducing normative conflicts in information security

Security weaknesses often stem from users trying to comply with social expectations rather than following security procedures. Such normative conflicts between security policies and social norms are therefore undesirable from a security perspective. It has been argued that system developers have a "meta-task responsibility", meaning that they have a moral obligation to enable the users of the system they design to cope adequately with their responsibilities. Depending on the situation, this could mean forcing the user to make an "ethical" choice, by "designing out" conflicts. In this paper, we ask the question to what extent it is possible to detect such potential normative conflicts in the design phase of security-sensitive systems, using qualitative research in combination with so-called system models. We then envision how security design might proactively reduce conflict by (a) designing out conflict where possible in the development of policies and systems, and (b) responding to residual and emergent conflict through organisational processes. The approach proposed in this paper is a so-called subcultural approach, where security policies are designed to be culturally sympathetic. Where normative conflicts either cannot be avoided or emerge later, the organisational processes are used to engage with subcultures to encourage communally-mediated control

Security Specialists are from Mars; Healthcare Practitioners are from Venus: The Case for a Community-of-Practice Approach to Security Architectures for Healthcare

Information security is a necessary requirement of information sharing in the healthcare environment. Research shows that the application of security in this setting is sometimes subject to work-arounds where healthcare practitioners feel forced to incorporate practices that they have not had an input into and with which they have not engaged with. This can result in a sense of security practitioners and healthcare practitioners being culturally very different in their approach to information systems. As a result such practices do not constitute part of their community of practice nor their identity. In order to respond to this, systems designers typically deploy user-centred, participatory approaches to design using various forms of consultation and engagement in order to ensure that the needs of users are responded to within the design. Learning from international implementations of e-health, the development of the Australian electronic health records (EHR) system has been a participatory process. However, the more participatory approach has not been used as part of the technical security design of the e-health system and the functionality of the security governance architecture was not included in the process of consultation. Such exclusions result in a design-reality gap in so far as the healthcare systems as envisioned by designers are not easily related to by “front-line” clinical staff. Despite repeated design-reality issues in healthcare systems design, there is no fundamental change in the development paradigm to address the socio-technical security aspects of such systems. Indeed, the security perspective of system designers seems to originate from a very different perspective to that of front-line clinical staff. This discussion paper characterises the problem, uses examples from both the UK and Australian EHR experience, and proposes an alternative start-point to healthcare systems design

Security Specialists are from Mars; Healthcare Practitioners are from Venus: The Case for a Community-of-Practice Approach to Security Architectures for Healthcare

Information security is a necessary requirement of information sharing in the healthcare environment. Research shows that the application of security in this setting is sometimes subject to work-arounds where healthcare practitioners feel forced to incorporate practices that they have not had an input into and with which they have not engaged with. This can result in a sense of security practitioners and healthcare practitioners being culturally very different in their approach to information systems. As a result such practices do not constitute part of their community of practice nor their identity. In order to respond to this, systems designers typically deploy user-centred, participatory approaches to design using various forms of consultation and engagement in order to ensure that the needs of users are responded to within the design. Learning from international implementations of e-health, the development of the Australian electronic health records (EHR) system has been a participatory process. However, the more participatory approach has not been used as part of the technical security design of the e-health system and the functionality of the security governance architecture was not included in the process of consultation. Such exclusions result in a design-reality gap in so far as the healthcare systems as envisioned by designers are not easily related to by “front-line” clinical staff. Despite repeated design-reality issues in healthcare systems design, there is no fundamental change in the development paradigm to address the socio-technical security aspects of such systems. Indeed, the security perspective of system designers seems to originate from a very different perspective to that of front-line clinical staff. This discussion paper characterises the problem, uses examples from both the UK and Australian EHR experience, and proposes an alternative start-point to healthcare systems design