IDEAS home Printed from https://ideas.repec.org/a/mgs/iojome/v1y2021i2p30-37.html
   My bibliography  Save this article

Selected Aspects of Information Security Management in Entities Performing Medical Activity

Author

Listed:
  • Dominika Lisiak-Felicka

    (Department of Computer Science in Economics, University of Lodz, Poland)

  • Pawel Nowak

    (Department of Computer Science in Economics, University of Lodz, Poland)

  • Maciej Szmit

    (Department of Computer Science, University of Lodz, Poland)

Abstract

The article is devoted to the issues related to an information security management in medical entities. The healthcare entities have been amongst the prime targets for hackers for several years. According to the IBM report “The 2016 X-Force Cyber Security Intelligence Index†in 2015 most of the attacks were carried out against these entities. The years 2016 and 2017 also witnessed spectacular cyberattacks, for example: medical records breach of 3.3 million people because of an unauthorized access to a server in the US, some WannaCry ransomware attacks on the UK hospitals, some MongoDB Database Leaks in the US or NotPetya ransomware attacks in the US hospitals. Entities performing medical activity are processing personal data concerning health that is classified as a “sensitive data†and needs a special protection. The article presents the results of the survey – interviews with IT managers (or designated persons) in entities performing medical activity in Lodz Voivodeship in Poland. The aim of the research was analysis and evaluation of information security management in these entities. The interviews had been performed between December, 2017 and January, 2018. As the results of the research, the ways of information security management were identified (in particular such aspects as: characteristics of the information security teams, information security management system auditing, risk management, information security incidents, budgets for information security, training and the General Data Protection Regulation implementation). The paper also describes the types of information that should be protected in healthcare entities and characteristic of surveyed entities that subordinate to the local government of Lodz Voivodeship in Poland.

Suggested Citation

  • Dominika Lisiak-Felicka & Pawel Nowak & Maciej Szmit, 2021. "Selected Aspects of Information Security Management in Entities Performing Medical Activity," International Journal of Operations Management, Inovatus Services Ltd., vol. 1(2), pages 30-37, January.
    • Handle: RePEc:mgs:iojome:v:1:y:2021:i:2:p:30-37
    DOI: 10.18775/ijom.2757-0509.2020.12.4004
    as

    Download full text from publisher

    File URL: https://researchleap.com/wp-content/uploads/2021/03/04_Selected_Aspects_of_Information_Security_Management_in_Entities.pdf
    Download Restriction: no
    File URL: https://researchleap.com/selected-aspects-of-information-security-management-in-entities-performing-medical-activity/
    Download Restriction: no
    File URL: https://libkey.io/10.18775/ijom.2757-0509.2020.12.4004?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    References listed on IDEAS

    as
    1. Hou, Ye & Gao, Ping & Nicholson, Brian, 2018. "Understanding organisational responses to regulative pressures in information security management: The case of a Chinese hospital," Technological Forecasting and Social Change, Elsevier, vol. 126(C), pages 64-75.
    Full references (including those not matched with items on IDEAS)

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Wang, Huamao & Yao, Yumei & Salhi, Said, 2020. "Tension in big data using machine learning: Analysis and applications," Technological Forecasting and Social Change, Elsevier, vol. 158(C).

    More about this item

    Keywords

    Cybersecurity; Entities performing medical activity; Hospitals; Information security; Information security management;
    All these keywords.

    JEL classification:

    • M00 - Business Administration and Business Economics; Marketing; Accounting; Personnel Economics - - General - - - General

    Statistics

    Access and download statistics

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:mgs:iojome:v:1:y:2021:i:2:p:30-37. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Bojan Obrenovic (email available below). General contact details of provider: https://researchleap.com/ .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.