Health facilities strive to develop efficient and reliable information systems capable of providing real-time access to vital information that may always mean the death or life of a patient. The health facility provides an effective environment for assessing the importance of information systems thus formulating policies that would enhance service delivery in the facility. The members of the group carried out research on the health facility and interviewed some of its employees and managers who offered reliable information on the nature and importance of the information system. The research included studying and testing the various features of the facility’s information including the functionality of its website, its employees and managers . The report has various sections that provide in-depth analysis of the information system in the facility, the proposition of the policies and their anticipated effects. Overview of the company is a key section of the report that provides adequate information about the existing information system of the hospital, its information needs and the need for functional information policies to guide the utilization of the system. Subsequent sections of the report address related topical issues including the existing information policy in the facility and the subsequent issue specific policies proposed after the study. Overview of the chosen company New York Presbyterian Hospital just as the name suggests is a health facility and a university hospital.
Cite this document
(“Principles of Information Security Essay Example | Topics and Well Written Essays - 2250 words”, n.d.)
Retrieved from https://studentshare.net/social-science/841162-principles-of-information-security
(Principles of Information Security Essay Example | Topics and Well Written Essays - 2250 Words)
“Principles of Information Security Essay Example | Topics and Well Written Essays - 2250 Words”, n.d. https://studentshare.net/social-science/841162-principles-of-information-security.
Cited: 0 times
This paper “Principles of information security” analyzes the state of an information system in a company before proposing various issue-specific policies capable of enhancing the efficiency and effectiveness of the system. Information policies influence the nature of the information systems in a company…
The author states that the security department of AAN also carries out a comprehensive clearance of new staff. A special emphasis is made on that personnel who are posted on posts holding sensitive and secret data. In AAN, strategically it is incumbent upon all managers to arrange for information security awareness.
Thus, the development of an efficient information security policy is extremely necessary. In this regard, the information security management framework involves countrywide, worldwide, managerial, and worker values to perform information security management.
In this scenario, the technical potentials of the web based technology such as internet offer the facility for the information to be collected, shared, and dispersed, with relative easiness. In spite of the management lapse, customers are generally worried about the security of private information utilized by companies.
In this scenario, network security threat means that a competitor or a hacker can gain access to the sensitive or vital information, which can cause the entire business destruction or personal information related to a specific system or data loss. Additionally, appropriate network security can be ensured when a computer user has the knowledge of dealing with security attacks.
The protection of such information as bank account statements, credit card numbers, personal information, government documents, and trade secrets remain a critical part of information security. Confidentiality of information relates to safeguarding of information from disclosure to unauthorized parties (Feruza and Kim 2007, pp.19).
As such, organizations need to protect their confidential information from unauthorized people, within and outside the organization. Organizations usually place great accountability and trust in their security professionals to protect their confidential information.
The objective data demonstrates a couple of points quite clearly. First, as noted by Angus, the organizations that decide to implement the strictest types of security are often much less secure than companies with more balanced approaches to security; he refers to this as a U curve in which a certain level of complexity generates too many costs and complications (2005).
The author of the paper states that risk assessment is the combined process of risk analysis and risk evaluation. It is mentioned that traditionally there are three types of risk analysis techniques, among them: quantitative, qualitative and semi-quantitative. However, it should be noted that each method is good for some point and fails at some point.
ty and safety includes detection of any kind of intrusion and initiating appropriate actions to ward off and prevent harm or damage to the organization,
and identifying, addressing, and raising safety and security problems and concerns. This paper is written to assess the