In 2014, we launched our open-access repository which offers full text access to conference proceedings from many of our events including the INC and HAISA series. These papers are free to access and distribute (subject to citing the source).
» Openaccess proceedings » South African Information Security Multi-Conference (SAISMC 2010)
South African Information Security Multi-Conference (SAISMC 2010) |
Title: Information Security Management Systems in the Healthcare Context
Author(s): Sinovuyo Tyali, Dalenca Pottas
Reference: pp177-187
Keywords: Information Security Management, Information Security Management Systems, Health Information Security
Abstract: The ISO/IEC 27799 standard for information security management in health was released in 2008. The standard contains a substantial section (Section 6) covering information security management systems in the healthcare context. This raises the question whether the ISO/IEC 27799 purports a difference between the generic standard for information security management systems (as embodied in the ISO/IEC 27001) and what is contained in Section 6 of the ISO/IEC 27799 standard. The aim of this paper is to determine whether this is the case, based on a comparative analysis that was conducted between the ISO/IEC 27001 and ISO/IEC 27799 standards. The results of the comparison are summarized and the additional directives provided by the ISO/IEC 27799, categorized to explain their purpose.
Download count: 5679
How to get this paper:
PDF copy of this paper is free to download. You may distribute this copy providing you cite this page as the source.