The perception of the importance of information security controls in Brazilian public hospitals
DOI:
https://doi.org/10.3395/reciis.v7i2.454Keywords:
Information Technology, Health Informatics, Information Security, Hospital management, Public sector.Abstract
Public hospitals must adopt information security for their activities because they are dependent on the information technology (IT) infrastructure and must protect information due to legal regulations and the importance of such information. This is necessary because public hospitals manage sensitive information, which is important for their operation, and patient privacy should be ensured. The NBR ISO/IEC 27002:2005 standard proposes 133 controls to protect information for different organizations; but we must identify the controls that are important for public hospital activities and information. This study was aimed at discerning the perceived importance of information security controls for public hospital managers as well as IT and information security professionals given such institutions’ activities.Downloads
How to Cite
Issue
Section
License
Author’s rights: The author retains unrestricted rights over his work.
Rights to reuse: Reciis adopts the Creative Commons License, CC BY-NC non-commercial attribution according to the Policy on Open Access to Knowledge by Oswaldo Cruz Foundation. With this license, access, download, copy, print, share, reuse, and distribution of articles is allowed, provided that it is for non-commercial use and with source citation, granting proper authorship credits and reference to Reciis. In such cases, no permission is required from the authors or editors.
Rights of authors’s deposit / self-archiving: The authors are encouraged to deposit the published version, along with the link of their article in Reciis, in institutional repositories.