Security Criteria Expert System Concept: The Healthcare Application |
In many Health Care Establishments (HCEs) there is an increasing dependency upon computer systems and the data contained within these systems. The importance of this data dictates that computer systems have to be properly protected. Within the NHS there is generally a low understanding of computer security and the problems of implementing security.
Warren MJ, Sanders P, Gaunt PN
This paper describes a methodology that can be used for the process of implementing security and determining the problems that could occur during the implementation stage. This is the first step within the UK towards developing a complete approach that can be used for change control management regarding security.
The paper describes how the methodology will be developed as an expert system and used in conjunction with a newly developed risk analysis methodology.
The work contained in the paper was developed as part of the European Union SEISMED (Secure Environment for Information Systems in MEDicine) research project, the aim of which is to provide recommendations and guidelines for European HCEs