Litcius/Paper detail

Information Security Maturity Model for Healthcare Organizations in the United States

Bridget Barnes, Tuğrul Daim

2022IEEE Transactions on Engineering Management19 citationsDOIOpen Access PDF

Abstract

Thisarticle provides a maturity model for information security for healthcare organizations in the United States. Healthcare organizations are faced with increasing threats to the security of their information systems. The maturity model identifies specific performance metrics, with relative importance measures, that can be used to enhance information security at healthcare organizations allowing them to focus scarce resources on mitigating the most important information securitythreat vectors. This generalizable, hierarchical decision model uses both qualitative and quantitative metrics based on objective goals. This model may be used as a baseline by which to measure individual organizational performance, to measure performance against other organizations, or to monitor changes in the information security environment over time.

Topics & Concepts

Maturity (psychological)Information securityCapability Maturity ModelHealth careInformation security managementMeasure (data warehouse)BusinessInformation security auditKnowledge managementInformation security standardsBaseline (sea)Computer scienceComputer securitySecurity information and event managementCloud computing securitySecurity serviceNetwork security policyData miningGeologyEconomic growthEconomicsCloud computingOceanographyPsychologyProgramming languageOperating systemDevelopmental psychologySoftwareInformation and Cyber SecurityInformation Technology Governance and Strategy
Information Security Maturity Model for Healthcare Organizations in the United States | Litcius