The ishtar guidelines for healthcare security

Health Informatics Journal

Volumn 4, Issue 3-4, 1998, Pages 179-183

  Furnell, S M ^a   Davey, J ^b   Gaunt, P N ^c   Louwerse, C P ^d   Mavroudakis, K ^e   Treacher, A H ^f  

^a UNIVERSITY OF PLYMOUTH   (United Kingdom)

^b HEIMDALL Ltd   (United Kingdom)

^c DERRIFORD HOSPITAL   (United Kingdom)

^d LEIDEN UNIVERSITY MEDICAL CENTER   (Netherlands)

^e UNIVERSITY OF THE AEGEAN   (Greece)

^f Burton upon Trent   (United Kingdom)

Author keywords

[No Author keywords available]

Indexed keywords

EID: 0343095163     PISSN: 14604582     EISSN: 17412811     Source Type: Journal    
DOI: 10.1177/146045829800400308     Document Type: Article

References (11)

1. European Union Directive 95/46/EC. On the protection of individuals with regard to the processing of personal data and on the free movement of such data. OJ L281/31-50, 24 October 1995.
2. Audit Commission. Ghost in the machine - an analysis of IT fraud and abuse. London: HMSO, 1998.
3. Fåk V, Hunstad A. Teaching security basics: The importance of when and how. In: Dougall E G (ed.) Computer Security. North-Holland: Elsevier Science, 1993.
4. Furnell S M, Gaunt P N, Holben R Fet al. Assessing staff attitudes towards information security in a European healthcare establishment. Medical Informatics 1996; 21 (2): 105-112.
5. The SEISMED Consortium. Data security for healthcare, Vols. 1-3. Studies in Health Technology and Informatics series, Vols. 31-33. Amsterdam: IOS Press, 1996.
6. CRAMM. The CRAMM User Guide, Issue 1.0 April 1996. CRAMM Software 3.0, The CRAMM Manager, PO Box 1028, London N1 1UX.
7. CEN. Medical Informatics - Security categorisation and protection for healthcare information systems, TC251 WG6 [PT012] prENV 12924, CEN, Brussels, June 1997.
8. IBAG. The IBAG Framework for Commercial IT Security, version 2. INFOSEC Business Advisory Group, European Commission INFOSEC Programme, September 1993.
9. British Standards Institute. Code of Practice for Information Security Management, BS7799. London: British Standards Institute, 1995.
10. Barber B and Davey J. Risk analysis in healthcare establishments. In: Barber B et al. (eds). Towards security in medical telematics. Amsterdam: IOS Press, 1995.
11. Davey J, King S. Guidelines on IT security risk analysis. In: The SEISMED Consortium (eds). Data security for healthcare, Vol. 2. Studies in Health Technology and Informatics, Vol. 32. Amsterdam: IOS Press, 1995.