Difference between revisions of "Security Standards"
| Line 3: | Line 3: | ||
1. A statement of the extent of evaluation necessary before a particular security feature can be considered for security certification as trusted. | 1. A statement of the extent of evaluation necessary before a particular security feature can be considered for security certification as trusted. | ||
| − | 2. A set of security features to be provided by a system before it can be deemed to be suitable for use in a particular security processing mode, or in accordance with a generalized security policy. | + | 2. A set of security features to be provided by a system before it can be deemed to be suitable for use in a particular security processing mode, or in accordance with a generalized security policy.<ref name="encyclopedia def "> JOHN DAINTITH. "security standard." A Dictionary of Computing. 2004. Retrieved November 25, 2015 from Encyclopedia.com: http://www.encyclopedia.com/doc/1O11-securitystandard.html |
| − | + | ||
| − | <ref name="encyclopedia def "> JOHN DAINTITH. "security standard." A Dictionary of Computing. 2004. Retrieved November 25, 2015 from Encyclopedia.com: http://www.encyclopedia.com/doc/1O11-securitystandard.html | + | |
</ref> | </ref> | ||
| − | |||
| − | |||
Information security management standards are among the most widely used methods of security management. These standards are essential in any successful information security management activities. It is important to note these standards have a limitation. They focus on ensuring that certain information security processes or activities exist, but not on how these security processes can be accomplished in practice. <ref name=" Siponen 2006 "> Siponen, M. (2006). Information security standards focus on the existence of process, not its content. H.W. Wilson - Applied Science & Technology Abstracts. | Information security management standards are among the most widely used methods of security management. These standards are essential in any successful information security management activities. It is important to note these standards have a limitation. They focus on ensuring that certain information security processes or activities exist, but not on how these security processes can be accomplished in practice. <ref name=" Siponen 2006 "> Siponen, M. (2006). Information security standards focus on the existence of process, not its content. H.W. Wilson - Applied Science & Technology Abstracts. | ||
</ref> | </ref> | ||
| − | |||
The HIPAA Security Standards require physicians to protect the security of patients' electronic medical information through the use of procedures and mechanisms that protect the confidentiality, integrity, and availability of information. As of 2005, physicians must have in place administrative, physical, and technical safeguards that will protect electronic health information that the physician collects, maintains, uses, and transmits. <ref name=" HIPPA "> American Medical Association. Security Standards and Risk Analysis. Retrieved from http://www.ama-assn.org/ama/pub/physician-resources/solutions-managing-your-practice/coding-billing-insurance/hipaahealth-insurance-portability-accountability-act/security-standards.page? | The HIPAA Security Standards require physicians to protect the security of patients' electronic medical information through the use of procedures and mechanisms that protect the confidentiality, integrity, and availability of information. As of 2005, physicians must have in place administrative, physical, and technical safeguards that will protect electronic health information that the physician collects, maintains, uses, and transmits. <ref name=" HIPPA "> American Medical Association. Security Standards and Risk Analysis. Retrieved from http://www.ama-assn.org/ama/pub/physician-resources/solutions-managing-your-practice/coding-billing-insurance/hipaahealth-insurance-portability-accountability-act/security-standards.page? | ||
</ref> | </ref> | ||
| − | |||
== References == | == References == | ||
Revision as of 02:15, 26 November 2015
Security standard has two meanings: 1. A statement of the extent of evaluation necessary before a particular security feature can be considered for security certification as trusted.
2. A set of security features to be provided by a system before it can be deemed to be suitable for use in a particular security processing mode, or in accordance with a generalized security policy.[1]
Information security management standards are among the most widely used methods of security management. These standards are essential in any successful information security management activities. It is important to note these standards have a limitation. They focus on ensuring that certain information security processes or activities exist, but not on how these security processes can be accomplished in practice. [2]
The HIPAA Security Standards require physicians to protect the security of patients' electronic medical information through the use of procedures and mechanisms that protect the confidentiality, integrity, and availability of information. As of 2005, physicians must have in place administrative, physical, and technical safeguards that will protect electronic health information that the physician collects, maintains, uses, and transmits. [3]
References
- ↑ JOHN DAINTITH. "security standard." A Dictionary of Computing. 2004. Retrieved November 25, 2015 from Encyclopedia.com: http://www.encyclopedia.com/doc/1O11-securitystandard.html
- ↑ Siponen, M. (2006). Information security standards focus on the existence of process, not its content. H.W. Wilson - Applied Science & Technology Abstracts.
- ↑ American Medical Association. Security Standards and Risk Analysis. Retrieved from http://www.ama-assn.org/ama/pub/physician-resources/solutions-managing-your-practice/coding-billing-insurance/hipaahealth-insurance-portability-accountability-act/security-standards.page?
