Help or hindrance: The practicality of applying security standards in healthcare.

Research output: Contribution to conferencePaperpeer-review

1 Citation (Scopus)


The protection of patient information is now more important as a national e-health system approaches reality in Australia. The major challenge for health care providers is to understand the importance information security whilst also incorporating effective protection into established workflow and daily activity. Why then, when it is difficult for IT and security professionals to navigate through and apply the myriad of information security standards, do we expect small enterprises such as primary health care providers to also be able to do this. This is an onerous and impractical task without significant assistance. In the development of the new Computer and Information Security Standards (CISS) for Australian General Practice, a consistent and iterative process for the interpretation and application of international standards was used. This involved both the interpretation of the standards and the application of knowledge to create a practical but acceptable level of security for the primary healthcare environment. From a security perspective such practical application of standards poses the dichotomous challenge (and criticism) of how much security is sufficient versus how much can the primary healthcare environment manage. This paper describes the path of development from standards to implementation using the CISS as an example. It is concluded that more practical assistance is required by the security profession to support the national e-health initiative if Australia is to provide a safe and secure healthcare environment.

Original languageEnglish
Number of pages7
Publication statusPublished - 1 Dec 2011
Externally publishedYes
EventProceedings of the 9th Australian Information Security Management Conference -
Duration: 5 Dec 2011 → …


ConferenceProceedings of the 9th Australian Information Security Management Conference
Period5/12/11 → …


  • Healthcare security
  • Information security
  • Medical
  • Standards


Dive into the research topics of 'Help or hindrance: The practicality of applying security standards in healthcare.'. Together they form a unique fingerprint.

Cite this