Interpreting international governance standards for health IT use within general medical practice

Rachel Mahncke, Patricia Williams

    Research output: Chapter in Book/Report/Conference proceedingChapterpeer-review


    General practices in Australia recognise the importance of comprehensive protective security measures. Some elements of information security governance are incorporated into recommended standards, however the governance component of information security is still insufficiently addressed in practice. The International Organistion for Standardisation (ISO) released a new global standard in May 2013 entitled, ISO/IEC 27014:2013 Information technology-Security techniques-Governance of information security. This standard, applicable to organisations of all sizes, offers a framework against which to assess and implement the governance components of information security. The standard demonstrates the relationship between governance and the management of information security, provides strategic principles and processes, and forms the basis for establishing a positive information security culture. An analysis interpretation of this standard for use in Australian general practice was performed. This work is unique as such interpretation for the Australian healthcare environment has not been undertaken before. It demonstrates an application of the standard at a strategic level to inform existing development of an information security governance framework.

    Original languageEnglish
    Title of host publicationInvesting in E-Health: People, Knowledge and Technology for a Healthy Future
    Subtitle of host publicationPeople, Knowledge and Technology for a Healthy Future - Selected Papers from the 22nd Australian National Health Informatics Conference, HIC 2014
    EditorsLouise K. Schaper, Heather Grain, Fernando Martin-Sanchez
    PublisherIOS PRESS
    Number of pages6
    ISBN (Electronic)9781614994268
    ISBN (Print)9781614994268
    Publication statusPublished - 2014

    Publication series

    NameStudies in Health Technology and Informatics
    ISSN (Print)0926-9630
    ISSN (Electronic)1879-8365


    • capability maturity model
    • general practice
    • information security
    • Information security governance


    Dive into the research topics of 'Interpreting international governance standards for health IT use within general medical practice'. Together they form a unique fingerprint.

    Cite this