Abstract
The chapter first gives an overview of health information systems (HIS) and highlights the role that HIS plays in delivering healthcare services. It underscores that HIS are prone to many security threats and the need for adequate security measures as directed by legislation. The text reviews many vital information security standards in the healthcare industry, such as COBIT, ISO/IEC 27001, and HITRUST CSF. It clearly explains necessary regulations and the implementation challenges that organizations face. The chapter further reviews the IT governance frameworks, COBIT and ITIL, emphasizing their role in aligning IT spending with strategic goals. This chapter deepens the understanding of information security governance within healthcare by integrating best practices in the industry with international standards. It presents pragmatic and practical information for healthcare IT professionals to make their organizations more secure and protect their patients and their patients' data in the increasingly digital healthcare environment while simultaneously complying with more regulations.
Reference45 articles.
1. Al Omari, L., Barnes, P. H., & Pitman, G. (2012). An exploratory study into audit challenges in IT governance : a Delphi approach. Symposium on IT Governance, Management and Audit. https://eprints.qut.edu.au/53110/
2. ISO/IEC 15504 measurement applied to COBIT process maturity
3. Operational IT Failures, IT Value Destruction, and Board-Level IT Governance Changes
4. BodeauD.GraubartR. (2013). Cyber resiliency and nist special publication 800-53 rev. 4 controls. MITRE, Technical Rep.
5. Framing the Frameworks: A Review of IT Governance Research