Security Management Information System Research Paper

1680 Words7 Pages
CHAPTER ONE
INTRODUCTION
1.0 BACKGROUND OF STUDY

Computer systems have been used to run multiple applications and serve multiple users since its invention. They have mostly been used to host information for several users at different levels of an organization in recent times. Computer systems that are used for this purpose can be referred to as Information systems.
An information system is an electronic database designed to accept, store, process or analyze data and to deliver results, usually on a regular, ongoing basis. Information systems can be found in all kinds of organizations; Health, Business, Law Enforcement, etc, as information along with its various processes (storage, retrieval and storage) is needed to go about daily activities
…show more content…
This involves making information available when needed and to whom it is needed with no interference whatsoever.
Thus the need for a security model that handles these three concerns in information systems quite well is needed.
Many security models have been built to try to solve the issue of security in information systems. Although these models have worked fairly well, they have some strong points and weaknesses as well. Some of these models include Role Based Access Control Models (RBAC), Mandatory Access Control Models (MAC), Discretionary Access Control Model (DAC) etc and will be discussed in brief detail later in this documentation.
Much of the attention in the security arena has been devoted to developing sophisticated models (a good example is the Bell-LaPadula model) and mechanisms for confidentiality. Capabilities to provide confidentiality in information systems are considerably more advanced than those providing integrity. Therefore, recent efforts by National Institute of Science and Technology (NIST) are focused on the integrity
…show more content…
Hospitals and Law Enforcement).
Hence, the importance of securing information in an EMR system cannot be overemphasized as it deals more with human life than property. In this kind of system where information is not made available to just one organization, information should
- Not be let into the wrong hands (Confidentiality): Sensitive information possessed by the wrong people can do a lot of harm in an EMR system. Very personal information about patients in this system when let out and used for malicious purposes can cause a lot of havoc to the said patient.

- Not be tampered with in the course of its transfer (Integrity): In EMR systems, certain information are worked upon or updated by specific people in the management chain. Information wrongfully changed or updated has lost its integrity and is no good. Using of the said information can result in harm to the life of such patient. For example, a patient that needs blood transfusion will have his file go through a few people in the hospital. Editing the patient’s details and wrongfully changing his blood group can cause a lot of problems during the surgery. This can lead to loss of that patient’s

More about Security Management Information System Research Paper

Open Document