Software risk management
Model-Based Risk Assessment to Improve Enterprise Security
EDOC '02 Proceedings of the 6th International Enterprise Distributed Object Computing Conference
Value-Based Processes for COTS-Based Applications
IEEE Software
| Hi-index | 0.00 |
Information security and privacy are the major concerns in healthcare domain. However, there lacks a comprehensive framework for evaluating the security engineering practices for healthcare systems. Current transition from institution-centered to patient-centered healthcare introduces additional security and privacy problems. With the intensive human (especially the patient) interaction involved in the patient-centered health care systems, information security and privacy can be assured not only by technologies and infrastructure but also by process. This paper develops a mapping from SSE-CMM process areas to the patient-centered healthcare domain aiming at establishing a set of metrics to assess security risks for patient-centered healthcare systems. Based on the mapping, a security risk assessment process is then proposed to evaluate the PHR system (a typical patient-centered healthcare system).