Security Management: An Information Systems Setting

  • M. J. Warren
  • L. M. Batten
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2384)


Information Systems have been used for many years to analyze problems and compare options in a managed environment. The introduction of computer and information security systems into such an environment is a typical example of a situation to which an Information Systems approach can be applied. In this paper, we examine the issues peculiar to implementation of security in a healthcare environment, looking specifically at one such specially designed system, SIM-ETHICS, which takes a participational approach.


Access Control Security Management Security Feature Healthcare Environment Access Control System 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Warren, M.J. and Hutchinson.: W. A Security Method for Healthcare Organisations, 8th IFIP Annual Working Conference on Information Security Management, pp 157–167, Las Vegas, USA, September (2001).Google Scholar
  2. 2.
    Avison, D.E. & Fitzgerald, G.: Information Systems Development: Methodologies, Techniques and Tools. McGraw-Hill, UK (1995).Google Scholar
  3. 3.
    Flynn, D.: Information Systems Requirements: Determination and Analysis. McGraw-Hill, UK (1998).Google Scholar
  4. 4.
    Flynn D. and Jazi M. D.: Constructing user requirements: a social process for a social context. Information Systems Journal, Vo: 8, No1 53–83. Blackwell Science, UK (1998).Google Scholar
  5. 5.
    Leitch S., Hutchinson W. and Warren M.J: Healthcare IT Security: Can the European Union experiences assist Australia, ACIS (Australasian Conference on Information Systems) 00, pp 101–107, Brisbane, Australia, December (2000).Google Scholar
  6. 6.
    Mumford, E.: Computers, Planning and Personnel Management, Institute of Personnel Management, UK (1969).Google Scholar
  7. 7.
    Mumford, E.: Values, Technology and Work. Martinus Nijhoff Publishers, The Netherlands, (1981).Google Scholar
  8. 8.
    Mumford, E.: Designing Participatively, Technical Report, Manchester Business School, UK (1983).Google Scholar
  9. 9.
    Mumford, E.: Designing Human Systems, Technical Report, Manchester Business School, Manchester, UK (1983).Google Scholar
  10. 10.
    Warren, M.J. and Warren S.: The Role of Participation in Systems, International Conference on Systems Thinking in Management, (Incorporating the First Australasian Conference on System Dynamics and Sixth Australia and New Zealand Systems Conference), pp638–642, Geelong, Australia, November, (2000).Google Scholar
  11. 11.
    Mumford, E.: Designing Human Systems For Health Care, The ETHICS Method, 4C Corporation, Netherlands, (1993).Google Scholar
  12. 12.
    Mumford, E.: Effective Requirement Analysis and Systems Design: The Ethics Method, Macmillan, UK (1995).Google Scholar
  13. 13.
    Furnell, S.M. Warren M.J and Evans M.P.: The ISHTAR World Wide Web Dissemination and Advisory Service for Healthcare Information Security, Published in “Implementing Secure Healthcare Telematics Applications in Europe”, pp 249–289, IOS Press, The Netherlands, ISBN 90-5199-489-3, (2001).Google Scholar
  14. 14.
    Mumford, E. and Henshall, D.: A participative approach to computer systems design, Associated Business Press, UK (1979).Google Scholar
  15. 15.
    Mumford, E. and MacDonald, W.: XSEL’S Progress: The Continuing Journey of an Expert System, John Wiley & Sons Ltd, UK (1989).Google Scholar
  16. 16.
    Mumford, E and Ward, T.B.: Computers: Planning for People, Batsford Limited, UK (1968).Google Scholar
  17. 17.
    Furnell S.M, Gritzalis D., Katsikas S., Mavroudakis K., Sanders P. and Warren M.J.: Methods of responding to healthcare security incidents, CD Proceedings, Medinfo 98, Seoul, South Korea, August (1998).Google Scholar
  18. 18.
    Nurminen, N.: People of Computers: Three ways of Looking at Information Systems, Chartwell-Bratt, Sweden (1988).Google Scholar
  19. 19.
    Schneier, B.: Secrets and Lies, Wiley Computer Publishing (2000).Google Scholar
  20. 20.
    Warren, M.J.: A Practical Soft System Management Approach to Implementing Security, Deakin University Technical Report CC99/05, Deakin University, Australia. (1999).Google Scholar
  21. 21.
    Warren, M.J.: A Risk Analysis Model to reduce computer security risks among healthcare organisations, Risk Management: An International Journal, Perpetuity Press, Vol 3: No 1, pp 27–37, UK. (2000).CrossRefGoogle Scholar
  22. 22.
    Warren, M.J. Sanders, P.W & Gaunt, P.N.: Participational Management and the Implementation of Multimedia Systems, In Proceedings MEDIACOMM 95-International Conference on Multimedia Communications, Southampton, pp 131–155, UK (1995).Google Scholar
  23. 23.
    Warren, M.J., Warren, S. and Love, P.E.D: Using Participation Effectively to Implement and Evaluate Information Security within an Organisation, In Proceedings of Americas Conference on Information Systems 2000 (AMCIS 2000). pp 310–316, Long Beach, California, USA, (2000).Google Scholar
  24. 24.
    Zuboff, S.: In the Age of the Smart Machine, Basic Books, New York, USA (1988).Google Scholar
  25. 25.
    New South Wales Government (NSW). Report of the NSW Health Council — A Better Health System for NSW, ISBN 0-7347-3138-8, Australia. (2000).Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2002

Authors and Affiliations

  • M. J. Warren
    • 1
    • 3
  • L. M. Batten
    • 2
    • 3
  1. 1.Waurn PondsGeelong
  2. 2.Burwood
  3. 3.School of Computing & MathematicsDeakin UniversityAustralia

Personalised recommendations