Balancing data protection and privacy – The case of information security sensor systems

2018 ◽  
Vol 34 (5) ◽  
pp. 1019-1038 ◽  
Author(s):  
Markus Naarttijärvi
Keyword(s):  
Information Security ◽  
Data Protection ◽  
Sensor Systems

scholarly journals Information security - its essence and threats

2018 ◽  
Vol 188 (2) ◽  
Author(s):  
Estera Pietras
Keyword(s):  
Information Security ◽  
Information Flow ◽  
Data Protection ◽  
Security Systems ◽  
Exchange Of Information ◽  
Starting Point ◽  
Effective System ◽  
Business Entities ◽  
Technical Solutions

Due to the exchange of information, organizations are encouraged to create an effective system of information flow that should be monitored on a regular basis in order to minimize the risk of emergence of threats. Due to modern technical solutions of security systems, it is much more possible and accessible than a few years ago. For this purpose, proper identification and classification of threats is necessary. This constitutes the starting point for considering the role and the essence of risk. The article highlights the aspects related to ensuring information security as a whole and data protection- the most important assets of business entities.

scholarly journals Factorial invariance of an information security culture assessment instrument for multinational organisations with operations across data protection jurisdictions

2015 ◽  
Vol 4 (4) ◽  
pp. 47-58 ◽  
Author(s):  
Nico Martins ◽  
Adéle da Veiga
Keyword(s):  
Information Security ◽  
Data Protection ◽  
Personal Information ◽  
Theoretical Perspective ◽  
Factorial Invariance ◽  
Assessment Instrument ◽  
Security And Privacy ◽  
Security Culture ◽  
The Uk ◽  
Information Security Culture

An information security culture is influenced by various factors, one being regulatory requirements. The United Kingdom (UK) has been regulated through the UK Data Protection Act since 1995, whereas South Africa (SA) only promulgated the Protection of Personal Information Act (PoPI) in 2013. Both laws stipulate requirements from an information security perspective with regard to the processing of personal information, however in the UK this has been regulated for a longer period. Consequently, it is to be expected that the information security culture for organisations in the UK will be significantly different from that of SA. This raises the question as to whether the same information security culture assessment (ISCA) instrument could be used in an organisation with offices in both jurisdictions, and whether it might be necessary to customise it according the particular country’s enforcement of information security and privacy-related conditions. This is reviewed, firstly from a theoretical perspective, and secondly a factorial invariance analysis was conducted in a multinational organisation with offices in both the UK and SA, using data from an ISCA questionnaire, to determine possible factorial invariances in terms of the ISCA.

Information security and data protection

2001 ◽  
Vol 14 (1/2/3) ◽  
pp. 1 ◽  
Author(s):  
Anique A. Qureshi ◽  
Joel G. Siegel
Keyword(s):  
Information Security ◽  
Data Protection

scholarly journals The Digital Universe

2020 ◽  
Vol 2 (3) ◽  
pp. 9
Author(s):  
Matt Zwolenski ◽  
Lee Weatherill
Keyword(s):  
Sensor Networks ◽  
Information Security ◽  
Internet Of Things ◽  
Data Protection ◽  
Business Models ◽  
Unstructured Data ◽  
The Internet ◽  
Next Generation ◽  
The Internet Of Things ◽  
The Way

The Digital Universe, which consists of all the data created by PC, Sensor Networks, GPS/WiFi Location, Web Metadata, Web-Sourced Biographical Data, Mobile, Smart-Connected Devices and Next-Generation Applications (to name but a few) is altering the way we consume and measure IT and disrupting proven business models. Unprecedented and exponential data growth is presenting businesses with new and unique opportunities and challenges. As the ‘Internet of Things’ (IoT) and Third Platform continue to grow, the analysis of structured and unstructured data will drive insights that change the way businesses operate, create distinctive value, and deliver services and applications to the consumer and to each other. As enterprises and IT grapple to take advantage of these trends in order to gain share and drive revenue, they must be mindful of the Information Security and Data Protection pitfalls that lay in wait ─ hurdles that have already tripped up market leaders and minnows alike.

scholarly journals Personal data protection as an element of management security of information

2019 ◽  
Vol 2 (1) ◽  
pp. 515-522
Author(s):  
Justyna Żywiołek
Keyword(s):  
Information Security ◽  
Data Protection ◽  
Security Management ◽  
Personal Data ◽  
Systemic Approach ◽  
Information Security Management ◽  
Personal Data Protection ◽  
Standards Of Conduct

Abstract The article highlights the importance of information and the need to manage its security. The importance of information requires a systemic approach, which is why the standards of conduct for managing information security have been approximated. The results of research on information security management in the field of personal data protection have been presented. The research was carried out on a sample of 110 enterprises. The survey was extended to include an analysis of one of the companies subject to the survey. In the following, the case study regarding the production enterprise was also presented.

scholarly journals Cyber Security and Habeas Data: The Latin American response to information security and data protection

OASIS ◽  
2016 ◽  
pp. 109 ◽  
Author(s):  
Luisa Parraguez Kobek ◽  
Erick Caldera
Keyword(s):  
Latin America ◽  
Information Security ◽  
Latin American ◽  
Data Protection ◽  
Cyber Security ◽  
The Individual ◽  
Latin American Countries ◽  
Financial Giving

Habeas Data is not a commonly known concept, yet it is widely acknowledged in certain circles that deal with information security and data protection. Though it has been around for decades, it has recently gained momentum in Latin America. It is the legal notion that protects any and all information pertaining to the individual, from personal to financial, giving them the power to decide how and where such data can be used. At the same time, most Latin American countries have created laws that protect individuals if their  information is misused. This article examines the concept of Habeas Data from its inception to its current applications, and explains the different approaches and legislations passed in Latin American countries on data protection due to the rise of global cybercrime.

QUANTITATIVE ASSESSMENT OF OPERATING CHARACTERISTICS OF PERSONAL DATA PROTECTION SYSTEMS IN MEDICAL INFORMATION SYSTEMS

2021 ◽  
pp. 92-102
Author(s):  
Владимир Павлович Гулов ◽  
Виктор Анатольевич Хвостов ◽  
Айжана Михайловна Каднова ◽  
Галина Владимировна Сыч
Keyword(s):  
Information Systems ◽  
Information Security ◽  
Data Protection ◽  
Medical Information ◽  
Personal Data ◽  
Security System ◽  
Medical Information Systems ◽  
Personal Data Protection ◽  
Operational Characteristics ◽  
Protection Systems

На основе анализа практических аспектов защиты персональных данных при автоматизированной обработке в организациях здравоохранения определен круг проблем, касающихся потребительского качества систем защиты информации. Одной из главных проблем защиты персональных данных в медицинских информационных системах является обеспечение своевременной настройки систем защиты информации администратором в соответствии с установленной политикой в организации. При этом ключевой проблемой является формирование условий работы администратора обеспечивающих стопроцентную гарантию реакции администратора на поступление заявок по настройке систем защиты информации, управлению пользователями, правами доступа, парированию угроз различной природы. В условиях отсутствия в настоящее время методических подходов к оценке временных (вероятностных) параметров деятельности администратора безопасности медицинских информационных систем, известных как операционные характеристики систем защиты информации, обеспечить стопроцентное соответствие настроек систем защиты информации текущей политике проблематично. В статье предложен вероятностный показатель для оценки операционных характеристик систем защиты информации. Разработана методика его оценки на основе эксперимента по фиксации движения курсора мыши при выполнении основных действий администратором и распределения его внимания (тепловой карты) по элементам интерфейса системы защиты информации. Представлены результаты оценок операционных характеристик системы защиты информации «Страж NT 3.0», выполненные с использованием предложенной экспериментальной методики Based on the analysis of the practical aspects of personal data protection (PD) during automated processing in healthcare organizations, a range of problems related to the consumer quality of information protection systems (ISS) has been identified. One of the main problems of PD protection in medical information systems (MIS) is to ensure the timely configuration of the information security system by the administrator in accordance with the established policy in the organization. At the same time, the key problem is the formation of the administrator's working conditions that provide one hundred percent guarantee of the administrator's reaction to the receipt of requests for setting up the information security system, managing users, access rights, and countering threats of various nature. In the absence of methodological approaches to assessing the temporal (probabilistic) parameters of the MIS security administrator's activities, known as the operational characteristics of the ISS, it is problematic to ensure that the ISS settings are 100% consistent with the current policy. The article proposes a probabilistic indicator for assessing the operational characteristics of the information security system. A methodology for its assessment was developed on the basis of an experiment on fixing the movement of the mouse cursor when performing basic actions by the administrator and distributing his attention (heat map) among the elements of the information security interface. The results of evaluations of the operational characteristics of the SZI "Ctrazh NT 3.0" carried out using the proposed experimental method are presented

Privacy and security disclosures on telecardiology Web sites

First Monday ◽  
2006 ◽  
Author(s):  
Lynsey Dubbeld
Keyword(s):  
Information Security ◽  
Future Development ◽  
Data Protection ◽  
Web Sites ◽  
Exploratory Study ◽  
Online Privacy ◽  
Privacy And Security ◽  
Internet Privacy ◽  
Privacy Risks ◽  
Privacy Notices

This article discusses telemedicine providers’ online privacy and security disclosures. It presents the results of an exploratory study of a number of telecardiology companies’ Web sites, providing insight in some of the current strategies towards data protection and information security in the international telemedicine market. The paper concludes that the online privacy notices in our sample are far from being standardized and complete. In view of privacy risks, as well as the transitory stage of the telemedicine sector, the underdeveloped state of online privacy notifications is disappointing — and a missed chance for those who are interested in the successful future development of Internet privacy and telemedicine–based healthcare.

Sign in / Sign up

Export Citation Format

Share Document