Understanding the issues related to the use of information

Slides:

Advertisements

Similar presentations

NIGB NATIONAL INFORMATION GOVERNANCE BOARD Harry Cayton, Chair, National Information Governance Board.

Advertisements

Unit 4- Assignment 3 P5, P6, M2 BTEC Business Level 3.

Service Design – Section 4.5 Service Continuity Management.

IAEA International Atomic Energy Agency Responsibility for Radiation Safety Day 8 – Lecture 4.

Information Security Policies and Standards

ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.

Computer Security: Principles and Practice

Factors to be taken into account when designing ICT Security Policies

Disaster Recovery Policy & Procedures An Overview for Staff Prepared by MSM Compliance Services Pty Ltd.

Network security policy: best practices

Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.

Incident Response Updated 03/20/2015

Higher Administration

Security Awareness Norfolk State University Policies.

Overview of Systems Audit

David N. Wozei Systems Administrator, IT Auditor.

How Hospitals Protect Your Health Information. Your Health Information Privacy Rights You can ask to see or get a copy of your medical record and other.

Unit 13: IT Trouble Shooting and Repair Philomena Dillon ©1 Aims: Evaluate Acts and Regulations that impact the workplace and your role as an IT Technician.

Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.

Data Integrity Lesson 12. Skills Matrix Maintaining Data Integrity Maintaining data integrity is your most important responsibility. –Performing backups.

A Level ICT Unit Implementing CBIS’s. Support Installing a new system is disruptive and the support program will need to be planned well in advance.

Unit 6b System Security Procedures and Standards Component 8 Installation and Maintenance of Health IT Systems This material was developed by Duke University,

Prime Responsibility for Radiation Safety

1 Copyright © 2004, Oracle. All rights reserved. Introduction.

13.6 Legal Aspects Corporate IT Security Policy. Objectives Understand the need for a corporate information technology security policy and its role within.

LeToia Crozier, Esq., CHC Vice President, Compliance & Regulatory Affairs Corey Wilson Director of Technical Services & Security Officer Interactive Think.

Appendix C: Designing an Operations Framework to Manage Security.

The Culture of Healthcare Privacy, Confidentiality, and Security Lecture d This material (Comp2_Unit9d) was developed by Oregon Health and Science University,

Chapter 2 Securing Network Server and User Workstations.

Module 3: Planning Administrative Access. Overview Determining the Appropriate Administrative Model Designing Administrative Group Strategies Planning.

Roles and Responsibilities Explain the roles and responsibilities for health and safety of key personnel in selected workplace.

EU The Health and Safety (Display Screen Equipment) Regulations 1992.

? Moral principles of right and wrong Used by individuals/organisations To guide behaviour.

Objectives  Legislation:  Understand that implementation of legislation will impact on procedures within an organisation.  Describe.

HIPAA Compliance Case Study: Establishing and Implementing a Program to Audit HIPAA Compliance Drew Hunt Network Security Analyst Valley Medical Center.

ICT Legislation  Copyright, Designs and Patents Act (1988);  Computer Misuse Act (1990);  Health and Safety at Work Act (1974);  EU Health and Safety.

Operational Issues. Operational Changes It is important to organisations to ensure that they abide by the Law when caring for the safety of their employees,

Learning Intention Security of Information. Why protect files? To prevent unauthorised access to confidential information To prevent virus/corruption.

Adding value through health and safety. Introduction to Portakabin Part of the Shepherd Group - a family company with family values Cares for employees;

Contingency Management Indiana University of Pennsylvania John P. Draganosky.

Information Security in Laurier Grant Li Wilfrid Laurier University.

Welcome to the ICT Department Unit 3_5 Security Policies.

ANS File Security Chapter # 29 ( Prepared by : Mazhar Javed ) 1 Data Security “Protection against loss, corruption of, or unauthorized access of data”

Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 17 – IT Security.

Section 4 Policies and legislation AQA ICT A2 Level © Nelson Thornes Section 4: Policies and Legislation Legislation – practical implications.

Schools as Organisations

Explaining strategies to ensure compliance with workplace legislation

Making the Connection ISO Master Class An Overview.

Health & Safety at Work Act 1974

Outsourcing Policy & Procedures

Server Upgrade HA/DR Integration

B1 & B2 Training methods Describe how you prepare for exercise?

Administrative Practices Outcome 1

Disaster Recovery Policy & Procedures

Impact of ICT on Health & Safety

LAND RECORDS INFORMATION SYSTEMS DIVISION

Health & Safety ICT & the law

Unit 7 – Organisational Systems Security

GENERAL DATA PROTECTION REGULATION (GDPR)

CompTIA Security+ Study Guide (SY0-501)

Legal and Ethical Issues

Disaster Recovery Plan

UNIT R001: Understanding Computer Systems

IS4680 Security Auditing for Compliance

The environmental issues in ICT

Unit 3 Information Systems

12 STEPS TO A GDPR AWARE NETWORK

LO2 - Be Able to Design IT Systems to Meet Business Needs

Drew Hunt Network Security Analyst Valley Medical Center

Impact of ICT on Health & Safety

Presentation transcript:

Understanding the issues related to the use of information Operational Issues

Learning Outcomes LO1: Describe the operational issue of security of information. LO2: Describe health and safety issues and create a poster

Security of Information Security means the data is safe from unauthorised or unexpected access, alteration and disruption (what legal frameworks does this relate to?) Management should dictate who can view and update information: This could be: -everyone in the organisation -Those on authorised lists -more controlled access following complex rules, with logging of access to data. IT department is usually responsible for advising and implementing rules

Backups Organisations need to safeguard against physical data loss or processing problems Should be backed up regularly Could be full or partial backups of information which has changed IT departments should practise data recovery and restores

Task Describe the operational issue of security of information -How management of the system impacts security -What is a backup and why do it? -What legal framework fits with the security of information?

Health and Safety Regulations for using, and the position of screens and monitors Keyboards, mice, chairs and tables must be positioned appropriately Computer users are entitled to eye tests Computer users should take regular breaks

Task Create a poster that notes all the health and safety factors an organisation should abide by. You should conduct further research to create this poster.

Plenary Share you posters with a partner and peer assess their work

Lesson 4

Organisation Policies Organisations can have policies related to the use of information systems Examples: -keeping information confidential -correcting data that is incorect

Business continuance plan (BCP) Plan in case any major part of an IT system fails IT department should have procedures in case of a failure so that they can at least provide a limited service Example: dual network with alternate terminals connected to each network. If one network fails, half the terminals will still work Organisations need to plan their BCP (eg having additional servers)

Costs Important to manage the costs of IT projects The total benefits of a project should exceed the total costs Tow areas to consider regarding costs for business case: -additional resources required: new computer equipment and installation, user testing and training, additional IT resources to run the systems -Cost of development: cost of getting/developing the new system, costs of future developments of the system