Adapting STPA-sec for Socio-technical Cyber Security Challenges in Emerging Nations: A Case Study in Risk Management for Rwandan Health Care

2020 ◽  
Author(s):  
Joseph Kaberuka ◽  
Christopher Johnson
Keyword(s):  
Health Care ◽  
Risk Management ◽  
Cyber Security ◽  
Emerging Nations ◽  
Security Challenges

Risk Management in a Pandemic Crisis at a Global Non Profit Health Care Organization

2012 ◽  
Vol 1 (4) ◽  
pp. 1-17
Author(s):  
Drew Sugaretty
Keyword(s):  
Health Care ◽  
Risk Management ◽  
Best Practice ◽  
Health Care Organization ◽  
Care Organization ◽  
Practice Model ◽  
Non Profit ◽  
Global Pandemic ◽  
Management Processes

This paper categorizes the risks experienced and voiced by subject matter experts at a pandemic crises event which unfortunately claimed almost 800 lives before it could be controlled. The project was a case study design using multiple methods. Qualitative data was collected by interviewing 22 front-line multicultural crisis practitioners. The unit of analysis was the constructed meaning of the uncertainty and risk management processes experienced by the participants, while they were attempting to control the global pandemic crisis associated with the Severe Acute Respiratory Syndrome outbreak during 2003. Several guiding constructs were researched from the literature review. NVIVO was used to analyze the interview transcripts to build a thematic model of constructed meanings. The result was a best-practice model constructed by the practitioners which they felt improved risk control during a significant global pandemic crisis event considering the lead mitigation agency was a nonprofit health care organization.

Risk Management in a Pandemic Crisis at a Global Non Profit Health Care Organization

2013 ◽  
pp. 1253-1270
Author(s):  
Drew Sugaretty
Keyword(s):  
Health Care ◽  
Risk Management ◽  
Best Practice ◽  
Health Care Organization ◽  
Care Organization ◽  
Subject Matter Experts ◽  
Non Profit ◽  
Global Pandemic ◽  
Management Processes

This article categorizes the risks experienced and voiced by subject matter experts at a pandemic crises event which unfortunately claimed almost 800 lives before it could be controlled. The project was a case study design using multiple methods. Qualitative data was collected by interviewing 22 front-line multicultural crisis practitioners. The unit of analysis was the constructed meaning of the uncertainty and risk management processes experienced by the participants, while they were attempting to control the global pandemic crisis associated with the Severe Acute Respiratory Syndrome outbreak during 2003. Several guiding constructs were researched from the literature review. NVIVO was used to analyze the interview transcripts to build a thematic model of constructed meanings. The result was a best-practice model constructed by the practitioners which they felt improved risk control during a significant global pandemic crisis event considering the lead mitigation agency was a nonprofit health care organization.

Towards a maturity model for health-care cloud security (M2HCS)

2019 ◽  
Vol 28 (3) ◽  
pp. 321-345 ◽  
Author(s):  
Opeoluwa Ore Akinsanya ◽  
Maria Papadaki ◽  
Lingfen Sun
Keyword(s):  
Health Care ◽  
Cloud Computing ◽  
Cyber Security ◽  
Evaluation Method ◽  
Cloud Security ◽  
Future Research ◽  
Maturity Model ◽  
Maturity Models ◽  
Content Type

Purpose The purpose of this paper is to propose a novel maturity model for health-care cloud security (M2HCS), which focuses on assessing cyber security in cloud-based health-care environments by incorporating the sub-domains of health-care cyber security practices and introducing health-care-specific cyber security metrics. This study aims to expand the domain of health-care cyber security maturity model by including cloud-specific aspects than is usually seen in the literature. Design/methodology/approach The intended use of the proposed model was demonstrated using the evaluation method – “construct validity test” as the paper’s aim was to assess the final model and the output of the valuation. The study involved a literature-based case study of a national health-care foundation trust with an overall view because the model is assessed for the entire organisation. The data were complemented by examination of hospitals’ cyber security internal processes through web-accessible documents, and identified relevant literature. Findings The paper provides awareness about how organisational-related challenges have been identified as a main inhibiting factor for the adoption of cloud computing in health care. Regardless of the remunerations of cloud computing, its security maturity and levels of adoption varies, especially in health care. Maturity models provide a structure towards improving an organisation’s capabilities. It suggests that although several cyber security maturity models and standards resolving specific threats exist, there is a lack of maturity models for cloud-based health-care security. Research limitations/implications Due to the selected research method, the research results may lack generalizability. Therefore, future research studies can investigate the propositions further. Another is that the current thresholds were determined empirically, although it worked for the case study assessment. However, to establish more realistic threshold levels, there is a need for more validation of the model using more case studies. Practical implications The paper includes maturity model for the assessment management and improvement of the security posture of a health-care organisation actively using cloud. For executives, it provides a detailed security assessment of the eHealth cloud to aid in decision making. For security experts, its quantitative metrics support proactive and reactive processes. Originality/value The paper fulfils a recognised requirement for security maturity model focussed on health-care cloud. It could be extended to resolve evolving cyber settings.

scholarly journals Public-private partnership in health care organizations. How to cope with complexity issues: a comparative case-study between Italy and the US

2021 ◽  
Vol ahead-of-print (ahead-of-print) ◽  
Author(s):  
Lorenzo Pratici ◽  
Phillip McMinn Singer
Keyword(s):  
Health Care ◽  
Risk Management ◽  
Performance Measurement ◽  
Health Care Systems ◽  
Comparative Case Study ◽  
Case Study Approach ◽  
Content Type ◽  
Study Approach ◽  
The Usa

Purpose Health-care systems around the globe share several pressing challenges – including increasing costs and patient outcomes. Innovative arrangements, such as public–private partnerships (PPP) can be adopted to help address these challenges. Although the promise of PPPs is great, so are its peril if the arrangements are not managed and regulated adequately through the contracting process. Yet, PPP arrangements can introduce their own unique set of problems. This paper aims to analyze how PPPs contracting accounts for three major problems identified reviewing the: performance measurement and audit; determination of compensation and risk management–related issues. Design/methodology/approach The authors used a case study approach to analyze contracting among health-care PPPs in two countries: Italy and the USA. With a structured review performed on Scopus database using a keywords Boolean research, the authors identified three recurring major issues to investigate in two selected cases, one per country. For each major issue, the authors defined several sub-issues retrieved from a widely used institutional framework. In each sub-issue, a documental analysis on all published information related to the signed contract has been performed identifying the approaches used by the two organizations. Findings The authors find that PPP contracting in the USA case seems to be oriented more toward managing institutional change as well as more flexibility in the deductibility and compensation determination for organizations and providers, suggesting this organization is more oriented to change in general. The authors find that PPP contracting in Italy more clearly delineate the allocation of risk between organizations that engage in PPPs, suggesting a more practical approach. Practical implications PPP is complex. Contracting helps manage the complexity of these arrangements. This case study approach to PPP contracting highlights the variation in contracting approaches across two different countries. Policymakers and health-care managers need to ensure that PPP contracting clearly delineates auditing and performance measurement, compensation and risk management. Originality/value The authors’ analysis sheds light on the different approaches to arranging health-care PPPs in two different country settings. More research should be done to connect these different approaches to important outcomes, such as patient and organizational finances, as well as expanding the scope of countries adopting PPP in health care.

Improvements in Web Based ERP Software Architecture as Implemented on the Cloud

2017 ◽  
Vol 7 (11) ◽  
pp. 22
Author(s):  
Shruti Makarand Kanade
Keyword(s):  
Health Care ◽  
Information Technology ◽  
Cloud Computing ◽  
Software Architecture ◽  
Enterprise Resource Planning ◽  
Resource Planning ◽  
Web Based ◽  
Manufacturing Company ◽  
Erp Software

 Cloud computing is the buzz word in today’s Information Technology. It can be used in various fields like banking, health care and education. Some of its major advantages that is pay-per-use and scaling, can be profitably implemented in development of Enterprise Resource Planning or ERP. There are various challenges in implementing an ERP on the cloud. In this paper, we discuss some of them like ERP software architecture by considering a case study of a manufacturing company.

Sign in / Sign up

Export Citation Format

Share Document