Check assumptions and requirements for the implementation of Information Security Management System hospital in Tabriz
DOI:
https://doi.org/10.24200/jmas.vol4iss01pp60-71Abstract
the purpose of this study was to investigate and analyze the assumptions and requirements for the implementation of Information Security Management System (ISMS). Methodology: To check assumptions security management system implementation is the population of Tabriz hospitals. Because information security, is considered most hospitals cooperate and only 8 hospitals of Tabriz, as the population of the study. Review the requirements and assumptions are based on the standard ISO / IEC 27001, ISO / IEC 27002 test target setting and ISO 27001 standard questionnaire containing 33 questions in 11 control is used. To analyze the data descriptive and inferential statistical methods were used that implementation of information security management system was confirmed. As well as to identify factors affecting the implementation of information security management system and factor analysis, structural equation model was used PLS smart software that based on its findings indirectly relates to impact the four dimensions of implementation effectiveness of the system. The study findings were presented. Results: Using the software, smart-PLS and using structural equation modeling confirmatory factor analysis was performed to measure the test of convergent validity, divergent validity, reliability Security and reliability of observable variables and quality test and measurement model of the 101 comments experts, all the prerequisites and requirements, including information security policy, the organization of information security, asset management, human resources in terms of security, physical and environmental security, communications and operations management, access control, use, development and maintenance, incident management information security, business continuity management and compliance with laws Brpyadh at 99 per cent is forecast in Tabriz hospitals are effective information security management system. Conclusion: According to prioritize the factors affecting Brpyadh information security management system, operating (after) the most monitors and agents (after) the supply and implementation of information security management system Brpyadh least affected are in Tabriz hospitals.References
Araby, S., & Nabiallah Dehgan, M. 2011. Research Methods in SterategicManagement Research Center twentieth, 60: 23-46.
Bazarghan, A. 2008. Behavioural science research methods. Tehran: Agah publisher, 1: 1-14.
Dehghan-Nayei, N., & Aghajani, M. 2010. Patients' Privacy and Satisfaction in the Emergency Department: A Descriptive Analytical Study. Nurse Ethics. 17 (2): 167-77.
Karami, M. 2013. Patients' rights guidelines for electronic information security environment. Medical ethics, History of medical journal, 5 (17): 37-62.
Kazemi, M. 2014. Survey and assess the implementation of information security management Tabriz mayor, M.D of managemet excutive, Faculty of Humanities. Islamic azad university.benab unit.
Kuzu, N., Ergin, A., & Zencir, M. 2006. Patient’s awareness of their rights in Developing country. Public Health. 120 (4): 290-6.
Leino-Kilpi, H., & Kuttu, K. 1995. Patients' Rights in Hospitals: An Emperical Investigation in Finland. Nurse Ethics. 2 (2): 103-13.
Merakou, K., Dalla-Vorgia, P., Garanis-Papadatos, T., & Kourea, K. 2001. Satisfying Patient’s Rights: A Hospital Patients survey. Nursing Ethics. 8 (6): 499-509.
Mallik, M. 1997. Advocacy in Nursing: A Review of Literature. Journal of Advanced Nursing. 25 (1): 130-8.
Moghaddasi, H., & Ayani, S. 2013. Data security of health information systems. Protective Research -security: University of Imam Hussein, 3: 14-29.
Woogara, J. 2005. Patient’s Rights to Privacy and Dignity in the NHS Nurse stand, 19 (18): 33-7.
Zulfikar, F., & Ulsoy, M. 2001. Are Patients Aware of Their Rights? A Turkish Study. Nursing Ethics, 8 (6): 487-97.
