Information Security Maturity Model for Healthcare Organizations in the United States
为美国医疗机构开发了一个信息安全成熟度模型,包含具体绩效指标和相对重要性度量,帮助机构聚焦资源应对最重要的安全威胁,可用于内部评估、同行比较或长期监控。
Thisarticle provides a maturity model for information security for healthcare organizations in the United States. Healthcare organizations are faced with increasing threats to the security of their information systems. The maturity model identifies specific performance metrics, with relative importance measures, that can be used to enhance information security at healthcare organizations allowing them to focus scarce resources on mitigating the most important information securitythreat vectors. This generalizable, hierarchical decision model uses both qualitative and quantitative metrics based on objective goals. This model may be used as a baseline by which to measure individual organizational performance, to measure performance against other organizations, or to monitor changes in the information security environment over time.