Home > Articles

Viewing Security Management as a Business Practice, Part 1: Lessons Learned in a Medical Setting

  • Print
  • + Share This
Networked computers provide unprecedented access to information, but they also expose that information to a variety of new security threats, putting an organization's business objectives at risk. This case study illustrates how a mid-sized hospital managed its information-security risks.
Like this article? We recommend


Think about how much you rely on access to information and systems to do your job. Today, information systems are essential to most organizations, because virtually all information is captured, stored, and accessed in digital form. We rely on digital data to be accessible, dependable, and protected from misuse. Systems are interconnected in ways that were unimaginable 10 years ago. Networked systems have provided unprecedented access to information. Unfortunately, they've also exposed our information to a variety of new threats. These threats can affect your organization's ability to achieve its mission and meet its business objectives.

This three-part series looks at the link between information security and business issues by examining how two organizations managed their information-security risks. This article, Part 1 of the series, illustrates how a mid-sized hospital improved its security posture. Part 2 focuses on managing security risks in a small nonprofit organization. Finally, Part 3 of the series contrasts the paths that the two organizations took to improve their security postures and explores the relationship between security and business management.

  • + Share This
  • 🔖 Save To Your Account