{"id":"https://openalex.org/W2029681436","doi":"https://doi.org/10.1109/icitst.2009.5402504","title":"An approach for developing comparative security metrics for healthcare organizations","display_name":"An approach for developing comparative security metrics for healthcare organizations","publication_year":2009,"publication_date":"2009-11-01","ids":{"openalex":"https://openalex.org/W2029681436","doi":"https://doi.org/10.1109/icitst.2009.5402504","mag":"2029681436"},"language":"en","primary_location":{"id":"doi:10.1109/icitst.2009.5402504","is_oa":false,"landing_page_url":"https://doi.org/10.1109/icitst.2009.5402504","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2009 International Conference for Internet Technology and Secured Transactions, (ICITST)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5108442216","display_name":"Sultanah Abdullah Abdullah Jafari","orcid":null},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"S. Jafari","raw_affiliation_strings":["School of Computing, Dublin Institute of Technology, Ireland"],"affiliations":[{"raw_affiliation_string":"School of Computing, Dublin Institute of Technology, Ireland","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5063961853","display_name":"Fredrick Mtenzi","orcid":"https://orcid.org/0000-0003-3361-9056"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"F. Mtenzi","raw_affiliation_strings":["School of Computing, Dublin Institute of Technology, Ireland"],"affiliations":[{"raw_affiliation_string":"School of Computing, Dublin Institute of Technology, Ireland","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5110553603","display_name":"R. Fitzpatrick","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"R. Fitzpatrick","raw_affiliation_strings":["School of Computing, Dublin Institute of Technology, Ireland"],"affiliations":[{"raw_affiliation_string":"School of Computing, Dublin Institute of Technology, Ireland","institution_ids":[]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5107206538","display_name":"Brendan O\u2019Shea","orcid":"https://orcid.org/0000-0003-2788-3248"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"B. O'Shea","raw_affiliation_strings":["School of Computing, Dublin Institute of Technology, Ireland"],"affiliations":[{"raw_affiliation_string":"School of Computing, Dublin Institute of Technology, Ireland","institution_ids":[]}]}],"institutions":[],"countries_distinct_count":0,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5108442216"],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":2,"citation_normalized_percentile":{"value":0.12607413,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":94},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"6"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11572","display_name":"Information Technology Governance and Strategy","score":0.9793000221252441,"subfield":{"id":"https://openalex.org/subfields/1404","display_name":"Management Information Systems"},"field":{"id":"https://openalex.org/fields/14","display_name":"Business, Management and Accounting"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},{"id":"https://openalex.org/T11719","display_name":"Data Quality and Management","score":0.978600025177002,"subfield":{"id":"https://openalex.org/subfields/1803","display_name":"Management Science and Operations Research"},"field":{"id":"https://openalex.org/fields/18","display_name":"Decision Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/information-security-audit","display_name":"Information security audit","score":0.6871906518936157},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.5799046754837036},{"id":"https://openalex.org/keywords/health-care","display_name":"Health care","score":0.5606651902198792},{"id":"https://openalex.org/keywords/information-security-management","display_name":"Information security management","score":0.5437116026878357},{"id":"https://openalex.org/keywords/audit","display_name":"Audit","score":0.5368978977203369},{"id":"https://openalex.org/keywords/security-service","display_name":"Security service","score":0.47286319732666016},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.46440672874450684},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.4575596749782562},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.43824487924575806},{"id":"https://openalex.org/keywords/knowledge-management","display_name":"Knowledge management","score":0.4129638075828552},{"id":"https://openalex.org/keywords/security-information-and-event-management","display_name":"Security information and event management","score":0.41051995754241943},{"id":"https://openalex.org/keywords/process-management","display_name":"Process management","score":0.3833209276199341},{"id":"https://openalex.org/keywords/cloud-computing-security","display_name":"Cloud computing security","score":0.32857614755630493},{"id":"https://openalex.org/keywords/network-security-policy","display_name":"Network security policy","score":0.19348257780075073},{"id":"https://openalex.org/keywords/cloud-computing","display_name":"Cloud computing","score":0.13355067372322083},{"id":"https://openalex.org/keywords/accounting","display_name":"Accounting","score":0.11315861344337463}],"concepts":[{"id":"https://openalex.org/C39358052","wikidata":"https://www.wikidata.org/wiki/Q2578632","display_name":"Information security audit","level":5,"score":0.6871906518936157},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.5799046754837036},{"id":"https://openalex.org/C160735492","wikidata":"https://www.wikidata.org/wiki/Q31207","display_name":"Health care","level":2,"score":0.5606651902198792},{"id":"https://openalex.org/C148976360","wikidata":"https://www.wikidata.org/wiki/Q1662500","display_name":"Information security management","level":5,"score":0.5437116026878357},{"id":"https://openalex.org/C199521495","wikidata":"https://www.wikidata.org/wiki/Q181487","display_name":"Audit","level":2,"score":0.5368978977203369},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.47286319732666016},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.46440672874450684},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.4575596749782562},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.43824487924575806},{"id":"https://openalex.org/C56739046","wikidata":"https://www.wikidata.org/wiki/Q192060","display_name":"Knowledge management","level":1,"score":0.4129638075828552},{"id":"https://openalex.org/C103377522","wikidata":"https://www.wikidata.org/wiki/Q3493999","display_name":"Security information and event management","level":4,"score":0.41051995754241943},{"id":"https://openalex.org/C195094911","wikidata":"https://www.wikidata.org/wiki/Q14167904","display_name":"Process management","level":1,"score":0.3833209276199341},{"id":"https://openalex.org/C184842701","wikidata":"https://www.wikidata.org/wiki/Q370563","display_name":"Cloud computing security","level":3,"score":0.32857614755630493},{"id":"https://openalex.org/C117110713","wikidata":"https://www.wikidata.org/wiki/Q3394676","display_name":"Network security policy","level":4,"score":0.19348257780075073},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.13355067372322083},{"id":"https://openalex.org/C121955636","wikidata":"https://www.wikidata.org/wiki/Q4116214","display_name":"Accounting","level":1,"score":0.11315861344337463},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0},{"id":"https://openalex.org/C50522688","wikidata":"https://www.wikidata.org/wiki/Q189833","display_name":"Economic growth","level":1,"score":0.0},{"id":"https://openalex.org/C162324750","wikidata":"https://www.wikidata.org/wiki/Q8134","display_name":"Economics","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/icitst.2009.5402504","is_oa":false,"landing_page_url":"https://doi.org/10.1109/icitst.2009.5402504","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2009 International Conference for Internet Technology and Secured Transactions, (ICITST)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/17","display_name":"Partnerships for the goals","score":0.4399999976158142}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":13,"referenced_works":["https://openalex.org/W1494222766","https://openalex.org/W1559611566","https://openalex.org/W1566478231","https://openalex.org/W1983315518","https://openalex.org/W2028521236","https://openalex.org/W2031611173","https://openalex.org/W2044839138","https://openalex.org/W2067978381","https://openalex.org/W2098727156","https://openalex.org/W2102859083","https://openalex.org/W2110567534","https://openalex.org/W2129586531","https://openalex.org/W2142519001"],"related_works":["https://openalex.org/W2033357182","https://openalex.org/W2376792395","https://openalex.org/W604488521","https://openalex.org/W2065250680","https://openalex.org/W2394290376","https://openalex.org/W2380188265","https://openalex.org/W2370581992","https://openalex.org/W2336014427","https://openalex.org/W2105642970","https://openalex.org/W2092708554"],"abstract_inverted_index":{"Information":[0],"sharing":[1],"among":[2,74,161],"different":[3,58,87,162],"healthcare":[4,13,47,183],"organizations":[5],"is":[6,67],"critical":[7],"for":[8,171,178,187],"efficient":[9],"and":[10,35,38,94,105,107,138],"cost":[11],"effective":[12],"service":[14],"delivery.":[15],"Isolated":[16],"information":[17,25,42,133],"systems":[18,134],"need":[19],"to":[20,23,30,54,71,96,145,175,194,198],"be":[21,176,192],"interconnected":[22,75],"ensure":[24,199],"exchange.":[26],"Interconnectivity":[27],"increases":[28],"exposure":[29],"risk":[31],"of":[32,40,45,63,82,114,131,151,182],"damage,":[33],"loss":[34],"fraud.":[36],"Security":[37,77],"privacy":[39],"patients'":[41],"are":[43,79,142,157],"concerns":[44,50],"all":[46],"organizations.":[48,59,163,184],"These":[49,140],"hinder":[51],"the":[52,110,147],"willingness":[53],"share":[55],"data":[56],"across":[57],"An":[60],"objective":[61],"assessment":[62,119,130,155],"organizational":[64],"security":[65,112,118,125,149,173,180],"posture":[66,113,150,181],"required":[68],"in":[69,89],"order":[70],"build":[72],"trust":[73],"systems.":[76],"metrics":[78,174,186],"a":[80],"collection":[81],"several":[83],"measurements":[84],"taken":[85],"at":[86],"points":[88],"time,":[90],"compared":[91],"against":[92],"baselines":[93],"interpreted":[95],"reveal":[97,109,146],"an":[98,169],"understanding.":[99],"They":[100],"provide":[101],"insight,":[102],"improve":[103],"performance":[104],"accountability,":[106],"can":[108],"overall":[111,148],"organization.":[115,152],"The":[116,185],"current":[117],"practices":[120,141],"focus":[121],"either":[122],"on":[123],"measuring":[124],"programme":[126],"effectiveness,":[127],"auditing":[128],"or":[129],"individual":[132],"components":[135],"like":[136],"networks":[137],"software.":[139],"not":[143,158,191],"sufficient":[144],"Also,":[153],"their":[154],"results":[156],"meaningfully":[159],"comparable":[160,200],"In":[164],"this":[165,188],"paper":[166],"we":[167],"propose":[168],"approach":[170,189],"developing":[172],"used":[177],"assessing":[179],"shall":[190],"tailored":[193],"any":[195],"specific":[196],"organization":[197],"results.":[201]},"counts_by_year":[{"year":2017,"cited_by_count":1},{"year":2014,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}