Information technology has become increasingly necessary for competition in the 21st century. The medical industry has taken on a more comprehensive approach by creating and adopting different types of electronic medical records (EMR). Laws and regulations, such as the Health Insurance Portability and Accountability Act (HIPAA) or the Meaningful…

The intent of the security standards adopted by the Department of Health and Human Services (DHS) implementing some of the requirements of the Administrative Simplification (AS) subtitle of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) was to improve Federal and private health care programs and to improve the…

Agile project management is most often examined in relation to software development, while information security frameworks are often examined with respect to certain risk management capabilities rather than in terms of successful implementation approaches. This dissertation extended the study of both Agile project management and information…

Current scholarly understanding of information security regulation in the United States is limited. Several competing mechanisms exist, many of which are untested in the courts and before state regulators, and new mechanisms are being proposed on a regular basis. Perhaps of even greater concern, the pace at which technology and threats change far…

Current research in health care lacks a systematic investigation to identify and classify various sources of threats to information privacy when sharing health data. Identifying and classifying such threats would enable the development of effective information security risk monitoring and management policies. In this research I put the first step…