Publicación: Aplicación de controles del estándar ISO 27001:2013 para el mejoramiento de las políticas de seguridad de la información en la clínica magia y esperanza.
Portada
Citas bibliográficas
Código QR
Director
Autor corporativo
Recolector de datos
Otros/Desconocido
Director audiovisual
Editor/Compilador
Filiación Institucional
Tipo de Material
Fecha
Cita bibliográfica
Título de serie/ reporte/ volumen/ colección
Es Parte de
Resumen
The Magia y Esperanza Clinic considers it necessary to evaluate their current conditions in information security policies, this because they are aware that they do not have an IT department, which is the agency that is responsible for these tasks. This raises concern, taking into account that the trade name of the Magic and Hope Clinic corresponds to the health sector. It is vitally important that the protection of all sensitive information handled internally, from basic personal data to diagnoses and medical records, can be guaranteed and ensured. The fact that there is no IT department is a clear sign that the processes stipulated in the Data Protection Law are not properly managed, which is supported by Decree 1377 of 2013 and states: That in order to facilitate the implementation and compliance of Law 1581 of 2012, aspects related to the authorization of the Information Holder for the Treatment of their personal data, the Treatment policies of the Responsible and Managers, the exercise of the Rights of Information Holders, transfers of personal data and demonstrated responsibility for the Processing of personal data, the latter issue referring to accountability. (MinTIC, 2013) That said, the Magia y Esperanza Clinic must endeavor to keep up with the legal requirements and standards of operation at the technological and systems level. As a result of this, he has started a call process with which they seek professional help in order to know in detail their current situation and carry out the necessary corrections.