Table of Contents Author Guidelines Submit a Manuscript
The Scientific World Journal
Volume 2014 (2014), Article ID 146970, 7 pages
Review Article

Proposal for a Security Management in Cloud Computing for Health Care

Persicon Corporation, Friedrichstraße 100, 10117 Berlin, Germany

Received 16 December 2013; Accepted 5 January 2014; Published 19 February 2014

Academic Editors: R. Colomo-Palacios, M. Niedermayer, and V. Stantchev

Copyright © 2014 Knut Haufe et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.


Cloud computing is actually one of the most popular themes of information systems research. Considering the nature of the processed information especially health care organizations need to assess and treat specific risks according to cloud computing in their information security management system. Therefore, in this paper we propose a framework that includes the most important security processes regarding cloud computing in the health care sector. Starting with a framework of general information security management processes derived from standards of the ISO 27000 family the most important information security processes for health care organizations using cloud computing will be identified considering the main risks regarding cloud computing and the type of information processed. The identified processes will help a health care organization using cloud computing to focus on the most important ISMS processes and establish and operate them at an appropriate level of maturity considering limited resources.