Information Risk Management in the NHS (London)

785 Words3 Pages
Recording and handling of information is a crucial part of any organisation. Wyatt (1995) defines information as, “organised data or knowledge that provides a basis for decision making”. The health care sector usually involves recording and maintaining patient information (medical history, personal information, etc.) to provide patient with proper healthcare advice and treatment. Risk management is a vital part that includes identification, assessment, and finding solutions for handling any risk. Whereas Information Risk Management involves handling risk related to the recoding, maintaining, securing information’s important for any organisation, project or person. There are plenty of systems that allow appropriate management of information, such as Information technology (IT) systems, electronic recoding, and manual recording. Lemieux (2004) believes there are two approaches that can be taken to manage the information risks that is either event based or requirements based. The event based approach is planning on the bases of events such as theft of computers, loss of information due to breakdown of computers or information systems (Lemieux, 2004). Whereas the requirement based approach is to record and maintain the information in according to the standards laid down by the organisation to avoid risk (Lemieux, 2004). Various types of sources to record information is database, audit data, paper notes, etc. Database is described by Connolly and Begg (2001) as “database is a
Get Access