Critical Success Factors for the Implementation of a Security Policy in Health Clinics

Information systems security (ISS) is crucial in all and each of the services provided by organizations. Among the security measures, policies assume a central role in literature. However, there is a reduced number of empirical studies about the implementation of ISS policies and which are the critical success factors for its implementation. This paper contributes to mitigate this flaw by presenting the results of a survey in the adoption of ISS policies in health clinics. While all organizations have their own ISS requirements, the health sector is recognized to offer one the most interesting cases for the thematic study of ISS in particular and information technology and information systems in general. The results are discussed in literature and future works are identified with the aim of enabling the implementation of ISS policies.