Search results

The growing frequency of cybersecurity incidents commonly requires organizations to notify customers of ongoing events. However, the content contained within these notifications varies widely, including differences in the level of detail, apportioning of blame, compensation and corrective action. This study seeks to identify patterns contained within cybersecurity incident notifications by constructing a typology of organizational responses.

Based on a detailed review of 1,073 global cybersecurity incidents occurring during 2020, the authors obtained and qualitatively analyzed 451 customer notifications.

The results reveal three distinct organizational response types associated with the level of detail contained within the notification (full transparency, guarded and opacity), as well as three response types associated with the benefitting party (customer interest, balanced interest and company interest).

This work extends past classifications of cybersecurity incident notifications and provides a template of possible notification approaches that could be adopted by organizations.

Research on accreditation has mostly focused on assessing its impact using large scale quantitative studies, yet little is known on how quality is improved in practice through an accreditation process. Using a case study of an acute teaching hospital in Portugal, the purpose of this paper is to explore the dynamics through which accreditation can lead to an improvement in the quality of healthcare services provided.

Data for the case study was collected through 46 in-depth semi-structured interviews with 49 clinical and non-clinical members of staff. Data were analyzed using a framework thematic analysis.

Interviewees felt that hospital accreditation contributed to the improvement of healthcare quality in general, and more specifically to patient safety, as it fostered staff reflection, a higher standardization of practices, and a greater focus on quality improvement. However, findings also suggest that the positive impact of accreditation resulted from the approach the hospital adopted in its implementation as well as the fact that several of the procedures and practices required by accreditation were already in place at the hospital, albeit often in an informal way.

The study was conducted in only one hospital. The design of an accreditation implementation plan tailored to the hospital’s context can significantly contribute to positive outcomes in terms of quality and patient safety improvements.

This study provides a better understanding of how accreditation can contribute to healthcare quality improvement. It offers important lessons on the factors and processes that potentiate quality improvements through accreditation.

The purpose of this paper is to examine security incident response practices of information technology (IT) security practitioners as a diagnostic work process, including the preparation phase, detection, and analysis of anomalies.

The data set consisted of 16 semi‐structured interviews with IT security practitioners from seven organizational types (e.g. academic, government, and private). The interviews were analyzed using qualitative description with constant comparison and inductive analysis of the data to analyze diagnostic work during security incident response.

The analysis shows that security incident response is a highly collaborative activity, which may involve practitioners developing their own tools to perform specific tasks. The results also show that diagnosis during incident response is complicated by practitioners' need to rely on tacit knowledge, as well as usability issues with security tools.

Owing to the nature of semi‐structured interviews, not all participants discussed security incident response at the same level of detail. More data are required to generalize and refine the findings.

The contribution of the work is twofold. First, using empirical data, the paper analyzes and describes the tasks, skills, strategies, and tools that security practitioners use to diagnose security incidents. The findings enhance the research community's understanding of the diagnostic work during security incident response. Second, the paper identifies opportunities for future research directions related to improving security tools.

The aim of this study is to develop and redesign the Mobile Panic Button UI (PB1) application as an emergency notification service, as well as conduct a simulation on the use of the new version of the application.

This study used the operational research design with a theoretical research framework that followed input, process and output. Primary data were collected through observation, measurement and interview while the secondary data were obtained from literature review. The first step of the analysis was input analysis that included problem identification on the existing Panic Button as input, or PB 1 in this study. This was followed by the analysis of the planned second version of the Panic Button (PB2) development, starting from problem identification to trial and error testing and evaluation of the results of the simulation of seven types of emergency events that involved users, emergency response officers and experts.

The study shows that the first version of PB1, developed in and used since 2017 at Universitas Indonesia, still had several weaknesses, particularly in its inability to provide adequate information. Only 30% of the standards for a mobile emergency application were met by PB1, which affected the performance of emergency responses. This was one of the reasons why the new version of Panic Button UI (PB2) was developed. The new features in PB2 comprise the inclusion of features for collecting information on user's name and mobile phone number, emergency category options, victim information, photo/voice information, description on the nature of the emergency (text), location selection, emergency notification delivery, notification delivery popup and emergency notification delivery to the emergency response team (ERT) officer. The time needed for using the second version of the Panic Button UI mobile application is 20 s faster than the previous one. PB2 can accelerate response time and response action time; improve response accuracy; facilitate the emergency notification process; and facilitate emergency communication.

Various notification alert systems have been developed in many countries. However, there is a lack of information in Indonesia, especially in educational setting. This study is the first study on a notification alert system application applied in the university. Emergency response is critical due to the big impact of disasters. This study will inform the stakeholders or users, particularly those in educational institution on how to implement mobile app–based emergency response notification systems.

Bill Freudenburg’s concept of recreancy is used as a frame for explaining processes that perpetuate questionable regimes of emergency response planning. The specific instance of tar sands upgrading in Alberta, Canada, is used as a case in point. When recreancy is institutionalized so that the results correlate across permitted hazardous facilities, it must be concluded that recreancy is less of a situational response than a normative dynamic.

The purpose of this paper is to investigate the way technology affects the provision of prehospital emergency care, upgrading the quality of services offered and significantly reducing the risk of premature termination of the patients.

The paper presents the development of the eEKAB, a pilot emergency medical information system that simulates the main services offered by the Greek National Instant Aid Centre (EKAB). The eEKAB was developed on an agile system methodology. From a technical perspective, the features and the technology were mainly chosen to provide reliable and user-friendly interfaces that will attract many users. eEKAB is based on three important pillars for offering health care to the patients: the “On-time Incident Reporting”, the “On-time Arrival at the Incident” and “Transfer to the Health Center”. According to the literature review, the emergency medical services (EMS) systems that combine all the features are very few.

It reduces the total time of the EMS procedures and it allows for an easier management of EMS, by providing a better allocation of human resources and a better geographical distribution of ambulances. The evaluation displayed that it is a very helpful application for the ambulance drivers as it reduces the ambulance response time to arrive in the patient's location and contributes significantly to the general performance of the prehospital medical care system. Also, the survey verified the importance of implementing eEKAB on a larger scale beyond the pilot usage. It is worth mentioning that the younger ambulance drivers had a more positive view for the purpose of the application.

The paper clearly identifies implications for further research. Regarding interoperability, the mobile app cooperates with the Operational Center of EKAB, while further collaboration could be achieved with other operational ambulance handling center, mainly, of the private sector. The system can evolve to include better communications among the EKAB departments. Particularly, the ambulance crew as well as the doctors should be informed with more incident features such as the emergency signal so that they know whether to open the siren, the patient's name, etc. The authors are currently working on implementing some features to provide effective medical health services to the patient in the ambulance.

eEKAB will have very significant implications in case of its enforcement, such as the reduction of the total time of EMS procedures with a corresponding reduction of the operating costs of an accident management system and an ambulance fleet handling system while in parallel informing in time the doctors/clinics. It will provide better distribution of ambulances as well as of total human resources. It will greatly assist ambulance drivers, while reducing ambulance response time to reach the patient's location. In other words, the authors will have a better performance of the whole prehospital care system.

Providing emergency care before the hospital is of great importance for upgrading the quality of health services provided at the accident site, thus significantly reducing the risk of premature death of patients. This in itself has a significant social implication.

The paper demonstrates a solid understanding in the field of the EMS systems and the corresponding medical services offered. It proposes the development of an effective, feasible and innovative EMS information system that will improve the existing emergency health care system in Greece (EKAB). An in depth literature review and presentation of the adopted new technologies and the respective architecture take place. An evaluation and statistical validation were conducted for proving the high applicability of eEKAB in case of real-life running.

There is a research gap in the explanation of cyber incident response approaches in management to increase cyber maturity for small–medium-size enterprises (SMEs). Therefore, based on the literature analysis, the chapter aims to (1) provide cyber incident response characteristics, (2) show the importance for SMEs, (3) identify cyber incident response feasibility and causal factors, (4) provide scenarios for consideration to create an incident response plan (IRP), and (5) discuss the cyber incident response and managerial approaches in SMEs. The authors used content analysis of scientific and professional articles to develop the theoretical foundation of incident response approaches in management for SMEs. The authors start from the fundamentals to obtain knowledge and understanding of the latest threats and opportunities, and how to defend themselves using the limited capacity of resources might be the starting point to building an extensive incident response capability. Incident response capabilities and maturity levels vary widely between various organisations. There is no simple one-size-fits-all process for incident response; each case is unique and requires continuous refinement. Differentiation and adaptation to different types of SMEs are pivotal to developing cyber maturity and defining requirements that fit the market’s needs and are therefore more efficient in achieving the goal of increasing cyber security (CS) among business management. SMEs may not have a mature IRP, but at least one readiness indicator could lead to the preparation of a mature IRP. Implementation of the secure undertakings and information processes requires using modern information and communication technologies, incident response processes, and other modules that could enhance support for decision-making processes in management. The approach requires a systematic approach to issues related to constructing these solutions. The authors highlight that building efficient incident response approaches in management to improve cyber maturity will begin with infrastructure and people factors.

The Nuclear Industry Road Emergency Response Plan is a mutual aid scheme involving the major companies in the nuclear industry. The arrangements were developed to provide a response in the event of an incident or accident involving the road transport of nuclear material by the participants in the scheme. The aim of the scheme is to achieve a rapid and effective response to any incident involving a radioactive package in transit by road.