Security policy development for Healthcare Information Systems.

In this paper the issue of security policy development for health information systems is addressed. Security policy development involves the definition of the policy content, the analysis of the social, organisational, and technical contexts, as well as the organisation of the policy development process. We present the structure of security policies, analyse the characteristics of the HIS context, and analyse the different categories of methodologies, which can be used towards this end.