| 1. |
- Hartikainen, Heidi
(författare)
-
Information security in hierarchical and ad-hoc emergency organizations : differences in communication challenges and training needs
- 2012
-
Ingår i: Norsk konferanse for organisasjoners bruk av informasjonsteknologi. - Trondheim : Tapir Akademisk Forlag. - 9788232101856 - 9788232101856 ; , s. 105-118
-
Konferensbidrag (refereegranskat)abstract
- In their work emergency actors need to be able to adapt to two kinds of different organizations: a) hierarchical organizations, where they reside in their own groups doing routine tasks, and b) ad-hoc organizations formed in emergencies where they have to work together with people from other organizations. This paper presents a case study done in the emergency organizations of one municipality in Finland, discussing the information security of both hierarchical and ad-hoc organizations including for example the communication challenges they face and their training level and needs. The main finding of this paper is something that is little, if at all, discussed in emergency response literature, that emergency actors value different aspects of information security depending on the on whether they work in hierarchical or ad-hoc organizations. When working in hierarchy the most important thing is confidentiality; keeping sensitive information safeguarded. But when responding to emergency the most important things are information availability and integrity; the right information must reach the right person at the right time.The findings also show that the current basic training of emergency actors and the training and guidelines of each organization largely concentrate on confidentiality issues. The tools and communications training that would be needed to ensure information availability and integrity in an adhoc organization is not prioritized. This is a problem concerning that most communication challenges present in emergency communications can be seen to arise in situations when emergency actors are working in ad-hoc organizations.To take into account the dual nature of emergency response work and the needs that it poses for training those responsible for information security training in emergency organizations must therefore improve their training to provide both up to date information security training and awareness building, but also tools and communications training that supports inter-organizational communication.
|
|
| 2. |
- Harnesk, Dan, et al.
(författare)
-
Multi-layers of information security in emergency response
- 2011
-
Ingår i: International Journal of Information Systems for Crisis Response and Management. - : IGI Global. - 1937-9390 .- 1937-9420. ; 3:2, s. 1-17
-
Tidskriftsartikel (refereegranskat)abstract
- This paper draws on the socio-technical research tradition in information systems to re-conceptualize the information security in emergency response. A conceptual basis encompassing the three layers—technical, cognitive, and organizational—is developed by synthesizing Actor Network Theory and Theory of Organizational Routines. This paper makes the assumption that the emergency response context is built on the relationship between association and connectivity, which continuously shapes the emergency action network and its routines. Empirically, the analysis is based on a single case study conducted across three emergency departments. The data thus collected on information security, emergency department routines, and emergency actions is used to theorize specifically on the association/connectivity relationship. The resultant findings point to the fact that information security layers have a meaning in emergency response that is different from mainstream definitions of information security.
|
|
| 3. |
- Hartikainen, Heidi
(författare)
-
Secure emergency communications of emergency responders : a case study of Kemi municipality in Finland
- 2013
-
Licentiatavhandling (övrigt vetenskapligt/konstnärligt)abstract
- Emergency response is highly time-critical and information dependent: every moment counts and organizations need to access various information that supports their decision making and informs them about the scale and location of the emergency, the damages, and the availability of human and physical resources. This kind information can originate from many different places and the situation can be stressful as there is a need to communicate quickly, reliably and accurately within their own organization, but also inter-organizationally. ICTs make it possible to access and spread information with speed and efficiency, but other factors, such as different professional cultures, can still hinder information sharing. There is a growing need in emergency organizations to develop understanding for how communications between emergency responders can be secured. It seems important to consider how emergency responders respond to security objectives, since the assumptions for secure communications may not only be developed on the premise of ICT, but also how the emergency actors appreciate the emergency environments in terms of secure communications.The aim of this research is to develop understanding of information security and secure communications in a context where it has not been well researched. The research looks at secure emergency communications from a socio-technical viewpoint and concentrates on the communication inside and between the emergency organizations of police, the paramedics, and the rescue department in the municipality of Kemi, and more specifically on the communications of operative emergency actors while they are working in the preparedness and response phases of emergency management. Two persons from each organization were interviewed using semi-structured interviews, and the empirical data was used for writing the appended papers that are the basis of this thesis work.The research started by doing an extensive literature review and analysis on the field of secure emergency communications. The results show that while technical developments on the field aim at effective and secure technologies, organizational aspects of emergency communications seem to involve not only emergency actors, but also how these actors more and more utilize information technology. The landscape for emergency management is becoming very diverse, which challenges the way that secure emergency communications can be understood. The developers of future emergency communications structures not only need to ensure the technical aspects of confidentiality, availability and integrity of information, but they also need to take into account the social rules, norms and structures that guide the emergency communication. Next, this research sought out to re-conceptualize the role of information security in emergency response. A conceptual basis encompassing technical, cognitive and organizational information security layers as a relationship between association and connectivity was developed by synthesizing Actor Network Theory and Theory of Organizational Routines. The approach of combining two theoretical accounts details the enactment of information security in emergency response so as to understand how cognition ties technical security features with organizational security issues. Without the cognitive layer, the technical and organizational aspects of information security remain static or disconnected to the actions performed during emergency response. Theoretically the approach contributes constructively to describe an alternative approach to information security research to address the gap between formal and informal criteria of information security.Lastly, the research sought out to explore the current situation of the case organizations in detail concerning their level of information security, communication challenges faced, and training offered. It was learned that different aspects of information security are valued depending on whether emergency responders work in preparation periods or if they are responding to an emergency: 1) When working in their own respective organizations the most important aspect was information confidentiality 2) When responding to emergency the most important aspects were information availability and integrity. Most communication challenges present in emergency communications can be seen to arise when responding to emergencies. This is not something currently being taken into account in the case organizations. The basic training of emergency actors and the training and guidelines of each organization largely concentrate on confidentiality issues, and tools and communications training that would be needed to ensure information availability and integrity when responding to an emergency is not prioritized. To overcome the communication challenges present in emergency communications and to ensure confidentiality, availability and integrity of emergency information, those responsible for information security in emergency organizations must therefore provide up to date information security training and awareness building, but also tools and communications training that supports inter-organizational communication.
|
|
| 4. |
- Hartikainen, Heidi, et al.
(författare)
-
A review of secure emergency communications : technical and organisational aspects
- 2009
-
Ingår i: Proceedings of the 32nd Information Systems Research Seminar in Scandinavia, IRIS 32, Inclusive Design. - 9788279621201
-
Konferensbidrag (refereegranskat)abstract
- In organizations responsible for emergency management there is a growing need to develop deep understanding for how communications between emergency actors can be secured and improved. In this paper we examine the current body of knowledge in the field of secure emergency communications in order understand the role of information security in the emergency context? Our study shows that while technical developments aim at effective and secure technologies, organizational aspects of emergency communications seem to involve not only emergency management actors, but also how these actors more and more utilize information technology for emergency management. Hence, the scene or landscape for emergency management is becoming more complex, which indeed challenge the way that secure emergency communications can be understood. We apply Giddens' structuration theory as a vehicle to understand the technological and organizational dimensions of emergency management. Our main conclusion is that there is a need for better theoretical integration between technology use and organizational systems in emergency management.
|
|
