Site icon Eminence Papers

Information Systems and Identity Management

Information Systems and Identity Management

Summary

The use of Information Technology in healthcare has exposed patients’ information to cyber-attacks. For instance, CHI Health Orthopedics Clinic (Lakeside) reported over 48,000 incidences of health information breaches in a span of 24 months by 30th September 2019. The reported breaches were a result of Hacking and IT incidents. This calls for urgent intervention to ensure that patients’ data is secure, as such incidents have a tremendous impact on the privacy of the affected patients.

Data privacy and security Risks in Healthcare Industry

Below are the common threats that contribute to the vulnerability of the healthcare system to security breaches.

Employees of the healthcare facility may expose the health information system to risks. In some cases, malicious employees can steal credit card numbers of patients and use them to commit fraudulent purchases. Some also steal social security and demographic information and use it to commit a variety of crimes. Another risk facing the system is malware and phishing. Sophisticated malware can be planted into healthcare information systems to steal login credentials. The use of Unsecured Medical Devices also exposes the system to security threats. This exposes the systems to malware attacks and hacking because the facility does not control how healthcare workers use their devices. Improper Disposal of Old Hardware also exposes the healthcare system to attack. Hard drives used to access healthcare systems may contain credentials and network information even after being reformatted. Proper means of disposal must be adopted.

Solutions to the Security Risks Facing Healthcare Systems

Educating employees- This involves helping healthcare workers recognize the importance of cyber safety. The employees are taught about their roles in ensuring the safety of patients’ information.

Establishing security policies- This involves coming up with specific protocols that guide how the employees handle both physical and virtual healthcare facilities’ networks.

Enforce regular software updates- Outdated software becomes an access point exploited by cybercriminals when accessing the system. The facility must, therefore, force software updates on the devices that are used by employees in accessing the healthcare system.

How to handle a cyber-attack that has been identified

The procedures discussed above are aimed at ensuring that the risks are avoided. However, in case the system attack has been realized, the following steps should be taken to combat the situation.

Report the breach –If an employee realizes that the system has been attacked, they are expected to report the issue to the technical team for quick solutions.

Share security information-It is important for the technical team handling the healthcare system to encourage employees to share information about potential system attacks.

HIPAA

Healthcare facilities are expected to adhere to the Health Insurance Portability and Accountability Act (HIPAA). HIPAA is a federal policy that outlines the protection of healthcare information.

Findings

Just like other businesses, the healthcare industry is faced with the threat of data breaches and other information privacy concerns. Implementation of sophisticated networks in healthcare systems where a lot of information is shared has accelerated this issue. The employees using the information in the systems may expose it to vulnerabilities either intentionally or unknowingly. It is important to employ various security techniques, including technical and non-technical solutions, to protect the patient’s information. Healthcare facilities should hold the security of healthcare systems in very high regard because it could impact the privacy of the patients.   

ORDER A PLAGIARISM-FREE PAPER HERE

We’ll write everything from scratch

Question 


Information Systems and Identity mgt

Daily life requires us to have access to a lot of information, and information systems help us access that information. Desktop computers, laptops, and mobile devices keep us connected to the information we need through processes that work via hardware and software components. Information systems infrastructure makes this possible. However, our easy access to communication and information also creates security and privacy risks. Laws, regulations, policies, and guidelines exist to protect information and information owners. Cybersecurity ensures the confidentiality, integrity, and availability of the information. Identity management is a fundamental practice. Part of identity management is the governance of access, authorization, and authentication of users to information systems. Identity management is one part of a layered security defense strategy within the information systems infrastructure. Your work in this project will enable you to produce a technical report and nontechnical presentation that addresses these requirements. (use any major healthcare record bridge you can from this list to write this paper)

For Project 1, this list of healthcare organizations that have had breaches may be helpful. Organizations with 1M or more records stolen have a ton of information out there in the public realm.

https://ocrportal.hhs.gov/ocr/breach/breach_report.jsf

Exit mobile version