Instructions: the following are questions and answers relating to role of network security in healthcare centers
Q1. What are the major data security issues found in the healthcare sector?
- the doctors, nurses and the patients are in use of mobile phones so as to access many health programs and procedures which have become more available to phones. While accessing these services, they pose a serious healthcare data threat as the cyber security hackers may access unsecured mobile devices.
- -several hospitals have fallen victim of a data security known as Ransom ware where a software blocks access to a computer and prevents the provider from accessing their important data. This makes it hard for a healthcare to give crucial services to their patients (Abraham, Chatterjee, & Sims, 2019).
- -there is a threat of lack of education to healthcare data security amongst individuals within the health sector. When the staffs don’t have quality skills on the procedures and steps to protect the data it will be exposed to risk. Every practice should have a set security procedure in place accompanied by in-depth training on how to handle it using the technology based optimized protection.
- The threat of poor software security measures has also encountered our system exposing them to risks of cyber attackers and hackers. The vendors should implement others measures such as password protection, automatic log-off and even restricted access control apart from the measures of data encryption and automatic back up (Sayer, Bullb, & Elliott, 2018).
Q2. Why is network security important in the healthcare sector?
- It is important for the healthcare sector to protect the information of their patients since the hackers can access the information and leak it to the black market which can be further used for Medicare fraud and other financial gains.
- It is important to have network security so as to keep the patients information confidential. This is because when information is leaked the cost of law proceedings could spell might end the healthcare entity (Manogaran, Thota, Lopez, & Sundarasekar, 2017).
- The internet computer system has helped the healthcare to share information easily with their colleagues, patients, different departments and other authorities without fear since there is network security and the information is confidential.
- Network security has saved the healthcare sector millions of dollars with the invention of cloud-based and internet computer system technology. This has been brought up by the changes in technology and enabling the doctors to be more competent thereby dealing with more patience in an eight hour shift.
- Network security has enabled healthcare professionals to work efficiently since the world’s population is increasing rapidly and the patients’ information needs to be stored under safety measures. This is why healthcare sector have adopted the use of cloud-based and internet computer system technology to secure the database from cyber attackers and hackers (Hockey, 2020).
Q3. What are the challenges faced by the healthcare sector due to data theft?
- Health information exchanges and electronic health records; Health Information Technology and Clinical Health(HITECH) encourages healthcare providers to adopt electronic health records(EHRs) for patients and health information exchange(HIEs) to help doctors share patient data. A network that stores large quantities of medical data shared between multiple providers creates a tempting opportunity for data thieves.
- Users error in technology adoption; Once data is stored in an unencrypted folders in the cloud or sent via email one, paves a simple pathway for hacker to access your most personal data. Make sure you are following healthcare data security best practices (Choi, Capitan, Krause, & Streeper, 2016).
- Hackers and the rise of “hacktivism”; Nothing is sacred in the realm of data theft as shown in the Community Health System. Hackers from internet vigilante can hack and access data of a large number of people from either the largest healthcare center of even a small hospital. This shows how vulnerable healthcare data security can be, to a group of determined hackers.
- The adoption of cloud and mobile technology in healthcare; Healthcare mobile apps are also a growing industry leaving patient data prone to the vulnerabilities of the cloud and individual mobile devices. Hospitals must be vigilant with their security and Bring Your Own Device (BYOD) policies to ensure their use of cloud and mobile tech.
- Outdated technology in hospitals; End-of-life (EOL) software and infrastructure provides healthcare data security risk as vendors discontinue support for your information technology systems including vital security patches (Kwon & Johnson, 2013).
Q4. Is there any legal framework that could help to deal with network security issues in the healthcare sector?
-The security framework consists of
- The core-enable the communication of cyber-security risks across an organization
- Implementation tiers- help to find the right level of thoroughness for a security program
- Profiles- align industry standards and best practices, support prioritization and measurement (Pace, Aloi, Gravina, Caliciuri, Fortino, & Liotta, 2018).
HOW TO IMPLEMENT A CFS FRAMEWORK
Step 1; Outlining the Priorities
Everything starts with defining the goals and priorities of the healthcare organization as well as analyzing current threats and impacts.
Step 2; Defining risk management approaches
The organization should outline what tools, technologies and sensitive data they have and use. Then they estimate the overall risk approach and figure out the weak points of the current company’s tools, means and system. Finally the company chooses the appropriate regulatory- security standards, means and methods and so on.
Step 3; Estimating the risks
The level of risk for the current information system is evaluated and analyzes the likely security breaches which may happen and what they can trigger. The company also scrutinizes the emerging risks, threats and vulnerabilities for better understanding of outcomes of the security events.
Step 4; Creating a risk management profile
It is better to evaluate the risks from the functional areas and across the organization independently. Hospitals make a thorough risk assessment and define their current state
Step 5; Making an action plan
When the organization have evaluated the risks and their consequences they can start comparing their genuine scores with the desired ones. Then they can find out what they should do to fill the gap between current and target scores.
Step 6; Implementing the action plan;
At this point the company should have ;
– a clear picture of cyber security issues they may face
– available defensive means
-target goals
-gap analysis
-list of actions to take
Having all the details in hand they can start implanting the security framework they have selected.
The healthcare institutions need not only to adopt but also organize and monitor metrics to make sure the cyber security framework works as expected. It is an ongoing process that results in getting the maximum profit and further customization of the adopted framework (Joyia, Liaqat, & Rehman, 2017).
Q5. What are the possible ways to mitigate network security issues in the healthcare sector?
- Imposing education and training to clinical staffs- today’s attackers and hackers have learned to exploit the human factor and to make matters worse it is reported that 1 in 4 healthcare workers do not receive cyber security training. Educating all staff on the value of security in a clinical setting is critical. Attitudes of clinicians have inverted when it comes to embracing new technology and security.
- Make the effort to secure all medical devices- there is no doubt that medical device security is a priority for healthcare organizations. When the devices are accessed and the information is leaked no compromise because it will be a matter of life and death. The greatest security problems associated with these devices go beyond unchanged passwords and outdated software. To combat these issues and enhance device security, it is advisable that the information technology teams focus on three starting with visibility. The IT team needs an intelligent, automatic toll that tells them how many devices are on their networks. Once the team gains this understanding they should actively monitor the medical devices onto their own networks (Zhang & Liu, 2010).
- Assessment of the cyber security network- this can identify problems and network visibility to aid in effectively planning and prioritizing security strategies going forward.
References
Abraham, C., Chatterjee, D., & Sims, R. (2019). Muddling through cybersecurity: Insights from the US healthcare industry. Business horizons, 539-548.
Choi, Y. B., Capitan, K. E., Krause, J. S., & Streeper, M. (2016). Challenges associated with privacy in health care industry: implementation of HIPAA and the security rules. Journal of medical systems, 57-64.
Hockey, A. (2020). Uncovering the cyber security challenges in healthcare. Network Security, 18-19.
Joyia, G., Liaqat, R., & Rehman, S. (2017). Internet of Medical Things (IOMT): applications, benefits and future challenges in healthcare domain. J Commun, 240-247.
Kwon, J., & Johnson, M. E. (2013). Security practices and regulatory compliance in the healthcare industry. Journal of the American Medical Informatics Association, 44-51.
Manogaran, G., Thota, C., Lopez, D., & Sundarasekar, R. (2017). Big data security intelligence for healthcare industry 4.0. In Cybersecurity for Industry 4.0, 103-126.
Pace, P., Aloi, G., Gravina, R., Caliciuri, G., Fortino, G., & Liotta, A. (2018). An edge-based architecture to support efficient applications for healthcare industry 4.0. IEEE. Transactions on Industrial Informatics, 481-489.
Sayer, J., Bullb, G., & Elliott, C. (2018). Mediating Forest Transitions: ‘Grand Design’or ‘Muddling Through’. Conservation and Society, 320-327.
Zhang, R., & Liu, L. (2010). Security models and requirements for healthcare application clouds. In 2010 IEEE. 3rd International Conference on cloud Computing, 268-275.