Healthcare Security Analysis

HEALTHCARE SECURITY ANALYSIS 1

Healthcare security analysis

Surname

Professor

Institution affiliation

Course

Date

HEALTHCARE SECURITY ANALYSIS 2

Healthcare security analysis

Introduction

The advent of technology has transformed the society in different ways. This is because it

has been adopted in almost all processes to enhance productivity as well as enhance efficiency.

Technology has been adopted all industries including health to enhance the quality of services

offered by medical personnel. Despite its popularity, technology has faced a number of

technology in healthcare but security has been the major threat. Some of the issues in healthcare

that are threaten by security includes sharing of patient information, accessing such information

and as well as the ability to maintain patient privacy. To overcome such challenges, there is the

need to ensure the adoption of various strategies that will help to reduce the threat capabilities of

these issues. The ability to reduce security threat in technology is strongly dependent on

authentication, integrity and encryption will help to restore people’s confidence on technology in

healthcare. This discussion will give an in depth analysis of security threats faced in healthcare

information, the available IoT measures that can be adopted to reduce such threats as well as the

benefits that come will be enjoyed upon the application of the above technological strategies in

healthcare.

Security threats in healthcare

Healthcare employees

Healthcare employees are pose the largest threat to healthcare information. Ethics is one

of the most important factors that control operations in healthcare. Ethics in healthcare have led

to the development of various standards that employees in the field should observe. It is by

observing these standards that security in healthcare is enhanced. However, not all employees

HEALTHCARE SECURITY ANALYSIS 3

follow these standards. Some employees ignore these standards which leads to breach of patient

information. Other deliberately take personal information in a bid to make material gains from it

(Kotz et al, 2016. Pg 28). For example, some medical personnel have may take patient

information and start blackmailing them for monetary gains. Other employees take advantage of

patient information including credit cards to impersonate them to make purchases. Therefore,

healthcare employees are of great concern as they have the potential to become the largest

security threat when it comes to patient information.

Malware and phishing attempts

Malware and phishing attempts is a second issue that is a security threat in healthcare.

Phishing occurs when malicious scripts are introduced in the computer network of a given

healthcare facility. Once the malicious scripts have been planted in the system, they can then go

ahead to collect, store and send information from the system. Some of the information they

collect includes passwords and user names and then send them to the hackers who are remotely

located. By collecting such information, the hackers can access the healthcare database of the

target healthcare facility (Al-Janabi et al, 2017. Pg 115). That way, they steal health information

of a specific patient or different patients that are booked in the healthcare facility. As a result,

there is loss of patient privacy which is against the standards of operation in healthcare. To

reduce the risk of hackers getting access to a database of a given healthcare facility, employees

should be well trained giving them the ability to decipher information that is secure or insecure.

Mobile devices

Mobile devices demand has continued to be on the increase in the recent past. One of the

main factors that is contributing to an increase in demand for use of mobile devices is their

HEALTHCARE SECURITY ANALYSIS 4

portability as well as high processing speed. However, the fact that they are portable is a threat in

healthcare as it is easy for them to get lost. Once they land on the wrongs, such a person can use

health information of the patients within a database to their advantage. Some people have

malicious intentions where they receive such information and then share it with the members of

public which jeopardizes their health information security (Al-Janabi et al, 2017. Pg 120). To

overcome the threat of mobile devices in healthcare, the management of such facilities should

come up with strict guidelines on their use. The strict guidelines will help to ensure that only

mobile devices that meet the set standards are authorized to access healthcare database. That

way, a reduction in the number of attacks through mobile devices will be reduced.

Unrestricted access to computers in a healthcare facility

Unrestricted access to computers is an additional security threat in healthcare. A large

number of computers used in healthcare are not secured with a password to regulate the people

that can use such a computer for various operations. Other computers are secured with weak

passwords which can be guessed easily by hackers. Example of passwords that people use to

secure their computers in healthcare facilities includes date of birth, mobile number,

identification numbers, names of their children and pets (Islam et al. 2015. Pg 680). Such

information is easy to guess which upon getting correct, a hacker will have access to a large pool

of medical information of various patients. Healthcare professionals should be trained on how to

develop strong password for their computers. To further enhance such security, more than one

security measure should be used. The use of such a security measure will help to enhance

security of health information even further.

Internet of things applicable measures

HEALTHCARE SECURITY ANALYSIS 5

Cloud storage services

Cloud storage is an example of an Internet of things measure that can be adopted in

healthcare to enhance the security of health information for patients. Cloud storage makes it

possible for healthcare facilities to move health information from the computer to cloud storage.

Such a measure therefore makes it hard for people with malicious intentions and have access to

computers in a given healthcare facility to be denied access to such information. Cloud storage

further enhances the security of healthcare information in that it is possible to determine the

region from where the cloud is accessed (Kruse et al, 2017. Pg 8). That way, healthcare

personnel whose computer was used to access health information against and manipulate it in a

given way will be held accountable. As a result, the degree of responsibility for such healthcare

personnel increases and in return results to high security of health information for patients.

However, cloud storage comes with a cost of constantly training the employees to inform them

on the latest trends in the technology.

Anti-virus adoption

Anti-virus adoption is a second way that can be used by healthcare facilities to ensure the

security of healthcare records for patients. Anti-virus installation in computers helps to create a

firewall that prevents malicious scripts such as viruses from being installed in the computer

system. They as well provide the computer user with various means to destroy the virus. As a

result, the security of the health information for the patients in enhanced (Sametinger et al, 2015.

Pg 80). Healthcare facilities should invest in up to date antivirus software which cannot be

compromised. Some of the ways that can be adopted to enhance high level of security includes

using the latest updates as well as investing in human personnel that is well experienced when it

HEALTHCARE SECURITY ANALYSIS 6

comes to computer antivirus. Such will guarantee the effective installation of the antivirus

software increasing its effectiveness in preventing attacks.

Password management through encryption

The ability to predict different patterns that healthcare personnel use to generate their

password is main factor that leads to compromised healthcare database. Therefore, the ability to

generate a strong password presents a means through which internet of things can be applied in

reducing security threats in healthcare. Common patterns have been observed when it comes to

the creation of password in the population (Alaba et al, 2017. Pg. 20). An example of such a

pattern is the use of children’s name, the name of ones’ pet, identification number or mobile

number among others. Using such obvious names and numbers to generate passwords makes it

easy for hackers to gain access to healthcare databases where they can use patient data

maliciously for material gain. It is recommended that healthcare personnel adopt two step

verification which will help to enhance the security of the computers making it hard for hackers

to access patient data.

Symmetric encryption

Symmetric encryption refers to the process through which a particular message is

converted to code during the transmission process. The receiver on the other end converts the

code to the original message that can be read and understood. Symmetric encryption calls for the

sender and the receiver to have a similar key that helps to convert a message to a code and vice

versa (Alaba et al, 2017. Pg. 20). The method is highly secure as the key to the code is only

shared between the parties that need to be informed about it. Symmetric encryption is mostly

used in cloud storage as well as when storing passwords.

HEALTHCARE SECURITY ANALYSIS 7

Asymmetric encryption

Another name given to this method of encryption is public key cryptography. Various

keys are used in encrypting the data that needs to be secured, but only a single key is required

when decrypting such data. Some of the protocols that use asymmetric encryption include

SSL/TLS, SSH, S/MIME, and OpenPGP. This method of encryption is commonly used in

websites certificates and help to determine whether a connection is secure or not (Alaba et al,

2017. Pg. 23). The encryption method also comes in handy when there is a need to send

signatures digitally.

Hash encryption

Hash encryption represents a third type of encryption. This method of encryption is

adopted when there is a need to verify data. As a result, any input will always yield a specific

output. This method is mainly selected to check the integrity of the source of a given type of

information (Alaba et al, 2017. Pg. 24). Kerberos encryption is an example of such an encryption

method.

Tracking and alerts

Tracking and alert is an additional way that can be applied in internet of things to ensure

the security of patient information. The solution is highly available due to the increase in demand

for mobile phones. The computer database of a healthcare system should be incorporated with a

messaging function that creates a mobile text message that is sent to the person responsible of the

security system for a given healthcare facility. As mentioned earlier, internet of things offer the

option of two step verification process (Moosavi et al, 2016. Pg 120). The second step that could

be used to verify access to the database could be incorporated with an alert creating function. As

HEALTHCARE SECURITY ANALYSIS 8

a result, it will become hard for the hacker to gain access to the mobile device used by the person

responsible for ensuring the security of the system. The ability to track and use alerts helps to

increase the security of healthcare system which ensures patient information is held securely.

Benefits of a secure healthcare system

Patient privacy

One of the main principles that control operations in healthcare is the patient privacy. The

major benefit associated with a secure healthcare system is its ability to keep patient information

secure and private. As a result, patients do not have to worry over issues such as impersonation

when their credit cards are used to make purchases against their will. Secondly, the health

condition of a patient will only be known by them and a few other individuals that they trust and

have made a choice to let them know about the illnesses that are affecting them (Li, Tryfonas, &

Li, 2016. Pg 340). That helps to prevent close friends and relatives that cannot be trusted from

passing propaganda which would negatively affect the patient. For example, when negative

information about patient health is passed around in public, the patient is stigmatized which

worsens the condition they are in due to the disease that has attacked them.

Service consistency

Service consistency is a second benefit that comes as a result of secure healthcare system.

A secure healthcare system denies third parties an opportunity to access patient information.

Denying them access helps to ensure that the information has not been tampered with and it

remains the way it should be. That way, when medical personnel use such information, they can

effectively come up with a medical solution which when given to the patient will contribute to

their healing (Bhatt, Dey & Ashour, 2017. The lack of an effective security system gives hackers

HEALTHCARE SECURITY ANALYSIS 9

the opportunity to access patient information and alter it such that when medical personnel

follow the tampered with medical information, the patient ends up being poisoned worsening

their condition or even killing them. Therefore, high level of security for health information

makes it possible to enhance consistency of healthcare services.

Increased employee accountability and responsibility

A third benefit that will be enjoyed due to increased security of healthcare system is

employee accountability and responsibility. One of the main ways that will be adopted to

enhance the security of the employees is constant training. Employees will be offered with

training on consistently to make them aware of the latest changes in technology that have

influence on the security of the healthcare system (Yehia, Khedr & Darwish, 2015. Pg 21).

Constant training to inform employees on such trends will inform them on means they can adopt

to ensure that patient information is safe. By keeping patient information secure, it will be

possible for the medical personnel to execute their duties with a high degree of responsibility.

Additionally, the training will make employees aware of what is required of them making them

to strive to keep their computers secure reducing the likelihood of hackers accessing them.

Secure sharing and transmission of patient information

Secure sharing and transmission of patient information is one of the crucial processes that

contribute to patient getting healed from various medical conditions. Sharing and transmitting

patient information allows a large number of medical personnel to be involved in finding a

medical solution for the patient. Therefore, the ability to ensure that patient information is

securely stored helps to share their information with the right medical professionals. As a result,

it is possible to attend to them (Laplante & Laplante, 2016. Pg. 3). Sharing patient information is

HEALTHCARE SECURITY ANALYSIS 10

crucial as it provides medical personnel with an opportunity to develop their research skills. That

way, possible cure for new illnesses are found which results in increasing the lifespan for such

patients. Therefore, maintaining security in healthcare operations has huge potential that may

lead to new medical solutions for new illnesses.

Conclusion

In conclusion, security is a crucial area in healthcare. Various threats have been identified

in healthcare that may compromise the security of patient information. These factors includes

employees in healthcare, malware and phishing attempts, the increased use of mobile devices as

well as unrestricted access to computers. These threats results to the easy access of patient

information making the patients vulnerable. Different internet of thing strategies are available for

use in healthcare. These strategies include the adoption of cloud storage services, the adoption of

anti-virus in computers being used in healthcare, personal password management as well as

tracking and alerts. The adoption of these strategies leads to benefits such as enhanced patient

privacy, service consistency, increased employee accountability and responsibility as well as

secure sharing of patient information. Therefore, it is evident that there are various security

threats in healthcare. Also, various measures in internet of things are available that can be

adopted to contain such threats. Lastly, a wide range of benefits that can be enjoyed by all

stakeholders exist which is made possible by high degree of security in healthcare.

HEALTHCARE SECURITY ANALYSIS 11

References

Alaba, F.A., Othman, M., Hashem, I.A.T. and Alotaibi, F., 2017. Internet of Things security: A

survey. Journal of Network and Computer Applications, 88, pp.10-28.

Al-Janabi, S., Al-Shourbaji, I., Shojafar, M. and Shamshirband, S., 2017. Survey of main

challenges (security and privacy) in wireless body area networks for healthcare

applications. Egyptian Informatics Journal, 18(2), pp.113-122.

Bhatt, C., Dey, N. and Ashour, A.S. eds., 2017. Internet of things and big data technologies for

next generation healthcare.

Islam, S.R., Kwak, D., Kabir, M.H., Hossain, M. and Kwak, K.S., 2015. The internet of things

for health care: a comprehensive survey. IEEE Access, 3, pp.678-708.

Kotz, D., Gunter, C.A., Kumar, S. and Weiner, J.P., 2016. Privacy and security in mobile health:

a research agenda. Computer, 49(6), pp.22-30.

Kruse, C.S., Frederick, B., Jacobson, T. and Monticone, D.K., 2017. Cybersecurity in healthcare:

A systematic review of modern threats and trends. Technology and Health Care, 25(1),

pp.1-10.

Laplante, P.A. and Laplante, N., 2016. The internet of things in healthcare: Potential applications

and challenges. It Professional, 18(3), pp.2-4.

Li, S., Tryfonas, T. and Li, H., 2016. The Internet of Things: a security point of view. Internet

Research, 26(2), pp.337-359.

HEALTHCARE SECURITY ANALYSIS 12

Moosavi, S.R., Gia, T.N., Nigussie, E., Rahmani, A.M., Virtanen, S., Tenhunen, H. and Isoaho,

J., 2016. End-to-end security scheme for mobility enabled healthcare Internet of

Things. Future Generation Computer Systems, 64, pp.108-124.

Sametinger, J., Rozenblit, J.W., Lysecky, R.L. and Ott, P., 2015. Security challenges for medical

devices. Commun. ACM, 58(4), pp.74-82.

Yehia, L., Khedr, A. and Darwish, A., 2015. Hybrid security techniques for Internet of Things

healthcare applications. Advances in Internet of Things, 5(03), p.21.

Place new order. It's free, fast and safe

Paper type

Deadline

Page count

550 words

Total price: $ 15.00

Our customers say

Jeff Curtis

USA, Student

"I'm fully satisfied with the essay I've just received. When I read it, I felt like it was exactly what I wanted to say, but couldn’t find the necessary words. Thank you!"

Ian McGregor

UK, Student

"I don’t know what I would do without your assistance! With your help, I met my deadline just in time and the work was very professional. I will be back in several days with another assignment!"

Shannon Williams

Canada, Student

"It was the perfect experience! I enjoyed working with my writer, he delivered my work on time and followed all the guidelines about the referencing and contents."