Friday, September 13, 2019

Comparisons of two Information Security Management Frameworks Essay

Comparisons of two Information Security Management Frameworks - Essay Example Security responsibilities in an organization are all-embracing that is why it is important to associate the employees in formulating the program. SQL information system management used in health care The health care information technology system in several instances is predisposed to various risks and threats among other vulnerabilities. The situation gets worse when such vices are channeled towards the information system targeting patients with life threatening conditions. Some of the risks, threats, and vulnerabilities include and are not limited to accessing public internet without authority, hacking resulting to penetration of IT infrastructure, and fire torching primary data (Rodrigues 56). In most instances, health-care centers have put in place web-based patient and physician portals to enable visibility in the organizations financial and clinical data. The physician portal is normally used for various purposes including viewing radiology and laboratory results, obtaining elec tronic medical records and completing charts. Similarly, the patient portal enables accessing patient’s information including test results, billing information, prescribed medication, scheduled appointments, and medical conditions. However, if secure coding of the web application is not implemented, vulnerabilities such as SQL injections and cross-site scripting are likely to occur. This occurs based on actions of exploitation from unauthorized users who may compromise sensitive information confidentiality via the internet (Gentile 69). Notable tools employed in the identification of healthcare related online risks include the Web inspect scanner by Hewlett, Web vulnerability scanner by Acunetix and the watchfire Appscan by IBM. Application of the above systems would then go ahead in selective selections of authentic databases, passwords, and user identities as far as the internet security is concerned. In order to tackle various threats and risks, sections of clinical system s have adopted wireless networks, which they use to present and obtain information at the point of care. For example, this has been applied at bedsides (Gentile 41). The wireless network policy enables the use of wireless network infrastructure to handle patient’s information systems. This kind of system with proper coding plays a significant role in ensuring that there is integrity, confidentiality, and reliable availability of patient’s information. If proper securing of information is not enhanced under such circumstances, it would greatly affect the organizations internal systems. The wireless network system ensures that proper regulations and procedures are put in place to handle the patient’s information systems. These include performance logs and network security. Training of steps in this field would then enable justified users such as permitted staff to understand encryptions and authentication of wireless mechanisms that are in use. To identify where u nauthorized access points and rogue users are located, system administrators should use wireless scanning tools. On the same note, hospitals offering free access to wireless network for the public must always ensure that the person accessing information is

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.