Primary Audience: IT department Manager

Intended use of document: Discuss cybersecurity issues in healthcare industry

Secondary Audience: Director of Operations
Relationship: Employer
Prior knowledge: few details

A Survey on Big Data Privacy and Security Issues in Healthcare Information

Everyday large amounts of data are created from big data. The use of big data can cause security
issues in Healthcare information as healthcare providers create their medical records, clinical
systems, medical imaging, protecting the privacy of patient information becomes increasingly more
difficult. Today, traditional security measures such as firewalls, antivirus and intrusion detection are
not effective enough to provide necessary protection and require more advanced security. The
application of information processing for computers in the health division is called Health
Information System (HIS) which has the main objective of ensuring data is properly processed and
protected while being used. There are six main components of HIS, the main three components are
inputs, processes and outputs. Inputs refers to legislative, regulatory and planning frame work to
ensure a functional health information system. Processes refers to selection of indicators for
collection and management of data while outputs deal with production, distribution and use of
information. Dealing with Health Information Systems requires Big Data analytics which in turn
improve the quality of health care through; providing patient centric services, detecting spreading
diseases earlier, monitoring the hospitals quality, improving the treatment methods, health care,
security and privacy issues in health care. Furthermore, security and privacy issues deal with;
authentication, non-repudiation, confidentiality, availability and existing solutions [ CITATION
KPr17 \l 2057 ].

Reference:
[1] J. J. K. Pragash, "A Survey of Big Data Privacy and Security Issues in Healthcare Information
System," Advances in Natural and Applied Sciences, vol. 11, no. 12, p. 95-99, 2017.

Cybersecurity: An Enterprise Risk Issue

The risk of cyberattacks is an ever-growing risk making it more critical to ensure providers use
sufficient resources to mitigate that risk especially in healthcare which is believed to be specifically
targeted. Cyber attacks on healthcare organisations can affect operating efficiency causing delays
and other negative impacts on patient care. The healthcare industry is at least a decade behind in IT
practices, some believe it’s due to medical equipment and special-purpose computers which still use
old technology. In addition, healthcare providers spend a very small percentage of their IT budgets
on security compared to other industries. In an experiment, it was concluded healthcare facilities are
largely unprotected against cyber threats which can result in harm to patients. Previously,
cybersecurity was viewed as the domain for IT staff as in the past threats would only cause minor
harm and medical records were largely paper-based and today that is no longer the case. Today,
cybercrime is more common being largely committed for financial gain along with espionage or fun.
However, there are guidance methods in preventing such events, one such model is the “CIA Traid”
which is regarded as the pillars of security for any information system. Cybersecurity incidents can
be costly to an organisation in more ways than one such as financial loss, legal counsel, public
relations and other collateral damage. It is recommended that a cross-organization cyber-risk team is
appointed, and everyone involved is represented. Overall, using a well-informed strategy consisting
of cyber-risk assessments, deciding what needs to be prioritized, organizations vulnerabilities to
identify potential threats and the impact of the treats on the organization [ CITATION Tom17 \l
2057 ].

Reference:
[2] T. Andre, "Cybersecurity - An Enterprise at Risk Issue," Healthcare FInancial Management, vol.
71, no. 2, pp. 40-45, 2017.

Cybersecurity and Healthcare Record

Cyber-crime is on the rise, in 2016 alone, more than 16 million patient records were stolen from
healthcare organisations in the United States and more than 150 million since 2010. Common access
points were stolen deceives, infected USB drives or by transmitting healthcare data without proper
data protection. Such data has a price which can be detrimental to patients and healthcare
organisations. For healthcare organisations, they may have to pay civil penalties and suffer the loss
of patients while patients suffer the leak of their medical records, financial and credit card
information. Unfortunately, to minimize cyber-crime, increased technology and cybersecurity staff
are necessary but at the cost of healthcare premiums for all consumers. However, individuals in
healthcare can make a difference by becoming informed about necessary protocols to preventing
cyberattacks. Such protocols include proper password security, data encryption and patient
education. Password security involves using a strong secure password or by using a multifactor
authorization. Data encryption is required for all electronic devices that use data in any manner for
example, some companies provide employees with mobile devices with installed security and any
devices that use patient data are routinely scanned to ensure its data protection is using up to data
software. Patient education includes notifying patients about the safe use of personal health
information. Cybersecurity affects everyone, and it is important everyone actively enforces safety
and privacy in order to prevent cyberattacks [ CITATION Sus17 \l 2057 ].

Reference:
[3] S. Conaty-Buck, "Cybersecurity and Healthcare Record," American Nurse Today, vol. 12, no. 9,
pp. 62-64, 2017.