Scribd
Upload
4 views1 page

Information Assurance and Security Scenario

The document outlines a security policy for online medical records that emphasizes strong authentication, encryption, and access control mechanisms. It advocates for multi-factor authentication, role-based access control, and emergency access features, along with regular audits and staff training to mitigate risks. Additionally, it suggests using blockchain technology for enhanced security and highlights the importance of a comprehensive approach to ensure both security and accessibility of medical records.

Uploaded by

janloydandig20
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
4 views1 page

Information Assurance and Security Scenario

The document outlines a security policy for online medical records that emphasizes strong authentication, encryption, and access control mechanisms. It advocates for multi-factor authentication, role-based access control, and emergency access features, along with regular audits and staff training to mitigate risks. Additionally, it suggests using blockchain technology for enhanced security and highlights the importance of a comprehensive approach to ensure both security and accessibility of medical records.

Uploaded by

janloydandig20
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 1

Jan Lloyd Kenneth Andig BSIT III

Based on my research @ ChatGPT, to secure online medical records


while balancing privacy and accessibility, I would draft a security policy that
implements strong authentication, encryption, and access control
mechanisms. Multi-factor authentication (MFA) should be required for
patients and authorized medical personnel to access records. Encryption
would protect data both in transit and at rest, ensuring that even if records
are intercepted, they remain unreadable. Role-based access control (RBAC)
would limit users to only the information they need, preventing unauthorized
disclosure. Additionally, an emergency access feature, such as a "break-
glass" mechanism, would allow emergency personnel to access records
under strict logging and auditing to prevent misuse.
For prevention, regular security audits and staff training on
cybersecurity best practices would minimize risks. Detection mechanisms
like intrusion detection systems (IDS) and anomaly detection would identify
potential breaches. In case of a security incident, recovery measures such as
data backups and a well-defined incident response plan would ensure records
can be restored quickly. Blockchain technology could also enhance security
by providing an immutable ledger of access and modifications. Ultimately, a
well-rounded approach combining strong preventive measures, real-time
monitoring, and an efficient recovery plan would ensure both the security
and accessibility of medical records.

You might also like