Development of Cyber Security Policies and System in Hospitals
88 Pages29318 Words148 Views
Added on 2023-05-29
About This Document
This report describes the development of a security strategy and system model for the hospital IT infrastructure to provide immunity against cyber-attacks. It includes literature review, cyber security policies, methodology, and implementation.
Development of Cyber Security Policies and System in Hospitals
Added on 2023-05-29
ShareRelated Documents
Development of cyber security policies and cyber security system in the hospital
Table of Contents
1. Title..........................................................................................................................................3
2. Background of the project........................................................................................................3
2.1 Aim....................................................................................................................................3
2.2 Objectives..........................................................................................................................3
2.3 Research questions............................................................................................................4
2.4 Expected outcomes of the project.....................................................................................4
3. Literature Review.....................................................................................................................5
4. Cyber security.........................................................................................................................11
4.1 Security policies in the hospital environment.................................................................12
4.2 Information control and security policy in healthcare systems.......................................23
4.3 Cyber security in hospital...............................................................................................27
4.4 Cyber-attacks in the hospital...........................................................................................30
4.5 How to mitigate the cyber risks in the hospital...............................................................33
4.6 Cyber security risks in healthcare...................................................................................34
4.7 Preventing healthcare cyber security issues....................................................................36
1
1. Title..........................................................................................................................................3
2. Background of the project........................................................................................................3
2.1 Aim....................................................................................................................................3
2.2 Objectives..........................................................................................................................3
2.3 Research questions............................................................................................................4
2.4 Expected outcomes of the project.....................................................................................4
3. Literature Review.....................................................................................................................5
4. Cyber security.........................................................................................................................11
4.1 Security policies in the hospital environment.................................................................12
4.2 Information control and security policy in healthcare systems.......................................23
4.3 Cyber security in hospital...............................................................................................27
4.4 Cyber-attacks in the hospital...........................................................................................30
4.5 How to mitigate the cyber risks in the hospital...............................................................33
4.6 Cyber security risks in healthcare...................................................................................34
4.7 Preventing healthcare cyber security issues....................................................................36
1
4.8 Evolution of cyber security in healthcare.......................................................................41
5. Methodology..........................................................................................................................42
5.1 Preferred language..........................................................................................................42
5.2 Models of organizational security policies.....................................................................43
5.3 Establishing hospital security plan..................................................................................44
5.4 Effective ways for the hospital safety and security.........................................................45
6. Security policy model in healthcare systems.........................................................................45
6.1 Security policy model in healthcare................................................................................45
6.2 Information security and privacy in healthcare...............................................................48
6.3 Security and privacy of information in mobile health-care communication system......52
6.4 Effects of Security Policies, Security Awareness in healthcare system.........................57
6.5 Developing healthcare network security policy..............................................................58
7. Project planning......................................................................................................................59
8. Implementation.......................................................................................................................60
9. References..............................................................................................................................73
2
5. Methodology..........................................................................................................................42
5.1 Preferred language..........................................................................................................42
5.2 Models of organizational security policies.....................................................................43
5.3 Establishing hospital security plan..................................................................................44
5.4 Effective ways for the hospital safety and security.........................................................45
6. Security policy model in healthcare systems.........................................................................45
6.1 Security policy model in healthcare................................................................................45
6.2 Information security and privacy in healthcare...............................................................48
6.3 Security and privacy of information in mobile health-care communication system......52
6.4 Effects of Security Policies, Security Awareness in healthcare system.........................57
6.5 Developing healthcare network security policy..............................................................58
7. Project planning......................................................................................................................59
8. Implementation.......................................................................................................................60
9. References..............................................................................................................................73
2
1. Title
Development of cyber security policies and cyber security system in the hospital.
2. Background of the project
The implementation of IT infrastructure in various industries both in production and service
sector increase day to day. In hospitals, the implementation of the IT systems changes the entire
structure of the hospital and it increases the servicing capability to the new height. But at the
same time, it also has some limitations or risks. Consider the cyber-attack has happened in the
hospital. It is a nightmare. It affects people’s lives. So, the need for updating the security systems
in the hospital IT infrastructure is high. This project is regarding the development of the security
strategy and security system model for the hospital IT infrastructure. The proposed system must
capable of providing the immune against the cyber-attacks. In this report, the overall outline of
the proposal for developing the security system model is described. Here also, the various cyber-
security models currently used in various places are considered for the benchmarking.
2.1 Aim
The main intention of this proposed research work is to develop and implement the
security system to prevent the data stealing and unauthorized use of data in hospitals by using the
“Java” platform during the part of my academic project.
2.2 Objectives
For archiving the main aim of the project, the following objectives are required to be
completed. And they are listed below.
Conduct a deep review of the various kinds of literature.
3
Development of cyber security policies and cyber security system in the hospital.
2. Background of the project
The implementation of IT infrastructure in various industries both in production and service
sector increase day to day. In hospitals, the implementation of the IT systems changes the entire
structure of the hospital and it increases the servicing capability to the new height. But at the
same time, it also has some limitations or risks. Consider the cyber-attack has happened in the
hospital. It is a nightmare. It affects people’s lives. So, the need for updating the security systems
in the hospital IT infrastructure is high. This project is regarding the development of the security
strategy and security system model for the hospital IT infrastructure. The proposed system must
capable of providing the immune against the cyber-attacks. In this report, the overall outline of
the proposal for developing the security system model is described. Here also, the various cyber-
security models currently used in various places are considered for the benchmarking.
2.1 Aim
The main intention of this proposed research work is to develop and implement the
security system to prevent the data stealing and unauthorized use of data in hospitals by using the
“Java” platform during the part of my academic project.
2.2 Objectives
For archiving the main aim of the project, the following objectives are required to be
completed. And they are listed below.
Conduct a deep review of the various kinds of literature.
3
Initial analysis of the current information flow chain in the hospital.
Identification of weaker zones in the current security system.
Study about the various security models currently used.
Develop the security model for our case.
Develop the java code and implement the developed code.
Test the functioning of the developed system in the real case.
2.3 Research questions
The completion of this project involves the process of answering the following questions.
And these are the major questions (problems) resolved in this project.
What is the need for a new cybersecurity system instead of the existing system in
hospitals?
What are the possible threats to the Hospital’s IT system?
What are the major consequences of the improper cybersecurity system?
What are the different methods or strategies to strengthen information security?
How to improve the immune against the data stealing and hacking?
2.4 Expected outcomes of the project
Here the important outcomes expected by the completion of this project is described.
4
Identification of weaker zones in the current security system.
Study about the various security models currently used.
Develop the security model for our case.
Develop the java code and implement the developed code.
Test the functioning of the developed system in the real case.
2.3 Research questions
The completion of this project involves the process of answering the following questions.
And these are the major questions (problems) resolved in this project.
What is the need for a new cybersecurity system instead of the existing system in
hospitals?
What are the possible threats to the Hospital’s IT system?
What are the major consequences of the improper cybersecurity system?
What are the different methods or strategies to strengthen information security?
How to improve the immune against the data stealing and hacking?
2.4 Expected outcomes of the project
Here the important outcomes expected by the completion of this project is described.
4
Reduces the risks involved in the data processing in the hospital.
Provides security to the data stored or shared through the hospital IT system.
Improves the performance of the system.
Increases the immune against the hacking and data stealing.
Reduces the complications involved in the cybersecurity process.
3. Literature Review
The authors Tristan Caulfield and David Pym described the security policy of the system
in the ‘Modelling and Simulating Systems Security policy’ paper. Managers of security face lots
of challenges in providing and designing the policies as per the requirements of an organization.
In this paper, mathematical modeling of the systems and its simulations are described. It helps
the security managers in the organization to take the decisions regarding security. Utility
theories are used for describing the policies of security for the security managers. The models
created in this paper are based on the original and real-world data obtained in the systems.
Gnosis tool is used for system modeling. Then, the created framework of the model is
implemented in the Julia language. The models used in this paper are tailgating model, sharing
of document model, device loss and composed model. Then, the results obtained from the
document sharing model in an organization are given in the form of a table and described in this
paper. By using these models, one can easily create and take decisions regarding the security
policies in the organization.
According to the research work carried out by ‘Sonya H Y Hsu’ on information sharing
and cyber threats. Here the author describes the various prototypes regarding information
sharing. It will be done by exploring the application of secure data platform including the manual
script. Here for the information sharing two methods are followed by the author. First one is data
management with confidence. And the second one is the agility regarding the information
5
Provides security to the data stored or shared through the hospital IT system.
Improves the performance of the system.
Increases the immune against the hacking and data stealing.
Reduces the complications involved in the cybersecurity process.
3. Literature Review
The authors Tristan Caulfield and David Pym described the security policy of the system
in the ‘Modelling and Simulating Systems Security policy’ paper. Managers of security face lots
of challenges in providing and designing the policies as per the requirements of an organization.
In this paper, mathematical modeling of the systems and its simulations are described. It helps
the security managers in the organization to take the decisions regarding security. Utility
theories are used for describing the policies of security for the security managers. The models
created in this paper are based on the original and real-world data obtained in the systems.
Gnosis tool is used for system modeling. Then, the created framework of the model is
implemented in the Julia language. The models used in this paper are tailgating model, sharing
of document model, device loss and composed model. Then, the results obtained from the
document sharing model in an organization are given in the form of a table and described in this
paper. By using these models, one can easily create and take decisions regarding the security
policies in the organization.
According to the research work carried out by ‘Sonya H Y Hsu’ on information sharing
and cyber threats. Here the author describes the various prototypes regarding information
sharing. It will be done by exploring the application of secure data platform including the manual
script. Here for the information sharing two methods are followed by the author. First one is data
management with confidence. And the second one is the agility regarding the information
5
exchange. Also, the examples are covered by the author regarding the information exchange and
cyber threats. And the author including the data sets and the landscape surrounding in this paper.
Mainly this paper focused on the data sharing application. And this application should regarding
the statistical research data centers. These data centers make the security need for the facilities
and the motivations. The detailed explanation is provided by the author regarding the research
data centers. These centers are helping to develop the quality of visualization of the output and
the data collection. Also, there may be a balance between the creation of big data and
accessibility. It is used to create the assists. The key functions are used by the author such as
information sharing, cybersecurity, and adaptive security technologies.
According to the research work carried out by ‘Martti Lehto’ on cyberspace threats and
the objectives and strategies of cybersecurity. Generally, the cyber threats may be classified into
many ways. This is considered as the evidence by the author when taking the cybersecurity on a
multi-national level. The common model is represented as threefold classification. It is based on
motivational factors. Nowadays many countries use this model for the cybersecurity. This is used
to handle the cybersecurity threats. Here the author described the fifth model. They are
cybercrime, cyber activism, and cyber warfare. Here the cyber-security is defined by the author
regarding the cybersecurity policies and strategic properties regarding the objective of the
cybersecurity. In this paper, the objective of the cyber-security is defined by the author for the
improvement of national cybersecurity level. For that many methods are explored by the author.
Also, the strategies of cybersecurity are delivered. These strategies are used to define the key
objective regarding the strategic priorities. The cyberspace is more increased in the rational
function in the way of providing critical support to the critical infrastructure, economy and
national security. The methods are described by the author to make the security for the
cyberspace. These are done by the national governments. Also, the cybersecurity objectives are
clearly explained by the author to develop the cyber ecosystem. Also the threats, vulnerabilities,
objects are analyzed regarding the cybersecurity.
According to the research work carried out by ‘Kartik Gopalan’ on healthcare
architecture regarding the security analysis of cyber-physical systems. Here the survey is made
6
cyber threats. And the author including the data sets and the landscape surrounding in this paper.
Mainly this paper focused on the data sharing application. And this application should regarding
the statistical research data centers. These data centers make the security need for the facilities
and the motivations. The detailed explanation is provided by the author regarding the research
data centers. These centers are helping to develop the quality of visualization of the output and
the data collection. Also, there may be a balance between the creation of big data and
accessibility. It is used to create the assists. The key functions are used by the author such as
information sharing, cybersecurity, and adaptive security technologies.
According to the research work carried out by ‘Martti Lehto’ on cyberspace threats and
the objectives and strategies of cybersecurity. Generally, the cyber threats may be classified into
many ways. This is considered as the evidence by the author when taking the cybersecurity on a
multi-national level. The common model is represented as threefold classification. It is based on
motivational factors. Nowadays many countries use this model for the cybersecurity. This is used
to handle the cybersecurity threats. Here the author described the fifth model. They are
cybercrime, cyber activism, and cyber warfare. Here the cyber-security is defined by the author
regarding the cybersecurity policies and strategic properties regarding the objective of the
cybersecurity. In this paper, the objective of the cyber-security is defined by the author for the
improvement of national cybersecurity level. For that many methods are explored by the author.
Also, the strategies of cybersecurity are delivered. These strategies are used to define the key
objective regarding the strategic priorities. The cyberspace is more increased in the rational
function in the way of providing critical support to the critical infrastructure, economy and
national security. The methods are described by the author to make the security for the
cyberspace. These are done by the national governments. Also, the cybersecurity objectives are
clearly explained by the author to develop the cyber ecosystem. Also the threats, vulnerabilities,
objects are analyzed regarding the cybersecurity.
According to the research work carried out by ‘Kartik Gopalan’ on healthcare
architecture regarding the security analysis of cyber-physical systems. Here the survey is made
6
by the author regarding the architecture of cyber-physical systems. Some of the architectures are
illustrated in this paper by the author. Most of the architectures are evaluated and examined.
From the analysis, some of the architectures are used here by the author. These architectures are
evaluated by using the sequence of qualities regarding the cyber-physical systems for healthcare.
The architecture diagrams have explained the functionality with the detailed description. Mainly
the functionality of infusion pumps is analyzed. The STRDIDE model is used by the author to
decompose the functionality to describe the security issues and how they can be addressed. The
key functions are used by the author such as software architecture, healthcare, security,
blackboard, and cyber-physical systems. Then the architectural qualities of healthcare is defined
by the author. Finally the author concluded with the comparison of security issues between the
various architectures. These comparisons are used to make the conclusion about the architecture
which is suitable for making the security based on the need of cyber-physical systems in health
care systems.
According to the research work conducted by ‘Ajeet Singh’ on a study of cyber-attacks
on cyber-physical systems. Here the improvement of cyber-physical performance is described by
the author. Generally, the cyber-physical system is represented as the patch of the cyber world
and physical world components. These components only used to make the increment of physical
performance. Also, the usage of a cyber-physical system is explained by the author in this paper.
Here the cyber-physical systems could be increased. Because the cyber and the physical devices
are connected to illustrate the state of the art technologies. When the cyber threats and the cyber-
attacks have happened, it should be documented. From the study analysis, the author described
the security issues and challenges regarding the cyber-physical systems. It is considered as the
global issue. And also, the proper mechanism is needed for the cyber-physical systems. The
author also described the investigation regarding the relationship between the cyber-physical
systems and internet of things. The cyber-attacks are clearly explained by the author regarding
the cyber-physical systems. Also, the attacks happened in recent years are explained by the
author. Then the chart is prepared by the author regarding the recent cyber-attacks. Also, the
definitions and domains are analyzed by the author regarding the cyber-physical systems. And a
lot of vulnerabilities are identified and explained by the author. They are hardware, software,
7
illustrated in this paper by the author. Most of the architectures are evaluated and examined.
From the analysis, some of the architectures are used here by the author. These architectures are
evaluated by using the sequence of qualities regarding the cyber-physical systems for healthcare.
The architecture diagrams have explained the functionality with the detailed description. Mainly
the functionality of infusion pumps is analyzed. The STRDIDE model is used by the author to
decompose the functionality to describe the security issues and how they can be addressed. The
key functions are used by the author such as software architecture, healthcare, security,
blackboard, and cyber-physical systems. Then the architectural qualities of healthcare is defined
by the author. Finally the author concluded with the comparison of security issues between the
various architectures. These comparisons are used to make the conclusion about the architecture
which is suitable for making the security based on the need of cyber-physical systems in health
care systems.
According to the research work conducted by ‘Ajeet Singh’ on a study of cyber-attacks
on cyber-physical systems. Here the improvement of cyber-physical performance is described by
the author. Generally, the cyber-physical system is represented as the patch of the cyber world
and physical world components. These components only used to make the increment of physical
performance. Also, the usage of a cyber-physical system is explained by the author in this paper.
Here the cyber-physical systems could be increased. Because the cyber and the physical devices
are connected to illustrate the state of the art technologies. When the cyber threats and the cyber-
attacks have happened, it should be documented. From the study analysis, the author described
the security issues and challenges regarding the cyber-physical systems. It is considered as the
global issue. And also, the proper mechanism is needed for the cyber-physical systems. The
author also described the investigation regarding the relationship between the cyber-physical
systems and internet of things. The cyber-attacks are clearly explained by the author regarding
the cyber-physical systems. Also, the attacks happened in recent years are explained by the
author. Then the chart is prepared by the author regarding the recent cyber-attacks. Also, the
definitions and domains are analyzed by the author regarding the cyber-physical systems. And a
lot of vulnerabilities are identified and explained by the author. They are hardware, software,
7
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Educational Program Risk Managementlg...
|5
|808
|17
Cyber Risk Management in Healthcarelg...
|15
|1024
|10
Types of Health Information Systems (HIS) PDFlg...
|108
|25526
|79
Various Solutions And Technologieslg...
|5
|994
|14
Regional Gardens Case Study PDFlg...
|13
|2647
|14
Managing Cyber Security Threats and Non-Cyber Security Threatslg...
|11
|3818
|103