Information Security in Bethesda Hospital
Added on 2023-03-31
11 Pages2574 Words460 Views
Running head: INFORMATION SECURITY
INFORMATION SECURITY
Name of the Student:
Name of the University:
Author Note:
INFORMATION SECURITY
Name of the Student:
Name of the University:
Author Note:
1INFORMATION SECURITY
Table of Contents
Introduction................................................................................................................................3
Discussion..................................................................................................................................3
Strategic security policy.............................................................................................................3
Threats, vulnerabilities and mitigation.......................................................................................7
Threats....................................................................................................................................7
Vulnerabilities........................................................................................................................8
Mitigation...............................................................................................................................9
References................................................................................................................................10
Table of Contents
Introduction................................................................................................................................3
Discussion..................................................................................................................................3
Strategic security policy.............................................................................................................3
Threats, vulnerabilities and mitigation.......................................................................................7
Threats....................................................................................................................................7
Vulnerabilities........................................................................................................................8
Mitigation...............................................................................................................................9
References................................................................................................................................10
2INFORMATION SECURITY
Introduction
The Bethesda Hospital is a medical centre in Claremont, Australia. It is an advanced
multispecialty hospital that provides a wide variety of treatments to its patients. The hospital
uses different information systems for running their business. The hospital’s main
stakeholders are the board of trustees, the employees of the hospital, the patients and the
doctors who server there. From a business perspective all of these stakeholders are necessary
for proper functioning of the medical centre. The main nature of the business is in the
medical field. It deals with treating patients of diseases and slowly making them healthy. The
hospital deals with normal patient visits in doctor chambers for general check-up and in
speciality clinics for specialised check-up.
The hospital also has equipment and infrastructure to carry out surgeries and has
special intensive care units for serious patients. The hospital also operates an emergency
department. Maximum amount of business transactions in this business is done in insurance
claims due to the large sums of money involved. The rest of the payments are done in the
form or cash or cards. Cheque payment is generally not accepted in such businesses. Overall,
the Bethesda hospital is a well reputed medical centre that is jointly run by multiple
stakeholders and is in the medical business field.
Discussion
Strategic security policy
The security of a hospital can be divided into multiple parts. The security could be
internal security and external security. In external security, the main concerns are against
robbers, thieves, cyber criminals and terrorist trying to damage the hospital or the business.
The internal threats can be threat from malicious employees or patients with bad intentions.
Introduction
The Bethesda Hospital is a medical centre in Claremont, Australia. It is an advanced
multispecialty hospital that provides a wide variety of treatments to its patients. The hospital
uses different information systems for running their business. The hospital’s main
stakeholders are the board of trustees, the employees of the hospital, the patients and the
doctors who server there. From a business perspective all of these stakeholders are necessary
for proper functioning of the medical centre. The main nature of the business is in the
medical field. It deals with treating patients of diseases and slowly making them healthy. The
hospital deals with normal patient visits in doctor chambers for general check-up and in
speciality clinics for specialised check-up.
The hospital also has equipment and infrastructure to carry out surgeries and has
special intensive care units for serious patients. The hospital also operates an emergency
department. Maximum amount of business transactions in this business is done in insurance
claims due to the large sums of money involved. The rest of the payments are done in the
form or cash or cards. Cheque payment is generally not accepted in such businesses. Overall,
the Bethesda hospital is a well reputed medical centre that is jointly run by multiple
stakeholders and is in the medical business field.
Discussion
Strategic security policy
The security of a hospital can be divided into multiple parts. The security could be
internal security and external security. In external security, the main concerns are against
robbers, thieves, cyber criminals and terrorist trying to damage the hospital or the business.
The internal threats can be threat from malicious employees or patients with bad intentions.
3INFORMATION SECURITY
The internal security can also include problems from defective equipment or faulty
infrastructure. The first step toward creating a security policy is to identify the threats and put
frameworks or guidelines in place to protect the hospital against such threats. In the internal
threats, the threat of the thieves, robbers and terrorists can only be countered by enlisting
security services from top private security agencies and the local authorities.
The cyber threat is a whole new world which needs more complex guidelines in place to
prevent such attacks. The first step toward protecting oneself from cyber threats is to secure
all the internal systems in the hospital with proper security solutions (Ahmadi et al. 2017).
The computers used by the hospital staff and doctors should have proper login authentication
and data encryption algorithms enabled. All the staff should be required to have strong
passwords that must not be shared. On inputting of wrong login details three times in a row,
the user account must be auto locked to prevent further brute force attacks.
The second security measure is to secure the database server or the cloud platform where
all the hospital data is stored. Securing the physical servers with extra hardware firewalls and
special security software provides a chance to secure against any incoming attacks. The best
cloud services providing companies should be approached for renting cloud servers with the
state of the art security facilities. The critical computers of the hospital network can be
secured with biometric access and should have restricted access. For both internal and
external threats a separate security manager is needed to be appointed. Special trained staff
capable of handling emergency breach situations can also come handy and help in damage
mitigation in case of mishaps (Jalali and Kaiser. 2018).
The policies for information security varies from hospital to hospital. For the hospital
selected in this report few information security policies that can be implemented will be
discussed. Hospitals are needed to implement policies which are very strict in nature and hard
The internal security can also include problems from defective equipment or faulty
infrastructure. The first step toward creating a security policy is to identify the threats and put
frameworks or guidelines in place to protect the hospital against such threats. In the internal
threats, the threat of the thieves, robbers and terrorists can only be countered by enlisting
security services from top private security agencies and the local authorities.
The cyber threat is a whole new world which needs more complex guidelines in place to
prevent such attacks. The first step toward protecting oneself from cyber threats is to secure
all the internal systems in the hospital with proper security solutions (Ahmadi et al. 2017).
The computers used by the hospital staff and doctors should have proper login authentication
and data encryption algorithms enabled. All the staff should be required to have strong
passwords that must not be shared. On inputting of wrong login details three times in a row,
the user account must be auto locked to prevent further brute force attacks.
The second security measure is to secure the database server or the cloud platform where
all the hospital data is stored. Securing the physical servers with extra hardware firewalls and
special security software provides a chance to secure against any incoming attacks. The best
cloud services providing companies should be approached for renting cloud servers with the
state of the art security facilities. The critical computers of the hospital network can be
secured with biometric access and should have restricted access. For both internal and
external threats a separate security manager is needed to be appointed. Special trained staff
capable of handling emergency breach situations can also come handy and help in damage
mitigation in case of mishaps (Jalali and Kaiser. 2018).
The policies for information security varies from hospital to hospital. For the hospital
selected in this report few information security policies that can be implemented will be
discussed. Hospitals are needed to implement policies which are very strict in nature and hard
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Information Security - Doclg...
|9
|2540
|96
Information Security For Big Supermarketlg...
|13
|3248
|29
Research in Advanced E-Securitylg...
|7
|1628
|206
Dealing with Information Securitylg...
|9
|2754
|414
Information Security Management for Beyond Healthlg...
|14
|3291
|152
Professional Skills In Information Communication Technology: Cyber Securitylg...
|20
|6717
|27