CYB-690: Cybersecurity Program Development - All Health Corporation

Verified

Added on 2022/08/27

AI Summary

This project focuses on developing a cybersecurity program for All Health Corporation, a healthcare clinic. It identifies six types of sensitive data stored, including electronic health records and claims data, and details where this information is stored within a Clinical Data Repository (CDR) or Clinical Data Warehouse (CDW). The assignment outlines the hardware and software infrastructure, including routers, firewalls, and EMR systems, and presents a security architecture diagram. It also addresses potential cybersecurity threats such as ransomware and data breaches, and specifies security controls like patient identification and access restrictions. The project concludes with a discussion of relevant policies, including administrative, information management, and human resource policies, to ensure comprehensive data protection within the clinic. References are provided for further research and understanding of cybersecurity in healthcare.

Running head: CYBERSECURITY PROGRAM DEVELOPMENT
CYBERSECURITY PROGRAM DEVELOPMENT
Enter name of the Student:
Enter name of the University:
Author note:

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

1CYBERSECURITY PROGRAM DEVELOPMENT
There are several data which will store in this health clinic named All Health
Corporation. The data of the clinic is the main supply for most of the health also the medical
research (Fragidis, Chatzoglou & Aggelidis, 2016). It is collected either on the time of course
of the ongoing care of patient or any formal program of clinical trial. There are six types of
data stored in this clinic which are automatic health records, claims data, organizational data,
health surveys, Patient or Syndrome registries and the data of clinical trials (Hu, Park &
Yabut, 2018). The cleanest type of the electronic clinical data that is attained at the point of
care at the clinic, medical facility, practice, and hospital.
All these above discussed clinical data are very sensitive also need to store very
privately as this data has an important impact on the reputation and efficiency for keeping the
patients information private (Fragidis, Chatzoglou & Aggelidis, 2016). The CDR that is
Clinical Data Repository or CDW that is Clinical Data Warehouse that combines the data
from several sources of clinic for presenting the view of any single patient, is used to store all
the above discussed data of this clinic All Health Corporation (Richardson et al., 2017).
In this network, many hardware and software are used which are as follows:
Hardware equipment: Router, Load balancing switch, Switches, Communication Wire,
Computers, Laptops, smartphones, monitors (Hu, Park & Yabut, 2018).
Software equipment:
i) Firewall: It is used to control the unauthorized access from any private network.
ii) Electronic Medical Record (EMR): It can help the health clinic to remove the
inappropriate administration, resolve care for the patients and improve the efficiency of
clinic.

2CYBERSECURITY PROGRAM DEVELOPMENT
iii) GBA: It is the medical application which consists the critical data. This data cannot find
in off ledge software with the 24/7 availability.
Besides these, there are many other software system present such as Operating
Theatre Management System, Appointment Management System, Clinic Costing System and
many more.
The security controls are positioned in the centre so that all the equipment such as
hardware, software and many more are perfectly recognized (Yao et al., 2017). All the
hardware systems are connected to the server and all these server are directly connected to
the main network of this clinic. There are six types of data stored in this clinic which are
electronic health registers, claims data, administrative data, health surveys, the data of clinical
trials and Patient or Disease registries.
The healthcare clinic or any hospital may face several cybersecurity related issues
such as Ransomware extortion, Data Breaches, Insider Threat, DDoS Attacks and Business
Email Compromise also Fraud Scams (Richardson et al., 2017). The security control
specifications are as follows:
i) The identification of the patient (Luthy et al., 2016).
ii) The logon ID.
iii) Installing the antivirus and the firewalls to protect the network and data.
The restricting access in this clinic is occurred in the internet and Wi-Fi which are
restricted also protected by the password.
The full scope of the policies are present which are the administrative policies,
information management policies, providing care policies, medicine policies, and human

3CYBERSECURITY PROGRAM DEVELOPMENT
resource management policies. All these policies are used in this health clinic (Maltezou &
Poland, 2016).
Figure 1: Security Architecture Diagram
(Source: Created by author)

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

4CYBERSECURITY PROGRAM DEVELOPMENT
References
Fragidis, L. L., Chatzoglou, P. D., & Aggelidis, V. P. (2016). Integrated nationwide
electronic health records system: Semi-distributed architecture approach. Technology
and Health Care, 24(6), 827-842.
Hu, S., Park, J., & Yabut, G. R. (2018). Diagnostic Color Strip Reader for World Health
Partners Clinics.
Luthy, K. E., Peterson, T. B., Macintosh, J. L., Eden, L. M., Beckstrand, R. L., & Wiley, N.
H. (2016). Evaluation of vaccination policies among Utah pediatric clinic employees.
Journal of Pediatric Health Care, 30(3), 190-196.
Maltezou, H. C., & Poland, G. A. (2016, September). Immunization of health-care providers:
necessity and public health policies. In Healthcare (Vol. 4, No. 3, p. 47).
Multidisciplinary Digital Publishing Institute.
Richardson, I., AbuBaker, A., O’Connor, P., O’Mahony, J., & O’Leary, P. (2017). Sink or
Swim: Connected Health Software. BIOSTEC 2017, 213.
Yao, J., Weaver, E. M., Langley, B. D., George, S. M., & Hardin, S. R. (2017, July).
Monitoring peripheral edema of heart failure patients at home: Device, algorithm, and
clinic study. In 2017 39th Annual International Conference of the IEEE Engineering
in Medicine and Biology Society (EMBC) (pp. 4074-4077). IEEE.