ISY3006 Report: Analyzing Security Policies for Blacktown Hospital
VerifiedAdded on 2022/11/14
|10
|2291
|406
Report
AI Summary
This report provides a detailed analysis of the information security landscape at Blacktown Hospital, focusing on the development and implementation of a robust security policy. The report begins with an overview of the hospital, its stakeholders, and the importance of establishing clear security protocols. It then delves into the identification and assessment of potential risks and vulnerabilities, including data breaches and cyber threats. The core of the report outlines the improvement and arrangement of a strategic security approach, incorporating key elements such as Data Loss Prevention (DLP) and Identity Access Management (IAM). Furthermore, the report assesses the mitigation strategies for the identified vulnerabilities, recommending best practices to enhance the hospital's security posture. Finally, the report concludes by summarizing the key findings and emphasizing the importance of continuous monitoring and adaptation to address evolving security challenges. This report will be published on Desklib, a platform which provides all the necessary AI based study tools for students.
Running Head: IT 0
INFORMATION SECURITY
INFORMATION SECURITY
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
IT 1
Executive Summary
Various improvement in the vital arrangements are incorporated by hierarchical strategies. It
also includes security classification of an association named as black town hospital and its
planning for significant security strategies in relation to digital security. Firstly, the
organisation is introduced in the report following by possible risks and susceptibilities of the
hospital. With regards to this, the mitigation measures for the identified risks were also
assessed in the study.
Executive Summary
Various improvement in the vital arrangements are incorporated by hierarchical strategies. It
also includes security classification of an association named as black town hospital and its
planning for significant security strategies in relation to digital security. Firstly, the
organisation is introduced in the report following by possible risks and susceptibilities of the
hospital. With regards to this, the mitigation measures for the identified risks were also
assessed in the study.
IT 2
Table of Contents
Overview...................................................................................................................................3
About Blacktown..................................................................................................................3
Improvement and arrangement of a vital security approach for the Blacktown Hospital
....................................................................................................................................................4
Evaluation and ID of possible dangers and vulnerabilities of Blacktown Hospital...........5
Mitigation of the possible vulnerabilities and risks of Blacktown Hospital.......................7
Conclusion.................................................................................................................................8
References.................................................................................................................................9
Table of Contents
Overview...................................................................................................................................3
About Blacktown..................................................................................................................3
Improvement and arrangement of a vital security approach for the Blacktown Hospital
....................................................................................................................................................4
Evaluation and ID of possible dangers and vulnerabilities of Blacktown Hospital...........5
Mitigation of the possible vulnerabilities and risks of Blacktown Hospital.......................7
Conclusion.................................................................................................................................8
References.................................................................................................................................9
IT 3
Overview
To any institution, key policies of security help indicate clear and characterised practices and
guidelines to regulate the data access on the systems of the particular enterprise. It is
important for the enterprise to give due importance to necessary security strategies for the
development of the feasible of security tactics as it will benefit the enterprise against any sort
of security breach and secure the organisation from possible dangers and vulnerabilities
(Ahmad, Maynard and Park, 2014). To evaluate and anticipate the requirement for the viable
security arrangements, one of the oldest hospitals in new south wales, Sydney is selected i.e.
Blacktown.
This report outlines about the advancement and preparation of definite safety method for the
Blacktown hospital. With regards to this, potential dangers including various vulnerabilities
of the institution are also included in the examination. In addition, insurance plans are
developed in a manner to resolve the institution distresses that can be surface in relation with
security breach.
About Blacktown
One of the famous acute care hospitals in New South Wales is Blacktown founded in 1965.
This hospital belongs to medical care sector. Medical hospitals for the most of area operates
at many levelled structure, policies and guidelines are going with various chain of directions
(O’Neill, 2014). Various stakeholders of Blacktown can be classified as the top executives,
employees and workers and CEO at the medical hospital also representing the inner
associates of the organisation. On the other hand, customers and patient are known to be as
outside partners that incorporate the network of production and several specialist
organisations for the association (Boonstra and Govers, 2009). For instance, these can be
categorised as giving assistance in terms of gear and hardware and other medication for the
Blacktown. The association will also be called be as a stakeholder offering insurance
alongside a security breach. It is very important for the organisation to implement significant
arrangements to strengthen the safety efforts in addition with safeguarding exclusive
information included in records of medical clinical.
Overview
To any institution, key policies of security help indicate clear and characterised practices and
guidelines to regulate the data access on the systems of the particular enterprise. It is
important for the enterprise to give due importance to necessary security strategies for the
development of the feasible of security tactics as it will benefit the enterprise against any sort
of security breach and secure the organisation from possible dangers and vulnerabilities
(Ahmad, Maynard and Park, 2014). To evaluate and anticipate the requirement for the viable
security arrangements, one of the oldest hospitals in new south wales, Sydney is selected i.e.
Blacktown.
This report outlines about the advancement and preparation of definite safety method for the
Blacktown hospital. With regards to this, potential dangers including various vulnerabilities
of the institution are also included in the examination. In addition, insurance plans are
developed in a manner to resolve the institution distresses that can be surface in relation with
security breach.
About Blacktown
One of the famous acute care hospitals in New South Wales is Blacktown founded in 1965.
This hospital belongs to medical care sector. Medical hospitals for the most of area operates
at many levelled structure, policies and guidelines are going with various chain of directions
(O’Neill, 2014). Various stakeholders of Blacktown can be classified as the top executives,
employees and workers and CEO at the medical hospital also representing the inner
associates of the organisation. On the other hand, customers and patient are known to be as
outside partners that incorporate the network of production and several specialist
organisations for the association (Boonstra and Govers, 2009). For instance, these can be
categorised as giving assistance in terms of gear and hardware and other medication for the
Blacktown. The association will also be called be as a stakeholder offering insurance
alongside a security breach. It is very important for the organisation to implement significant
arrangements to strengthen the safety efforts in addition with safeguarding exclusive
information included in records of medical clinical.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
IT 4
Improvement and arrangement of a vital security
approach for the Blacktown Hospital
The technology in this digitalization era is now embedded in each area of an organisation. For
instance, Information technology is exploited in a clinic for leading medicinal assessments on
the patients and involving the functioning to defeat the illness that distress those patients
(Leigh, 2013). Similarly, it is necessary to retain the archives and document the cure that is
experienced by a patient in a hospital for additional research and study one the subject. In
addition, the need of patient history information and the history of therapeutic is very vital.
From last two decades, there are various crimes taking place in information and digital world
and that have been revolved out to be persistent and it is must be consider while dealing with
important data with appropriate information of the patients. To effective cater the problem, it
is significant that Blacktown Hospital develops and realizes important security tactics for
safeguarding the exclusive data and formation in the frameworks of clinic.
Information stealing and cybercrime are the foundation for the enhancement of a particular
side stated in the report. All information collected in relation with IT security is an external
approach to various institutions. Accordingly, the needs for implementing a professional to
provide security to information is vital. Nevertheless, an organisation can drive to a better
position with improvement of some significant security arrangements. It was found that some
organisations are restricted to deploying firewalls, and powerlessness management in the
name of gaining a particular level of security. With regards to this, many also add ID entrance
for data security. However, in all the scenarios, it is important to assess the viability of
practice and technique and check where it matches the security requirements of the
organisation or not. It was objectified by Blacktown Hospital about fundamental IT solutions
for the firewall utilization and powerlessness the board for offering security in contradiction
of cyber-crimes and illegal movements recognised with data theft and distortion of
information.
The purpose or the arrangement context is fundamentally the protection or the insurance of
the reliability, aids secrecy or the information for this condition. The data veracity of
Blacktown Hospital would indicate to the permitted handling in assets adjustments, while
availability express that the data access and the framework will be known as a barrier to
Improvement and arrangement of a vital security
approach for the Blacktown Hospital
The technology in this digitalization era is now embedded in each area of an organisation. For
instance, Information technology is exploited in a clinic for leading medicinal assessments on
the patients and involving the functioning to defeat the illness that distress those patients
(Leigh, 2013). Similarly, it is necessary to retain the archives and document the cure that is
experienced by a patient in a hospital for additional research and study one the subject. In
addition, the need of patient history information and the history of therapeutic is very vital.
From last two decades, there are various crimes taking place in information and digital world
and that have been revolved out to be persistent and it is must be consider while dealing with
important data with appropriate information of the patients. To effective cater the problem, it
is significant that Blacktown Hospital develops and realizes important security tactics for
safeguarding the exclusive data and formation in the frameworks of clinic.
Information stealing and cybercrime are the foundation for the enhancement of a particular
side stated in the report. All information collected in relation with IT security is an external
approach to various institutions. Accordingly, the needs for implementing a professional to
provide security to information is vital. Nevertheless, an organisation can drive to a better
position with improvement of some significant security arrangements. It was found that some
organisations are restricted to deploying firewalls, and powerlessness management in the
name of gaining a particular level of security. With regards to this, many also add ID entrance
for data security. However, in all the scenarios, it is important to assess the viability of
practice and technique and check where it matches the security requirements of the
organisation or not. It was objectified by Blacktown Hospital about fundamental IT solutions
for the firewall utilization and powerlessness the board for offering security in contradiction
of cyber-crimes and illegal movements recognised with data theft and distortion of
information.
The purpose or the arrangement context is fundamentally the protection or the insurance of
the reliability, aids secrecy or the information for this condition. The data veracity of
Blacktown Hospital would indicate to the permitted handling in assets adjustments, while
availability express that the data access and the framework will be known as a barrier to
IT 5
likely staff only. In end, privacy states to the data insurance from external establishments
which do not have permission over the Hospital resources.
It is crucial to collective place the significant security arrangement in relation to Data Loss
Prevention or DLP. Enduring with the practice of DLP together with Identity Access
Management or IAM and it has been known as one of the major worries in the previous
discussion (Heckman et al, 2015). Considering policy improvement, there must be use of
subsidiary technologies. This preparation made for Blacktown will signify that data defence
and burglary administration is to implement DLP. With regards to this, the DLP practice and
the entry to the hospital frameworks and it must be confined to employees only. For instance,
the changed enterprise arrangement would allow individuals on topmost stations to gain use
of the information. Organisation top most internal associated including CEO and the Chief
must be affianced with the tiered provisions and therefore receiving the access to the
framework of Blacktown. The head of security in Organisation, just as the operations head
and security head of the Hospital would nearly definitely gain entrance to the framework of
Blacktown. In the above scenarios, any stated individual is not present, their subordinate
(assistant) can be given entrance to the security systems also. In addition, this method
includes the reliable talent to vacate the attractive ID strip magnetic cards, which deeds as a
character evidence, yet in addition as a tool for retrieving the framework of Blacktown for
collecting significant information.
Evaluation and ID of possible dangers and
vulnerabilities of Blacktown Hospital
It was found that each month, more than 1lacs patients receive treatment from all the
divisions of Hospital. Blacktown also experienced a project in 2012, which drive the
extension of several offices like sub-intense emotive well-being workplace and make enlarge
the car parking area by increasing it for the consumers (bmdhproject.health.nsw.gov.au,
2018). Improvements in the framework have endeavoured which can be measured as a
possible area of strategy adoption. In the underlying phases, the enhancement of framework
that has been tried by the clinic had objectified some collection of the programming
innovation and projects like, the foundation of firewall and a Security Information and Event
Management framework (SIEM) to their frameworks of data (Fisher, 2012). As there is
likely staff only. In end, privacy states to the data insurance from external establishments
which do not have permission over the Hospital resources.
It is crucial to collective place the significant security arrangement in relation to Data Loss
Prevention or DLP. Enduring with the practice of DLP together with Identity Access
Management or IAM and it has been known as one of the major worries in the previous
discussion (Heckman et al, 2015). Considering policy improvement, there must be use of
subsidiary technologies. This preparation made for Blacktown will signify that data defence
and burglary administration is to implement DLP. With regards to this, the DLP practice and
the entry to the hospital frameworks and it must be confined to employees only. For instance,
the changed enterprise arrangement would allow individuals on topmost stations to gain use
of the information. Organisation top most internal associated including CEO and the Chief
must be affianced with the tiered provisions and therefore receiving the access to the
framework of Blacktown. The head of security in Organisation, just as the operations head
and security head of the Hospital would nearly definitely gain entrance to the framework of
Blacktown. In the above scenarios, any stated individual is not present, their subordinate
(assistant) can be given entrance to the security systems also. In addition, this method
includes the reliable talent to vacate the attractive ID strip magnetic cards, which deeds as a
character evidence, yet in addition as a tool for retrieving the framework of Blacktown for
collecting significant information.
Evaluation and ID of possible dangers and
vulnerabilities of Blacktown Hospital
It was found that each month, more than 1lacs patients receive treatment from all the
divisions of Hospital. Blacktown also experienced a project in 2012, which drive the
extension of several offices like sub-intense emotive well-being workplace and make enlarge
the car parking area by increasing it for the consumers (bmdhproject.health.nsw.gov.au,
2018). Improvements in the framework have endeavoured which can be measured as a
possible area of strategy adoption. In the underlying phases, the enhancement of framework
that has been tried by the clinic had objectified some collection of the programming
innovation and projects like, the foundation of firewall and a Security Information and Event
Management framework (SIEM) to their frameworks of data (Fisher, 2012). As there is
IT 6
confined client base in Blacktown the threat and frameworks access are constrained also.
Considering any scenarios, with the rise in the illegal susceptibilities relating to security of
information, it is vital to develop and retain up persuasive tiered tactics in relation with
security of executives. Considering the Blacktown Hospital framework, there is already been
executed various basic firewalls and the security provisions can be taken as soberly
ineffective when highlighted with the greater amount of security software objectified by
various organisations. Other than protective firewalls, SIEM frameworks were presented in
the Blacktown databases. In addition, a threat of data and information theft and a breach in
the security may bring sever outcome for the clinic to an extent obligated if there should be a
happening of such a threat. The Blacktown Hospital is to assure the data security held in the
organisation framework, just as assuring security and wellbeing of the patient. Considering
the emergency clinic, the occupation of medical clinic in assuring the patient's security is
very critical. If any medical clinic found indulge in disruption of privacy and security of data
related to patient, the Australian Legislation Privacy Act (1998) enables patient to file
necessary sue (Svantesson and Clarke, 2010). Each association and business venture
operating in the country come under this particular law and therefore, Blacktown Hospital
must follow such laws related to data breach. In addition, the dependence of the hospital has
been stated as the implementation of vital programming plans and with this, there is also a
digital threat to the organisation security. The possible aims for the threats and weakness of
Blacktown include not realising the most contemporary innovation and delayed reform of
programming projects.
confined client base in Blacktown the threat and frameworks access are constrained also.
Considering any scenarios, with the rise in the illegal susceptibilities relating to security of
information, it is vital to develop and retain up persuasive tiered tactics in relation with
security of executives. Considering the Blacktown Hospital framework, there is already been
executed various basic firewalls and the security provisions can be taken as soberly
ineffective when highlighted with the greater amount of security software objectified by
various organisations. Other than protective firewalls, SIEM frameworks were presented in
the Blacktown databases. In addition, a threat of data and information theft and a breach in
the security may bring sever outcome for the clinic to an extent obligated if there should be a
happening of such a threat. The Blacktown Hospital is to assure the data security held in the
organisation framework, just as assuring security and wellbeing of the patient. Considering
the emergency clinic, the occupation of medical clinic in assuring the patient's security is
very critical. If any medical clinic found indulge in disruption of privacy and security of data
related to patient, the Australian Legislation Privacy Act (1998) enables patient to file
necessary sue (Svantesson and Clarke, 2010). Each association and business venture
operating in the country come under this particular law and therefore, Blacktown Hospital
must follow such laws related to data breach. In addition, the dependence of the hospital has
been stated as the implementation of vital programming plans and with this, there is also a
digital threat to the organisation security. The possible aims for the threats and weakness of
Blacktown include not realising the most contemporary innovation and delayed reform of
programming projects.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
IT 7
Mitigation of the possible vulnerabilities and
risks of Blacktown Hospital
The threats and vulnerabilities are being identified in relation to the Blacktown hospital
should be firm to ensure stability in the operations of the organisation. It is important to
assess past planned main security area for the organisation to protect the hospital from data
theft and possible claims. It was found that from a long period of time, the key simulated
products that have been implemented in the safety frameworks of Blacktown have been
perceived as out-dated and there is also no reform of the projects in the programming and so
considering the policy, the implementation of IAM and DLP needs to be completed. In
addition, as expressed by the policy, the entrance would be limited with some of the topmost
known people who holds an executive position in the organisation. It is to be observed that
the practice needs the individuals to access to the machines to be ready and able in the
management and dealing of the IAM and DLP context the reduces in weakness can be mainly
achieved with implementing these practice in the organisation. Nevertheless, the hospital
currently delivers each employee and represents a striking strip ID card which permits them
to reach to clear areas on the hospital places. Afterwards, some areas like cafeteria, parking
region and places with healing sorts of gear are further limited to permitted employees. In
addition, way and route into the areas of medical hospital would similarly need the
identification card and therefore reducing the volume of possible threats to the organisation.
Mitigation of the possible vulnerabilities and
risks of Blacktown Hospital
The threats and vulnerabilities are being identified in relation to the Blacktown hospital
should be firm to ensure stability in the operations of the organisation. It is important to
assess past planned main security area for the organisation to protect the hospital from data
theft and possible claims. It was found that from a long period of time, the key simulated
products that have been implemented in the safety frameworks of Blacktown have been
perceived as out-dated and there is also no reform of the projects in the programming and so
considering the policy, the implementation of IAM and DLP needs to be completed. In
addition, as expressed by the policy, the entrance would be limited with some of the topmost
known people who holds an executive position in the organisation. It is to be observed that
the practice needs the individuals to access to the machines to be ready and able in the
management and dealing of the IAM and DLP context the reduces in weakness can be mainly
achieved with implementing these practice in the organisation. Nevertheless, the hospital
currently delivers each employee and represents a striking strip ID card which permits them
to reach to clear areas on the hospital places. Afterwards, some areas like cafeteria, parking
region and places with healing sorts of gear are further limited to permitted employees. In
addition, way and route into the areas of medical hospital would similarly need the
identification card and therefore reducing the volume of possible threats to the organisation.
IT 8
Conclusion
In the limelight of above discussion, the whole reports outline the importance of
implementing vital security approaches and arrangement of powerful machines. Various
significant aspects related to offering security can be identified with SIEM, IAM and DLP in
the research. The research is also made on the Blacktown Hospital threats and vulnerabilities
including acceptable preventive practices to mitigate those respective threats. In addition, the
reference is also made related to Privacy act in Australia for the information or data breach in
an organisation.
Conclusion
In the limelight of above discussion, the whole reports outline the importance of
implementing vital security approaches and arrangement of powerful machines. Various
significant aspects related to offering security can be identified with SIEM, IAM and DLP in
the research. The research is also made on the Blacktown Hospital threats and vulnerabilities
including acceptable preventive practices to mitigate those respective threats. In addition, the
reference is also made related to Privacy act in Australia for the information or data breach in
an organisation.
IT 9
References
Ahmad, A., Maynard, S.B. and Park, S., 2014. Information security strategies: towards an
organizational multi-strategy perspective. Journal of Intelligent Manufacturing, 25(2),
pp.357-370.
bmdhproject.health.nsw.gov.au, 2018. ABOUT US [ONLINE] Available from:
http://www.bmdhproject.health.nsw.gov.au/about-us [Accessed 18/09/2019].
Boonstra, A. and Govers, M.J., 2009. Understanding ERP system implementation in a
hospital by analysing stakeholders. New Technology, Work and Employment, 24(2), pp.177-
193.
Fisher, J.A., 2012. Secure my data or pay the price: Consumer remedy for the negligent
enablement of data breach. Wm. & Mary Bus. L. Rev., 4(1), p.215.
Heckman, K.E., Stech, F.J., Schmoker, B.S. and Thomas, R.K., 2015. Denial and deception
in cyber defense. Computer, 48(4), pp.36-44.
Leigh, H., 2013. The patient: Biological, psychological, and social dimensions of medical
practice. New York: Springer Science & Business Media.
O’Neill, A., 2014. An action framework for compliance and governance. Clinical
Governance: An International Journal, 19(4), pp.342-359.
Svantesson, D. and Clarke, R., 2010. Privacy and consumer risks in cloud
computing. Computer law & security review, 26(4), pp.391-397.
References
Ahmad, A., Maynard, S.B. and Park, S., 2014. Information security strategies: towards an
organizational multi-strategy perspective. Journal of Intelligent Manufacturing, 25(2),
pp.357-370.
bmdhproject.health.nsw.gov.au, 2018. ABOUT US [ONLINE] Available from:
http://www.bmdhproject.health.nsw.gov.au/about-us [Accessed 18/09/2019].
Boonstra, A. and Govers, M.J., 2009. Understanding ERP system implementation in a
hospital by analysing stakeholders. New Technology, Work and Employment, 24(2), pp.177-
193.
Fisher, J.A., 2012. Secure my data or pay the price: Consumer remedy for the negligent
enablement of data breach. Wm. & Mary Bus. L. Rev., 4(1), p.215.
Heckman, K.E., Stech, F.J., Schmoker, B.S. and Thomas, R.K., 2015. Denial and deception
in cyber defense. Computer, 48(4), pp.36-44.
Leigh, H., 2013. The patient: Biological, psychological, and social dimensions of medical
practice. New York: Springer Science & Business Media.
O’Neill, A., 2014. An action framework for compliance and governance. Clinical
Governance: An International Journal, 19(4), pp.342-359.
Svantesson, D. and Clarke, R., 2010. Privacy and consumer risks in cloud
computing. Computer law & security review, 26(4), pp.391-397.
1 out of 10
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.