Case Study: Security and Privacy Assessment of My Health Record System
VerifiedAdded on 2022/10/02
|14
|3749
|225
Report
AI Summary
This report provides a comprehensive analysis of the My Health Record (MHR) system, the Australian electronic health record. It explores the advantages of MHR in healthcare delivery, including improved medication safety and efficient access to patient information. The report details how individual patients can manage the privacy and security of their data through access controls and setting security codes. It outlines various security controls, such as role-based access control, firewalls, and encryption techniques, that should be implemented to ensure the system's integrity. The report also discusses lessons learned from data breaches, like the Singapore data breach, and how these insights can improve the security of the Australian MHR system. The conclusion emphasizes the importance of robust security measures to safeguard sensitive patient data and ensure the effective functioning of the MHR system.
IT ASSIGNMENT SOLUTION 1
IT Assignment Solution
Student’s Name
Institutional Affiliation
Date
City
IT Assignment Solution
Student’s Name
Institutional Affiliation
Date
City
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
IT ASSIGNMENT SOLUTION 2
Table of Contents
1. Executive Summary…………………………………………………………………..3
2. Introduction………………………………………………………………………….4
3. The MHR and its advantages for improving the healthcare delivery………………….4
4. How the individual patient can manage the privacy and security of MHR…………….5
5. The security controls with specific examples to ensure MHR has appropriate security
level……………………………………………………...………………………………7
6. How the Singapore Data Breach occurred …………………………………………...10
7. What can be learnt from Singapore Data breach to improve the security of Australian
MHR System?................................................................................................................ 10
8. Conclusion………………………………………………………………………………11
9. References………………………………………………………………………………13
Table of Contents
1. Executive Summary…………………………………………………………………..3
2. Introduction………………………………………………………………………….4
3. The MHR and its advantages for improving the healthcare delivery………………….4
4. How the individual patient can manage the privacy and security of MHR…………….5
5. The security controls with specific examples to ensure MHR has appropriate security
level……………………………………………………...………………………………7
6. How the Singapore Data Breach occurred …………………………………………...10
7. What can be learnt from Singapore Data breach to improve the security of Australian
MHR System?................................................................................................................ 10
8. Conclusion………………………………………………………………………………11
9. References………………………………………………………………………………13
IT ASSIGNMENT SOLUTION 3
Executive Summary
This paper defined MHR system as the electronic health record system in Australia. Some of the
advantages of MHR is medication safety since it helps in avoiding all medication errors. The
system also allows nurses to easily access the patients' information, thus reducing several
performances led tasks. This system has several access controls which can help individuals in
managing their data and information. The patients can determine who access their data by setting
different codes with distinct authorities. The My Health Record can also be equipped with
Intrusion Detection System which has ability to detect any breach. In terms of response after an
attack, the system admins should inform the security agency immediately after an attack to take
necessary actions. The users should also be informed as soon as possible to reset their password.
There are also various security controls which should be put in place for the information safety
within the MHR system.
Executive Summary
This paper defined MHR system as the electronic health record system in Australia. Some of the
advantages of MHR is medication safety since it helps in avoiding all medication errors. The
system also allows nurses to easily access the patients' information, thus reducing several
performances led tasks. This system has several access controls which can help individuals in
managing their data and information. The patients can determine who access their data by setting
different codes with distinct authorities. The My Health Record can also be equipped with
Intrusion Detection System which has ability to detect any breach. In terms of response after an
attack, the system admins should inform the security agency immediately after an attack to take
necessary actions. The users should also be informed as soon as possible to reset their password.
There are also various security controls which should be put in place for the information safety
within the MHR system.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
IT ASSIGNMENT SOLUTION 4
Introduction
MHR is one of the initiative worldwide that is intended to deliver electronic and
personally controlled health record for Australians. This system is aimed at delivering safe,
efficient and effective healthcare. This will, therefore, cover what My Health Record is in detail
and its advantages in the healthcare sector. It will also include how patients manage their data in
My Health Record. The security controls which are supposed to be put in place for the effective
functioning of MHR will also be covered. Last but not least, the ways on how to improve the My
Health Record as learned from the Singapore data breach will be covered.
MHR and its advantages on healthcare delivery
My Health Record is the Australian electronic health record system. The main objective
of this system is the identification of the health literacy rate. It is one of the systems that has
transformed nursing practice for the past few years. The use of my Health record to manage
patient data has become widespread in the healthcare industry. This system has transformed
how nurses care for patients and can also help nurses to facilitate and coordinate patient care
with other members of multidisciplinary healthcare (Makeham, and Ryan, 2019).
The advantages of my health record to patient care delivery are as highlighted below. The
first advantage is that it improves medication safety. By this system, the medication errors,
which always leads to harmful medication safety incidences along with adverse drug events,
can be avoided. This is achievable when the patient information is accessible. This so because
evidence shows that there are always two out of three patients’ medication errors.
Accordingly, it is reported that there are always 1 error out of 10 medications. This system also
helps to reduce paperwork and improved safety (Makeham, and Ryan, 2019).
Introduction
MHR is one of the initiative worldwide that is intended to deliver electronic and
personally controlled health record for Australians. This system is aimed at delivering safe,
efficient and effective healthcare. This will, therefore, cover what My Health Record is in detail
and its advantages in the healthcare sector. It will also include how patients manage their data in
My Health Record. The security controls which are supposed to be put in place for the effective
functioning of MHR will also be covered. Last but not least, the ways on how to improve the My
Health Record as learned from the Singapore data breach will be covered.
MHR and its advantages on healthcare delivery
My Health Record is the Australian electronic health record system. The main objective
of this system is the identification of the health literacy rate. It is one of the systems that has
transformed nursing practice for the past few years. The use of my Health record to manage
patient data has become widespread in the healthcare industry. This system has transformed
how nurses care for patients and can also help nurses to facilitate and coordinate patient care
with other members of multidisciplinary healthcare (Makeham, and Ryan, 2019).
The advantages of my health record to patient care delivery are as highlighted below. The
first advantage is that it improves medication safety. By this system, the medication errors,
which always leads to harmful medication safety incidences along with adverse drug events,
can be avoided. This is achievable when the patient information is accessible. This so because
evidence shows that there are always two out of three patients’ medication errors.
Accordingly, it is reported that there are always 1 error out of 10 medications. This system also
helps to reduce paperwork and improved safety (Makeham, and Ryan, 2019).
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
IT ASSIGNMENT SOLUTION 5
My health record helps the nurses to access information for people along with their care
providers. This can help health practitioners to reduce performing several information-led
tasks. This is evidenced with research which states that enabling self-management can save up
to $1300 per patient per year and also lowers the hospital re-admission rates.
In summary, the health benefits of my health record are avoided duplication of services offered
to patients (Johnson, 2018). Reduced time gathering information, enhanced patient self-
management and improved patient outcomes. This system also helps in promoting legible,
accurate, streamlined coding and billing together with complete documentation.
My health record can also help researchers in delivering quality analysis on different
health issues. This because research ethics suggests that research needs public support in order
to be conducted effectively. As an illustration, the study is usually done out step with the
values of the society if the public is not involved. In that case, MHR can help researchers by
providing the required data for analysis (Lang, 2019) efficiently.
MHR can help to avoid losing important data and information of the patients since paper
work can easily get lost as a result floods, fire, and other natural catastrophes, which cause
irreparable damage to these vital documents. The files stored digitally can also be kept for long
period of time as compared to old ways of data storage which could not last for long. The My
Health record system has password for every user together with anti-viruses which helps to
prevent misuse of sensitive data. The MHR will allow the administration to store unlimited
patient data and information within a single hard drive. And also. Since traditional physical
files take up space, the electronic filing system allows an office to store unlimited amounts of
patient data inside a single computer hard drive which saves on money and space.
My health record helps the nurses to access information for people along with their care
providers. This can help health practitioners to reduce performing several information-led
tasks. This is evidenced with research which states that enabling self-management can save up
to $1300 per patient per year and also lowers the hospital re-admission rates.
In summary, the health benefits of my health record are avoided duplication of services offered
to patients (Johnson, 2018). Reduced time gathering information, enhanced patient self-
management and improved patient outcomes. This system also helps in promoting legible,
accurate, streamlined coding and billing together with complete documentation.
My health record can also help researchers in delivering quality analysis on different
health issues. This because research ethics suggests that research needs public support in order
to be conducted effectively. As an illustration, the study is usually done out step with the
values of the society if the public is not involved. In that case, MHR can help researchers by
providing the required data for analysis (Lang, 2019) efficiently.
MHR can help to avoid losing important data and information of the patients since paper
work can easily get lost as a result floods, fire, and other natural catastrophes, which cause
irreparable damage to these vital documents. The files stored digitally can also be kept for long
period of time as compared to old ways of data storage which could not last for long. The My
Health record system has password for every user together with anti-viruses which helps to
prevent misuse of sensitive data. The MHR will allow the administration to store unlimited
patient data and information within a single hard drive. And also. Since traditional physical
files take up space, the electronic filing system allows an office to store unlimited amounts of
patient data inside a single computer hard drive which saves on money and space.
IT ASSIGNMENT SOLUTION 6
MHR system therefore is a solution to many issues that resulted from traditional data and
information storage. This system also makes it easier to retrieve back data and information.
This system will also make it easier for retrieval of x-ray results. This system also makes it
easier to participate in meaningful use by ensuring data is recorded at the point of care and also
makes it easier to interact seamlessly with the affiliated clinics and hospitals. In summary, My
Health Record system has many advantages which outweighs its cons which makes it the best
idea to implement.
How the individual patient can manage the privacy and security of MHR
There are several access controls that individual patients can take care of to make sure
that their information at MHR is safe and secure. This usually contains information of the
patient, such as the name of the patient, gender, and date of birth. This is the information that
is used in identifying a person's identity and hence, the individual healthcare identifier is
collected. Conversely, the provider can assert the emergency access functionality during
emergency cases which can override the available access controls for a specific period.
The patient can set strong passphrase in order to protect their My Health Record. This a
combination of 12 letters consisting of upper case and lower cases together with symbols. This
should not contain, the patients’ name, dates of birth, patient’s work or related family. This is
therefore strong than a password, but the functionality is the same. Features such as capitalizing
the first letter or using exclamation at the end have to be avoided in this case
The patients can also set codes which can only be given to the healthcare practitioners
who the patients want to access their specific data or information. The patients can also set up
the automatic notifications when a health practitioner accesses his/her data at My Health
Record. This can quickly be done by logging to My Health Record, then click on the profile
MHR system therefore is a solution to many issues that resulted from traditional data and
information storage. This system also makes it easier to retrieve back data and information.
This system will also make it easier for retrieval of x-ray results. This system also makes it
easier to participate in meaningful use by ensuring data is recorded at the point of care and also
makes it easier to interact seamlessly with the affiliated clinics and hospitals. In summary, My
Health Record system has many advantages which outweighs its cons which makes it the best
idea to implement.
How the individual patient can manage the privacy and security of MHR
There are several access controls that individual patients can take care of to make sure
that their information at MHR is safe and secure. This usually contains information of the
patient, such as the name of the patient, gender, and date of birth. This is the information that
is used in identifying a person's identity and hence, the individual healthcare identifier is
collected. Conversely, the provider can assert the emergency access functionality during
emergency cases which can override the available access controls for a specific period.
The patient can set strong passphrase in order to protect their My Health Record. This a
combination of 12 letters consisting of upper case and lower cases together with symbols. This
should not contain, the patients’ name, dates of birth, patient’s work or related family. This is
therefore strong than a password, but the functionality is the same. Features such as capitalizing
the first letter or using exclamation at the end have to be avoided in this case
The patients can also set codes which can only be given to the healthcare practitioners
who the patients want to access their specific data or information. The patients can also set up
the automatic notifications when a health practitioner accesses his/her data at My Health
Record. This can quickly be done by logging to My Health Record, then click on the profile
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
IT ASSIGNMENT SOLUTION 7
and settings tap. The patient has to select the preferred notification method, such as SMS or
email. There should also be details of the safeguards in place in order to protect the personal
information that is stored within the MHR system.
The patients can change the default settings in order to restrict the entire healthcare firm. In
order to customize security, the patient can adjust the level of access to their information by
setting up codes. The first code that can be set the record access code. This code can only be
given to a health practitioner that the patient wants to access their information. The patient can
easily set the codes by logging to My Health Record, click the privacy and access tab, select
manage access by Healthcare Providers. The patient has to set the four to eight-digit code
which can then be given to the health care provider.
The limited document access code. The patient can provide this to the health professionals
that should access particular documents if there is restricted access. This can be done by
quickly navigating to privacy and access tap after logging in, select the document access
settings. The patient has to choose document access settings then set the to 8 digit code. In
case the patient forgets the codes, it is easy to get new codes by just re-entering the code again
and validating it. The representatives can view all the documents and more information, such
as emergency contacts and allergies. However, they have no option of cancelling the patient’s
My Health Record. Personal access code. The patient can set this code and be given to only
nominated representative to access the patients My Health Record.
The security controls with specific examples to ensure MHR has an appropriate security
level
People
and settings tap. The patient has to select the preferred notification method, such as SMS or
email. There should also be details of the safeguards in place in order to protect the personal
information that is stored within the MHR system.
The patients can change the default settings in order to restrict the entire healthcare firm. In
order to customize security, the patient can adjust the level of access to their information by
setting up codes. The first code that can be set the record access code. This code can only be
given to a health practitioner that the patient wants to access their information. The patient can
easily set the codes by logging to My Health Record, click the privacy and access tab, select
manage access by Healthcare Providers. The patient has to set the four to eight-digit code
which can then be given to the health care provider.
The limited document access code. The patient can provide this to the health professionals
that should access particular documents if there is restricted access. This can be done by
quickly navigating to privacy and access tap after logging in, select the document access
settings. The patient has to choose document access settings then set the to 8 digit code. In
case the patient forgets the codes, it is easy to get new codes by just re-entering the code again
and validating it. The representatives can view all the documents and more information, such
as emergency contacts and allergies. However, they have no option of cancelling the patient’s
My Health Record. Personal access code. The patient can set this code and be given to only
nominated representative to access the patients My Health Record.
The security controls with specific examples to ensure MHR has an appropriate security
level
People
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
IT ASSIGNMENT SOLUTION 8
My Health Record can be very beneficial to the Australian Health system. This is because it
provides the digital summary of the people's medical information which can be accessed by the
authorized healthcare professionals to provide the necessary care (Lee, 2018). Conversely, it is
crucial for the Australian government along with the NAHR to apply particular security control
in this system in order to protect and secure the people’s health data that will be available. In that
case, the following are some of the measures that should be put in place. To start with, the
government has to appoint the people that will work as the volunteers for the promotion of this
system so as to increase the awareness and knowledge to the local citizens in Australia.
The NAHR, together with the Australian government, should establish an independent
audit in conjunction with the review committee, which will regularly monitor the safety measure
and data, the data sharing functionality and the encryption standards. Last but not least, the
NAHR should recruit the skilled cybersecurity personnel who are capable of ensuring adequate
safety of this system by using the necessary techniques of cybersecurity. Some of the techniques
are secure log-in by the use of role based access control model, firewalls and the encryption
techniques.
Process
The data sharing process has to be made transparent considering the weak legislation
along with the safeguards adopted by NAHR on MHR. The patients should be provided with
necessary information about the privacy control together with the available opt-out options.
There also has to be restrictions on the third parties bout selling the patients data to the
unauthorized personnel. The following measures should therefore be put in place in order to
make the whole process transparent (Mishra, Sharma, Sharma, and Vimal, 2018). To start with,
the functionality of the profile visit has to be included within the MHR system so that the users
My Health Record can be very beneficial to the Australian Health system. This is because it
provides the digital summary of the people's medical information which can be accessed by the
authorized healthcare professionals to provide the necessary care (Lee, 2018). Conversely, it is
crucial for the Australian government along with the NAHR to apply particular security control
in this system in order to protect and secure the people’s health data that will be available. In that
case, the following are some of the measures that should be put in place. To start with, the
government has to appoint the people that will work as the volunteers for the promotion of this
system so as to increase the awareness and knowledge to the local citizens in Australia.
The NAHR, together with the Australian government, should establish an independent
audit in conjunction with the review committee, which will regularly monitor the safety measure
and data, the data sharing functionality and the encryption standards. Last but not least, the
NAHR should recruit the skilled cybersecurity personnel who are capable of ensuring adequate
safety of this system by using the necessary techniques of cybersecurity. Some of the techniques
are secure log-in by the use of role based access control model, firewalls and the encryption
techniques.
Process
The data sharing process has to be made transparent considering the weak legislation
along with the safeguards adopted by NAHR on MHR. The patients should be provided with
necessary information about the privacy control together with the available opt-out options.
There also has to be restrictions on the third parties bout selling the patients data to the
unauthorized personnel. The following measures should therefore be put in place in order to
make the whole process transparent (Mishra, Sharma, Sharma, and Vimal, 2018). To start with,
the functionality of the profile visit has to be included within the MHR system so that the users
IT ASSIGNMENT SOLUTION 9
can have an idea about the people that view their data and medical summary. This can be
achieved by sending alerts to the patients such as mails or SMS.
The whole My Health Record registration has to be made lucid for the patients by making
them aware concerning the security and policies measures which are undertaken in ensuring the
complete safety of the medical data which will be available on My Health Record.
Technology
In order to have a secure patient data and information, the national cybersecurity has been
established for constant and multilayer surveillance of My Health Record system. In that case,
the following are some of the technology-related measures that need to be put in place in order to
implement strict security control. There has to be a role based access control as the preferred
access control model for My Health Record system. The independent audit should also be done
regularly in order to assess the asymmetric and symmetric essential encryption methods which
are utilized in this system.
There has to be an implementation of 256-bit SSL encryption technology since it
provides extra security layer. This technique will also help to ensure authorized access and hence
will minimize the external cyber-attacks because of the increased safety.
Legislation
The government has to come up with necessary legislative changes so as to exert
particular control of addressing the issues related to security and privacy of the patients that
are stored in My Health Record. For instance, when the person opts out or cancels their My
Health Record, the records should be deleted with immediate effect from the MHR databases.
There is also the need to change the poor legislation and policies that are related to My Health
can have an idea about the people that view their data and medical summary. This can be
achieved by sending alerts to the patients such as mails or SMS.
The whole My Health Record registration has to be made lucid for the patients by making
them aware concerning the security and policies measures which are undertaken in ensuring the
complete safety of the medical data which will be available on My Health Record.
Technology
In order to have a secure patient data and information, the national cybersecurity has been
established for constant and multilayer surveillance of My Health Record system. In that case,
the following are some of the technology-related measures that need to be put in place in order to
implement strict security control. There has to be a role based access control as the preferred
access control model for My Health Record system. The independent audit should also be done
regularly in order to assess the asymmetric and symmetric essential encryption methods which
are utilized in this system.
There has to be an implementation of 256-bit SSL encryption technology since it
provides extra security layer. This technique will also help to ensure authorized access and hence
will minimize the external cyber-attacks because of the increased safety.
Legislation
The government has to come up with necessary legislative changes so as to exert
particular control of addressing the issues related to security and privacy of the patients that
are stored in My Health Record. For instance, when the person opts out or cancels their My
Health Record, the records should be deleted with immediate effect from the MHR databases.
There is also the need to change the poor legislation and policies that are related to My Health
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
IT ASSIGNMENT SOLUTION 10
Record, which is designed by the Australian government. The legislations have to fulfil the
below-mentioned requirements.
The My Health Record legislation has to comprise of strict provision where the secondary
data related to My Health Record will only be allowed to use in Australia and hence will
become unavailable once the user chose to opt-out. The My Health Record legislation has to
ensure that the patient’s medical information that is availed to third parties will be used only
for research and in the best interest of the public (Goh, 2018). The private firms that have
access to public data should also report any data breach. The government of Australia has to
make necessary national legislation to ensure right to compensation for the individual who will
have experienced data breach.
The legislation should also comprise of strict punishment along with legal penalties on
the healthcare service providers that discloses or uses the patients’ data without permission
from the owners (Miller, 2018). Last but not least, no patients’ data in My Health Record will
be released or availed to non-health firms, police or any other agencies unless with a court
order or permission.
How the Singapore Data Breach occurred
The attackers of Singapore data breach first infected the user workstation through what is
was likely to be the email phishing attack. However, the attackers the malware to gain access
of other work stations. Seemingly, the hackers then gained access to the dormant accounts that
had administrative privileges. The hackers accessed the servers which gave them a direct route
to Singapore Health systems.
Record, which is designed by the Australian government. The legislations have to fulfil the
below-mentioned requirements.
The My Health Record legislation has to comprise of strict provision where the secondary
data related to My Health Record will only be allowed to use in Australia and hence will
become unavailable once the user chose to opt-out. The My Health Record legislation has to
ensure that the patient’s medical information that is availed to third parties will be used only
for research and in the best interest of the public (Goh, 2018). The private firms that have
access to public data should also report any data breach. The government of Australia has to
make necessary national legislation to ensure right to compensation for the individual who will
have experienced data breach.
The legislation should also comprise of strict punishment along with legal penalties on
the healthcare service providers that discloses or uses the patients’ data without permission
from the owners (Miller, 2018). Last but not least, no patients’ data in My Health Record will
be released or availed to non-health firms, police or any other agencies unless with a court
order or permission.
How the Singapore Data Breach occurred
The attackers of Singapore data breach first infected the user workstation through what is
was likely to be the email phishing attack. However, the attackers the malware to gain access
of other work stations. Seemingly, the hackers then gained access to the dormant accounts that
had administrative privileges. The hackers accessed the servers which gave them a direct route
to Singapore Health systems.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
IT ASSIGNMENT SOLUTION 11
The Singapore data breach was caused by poor system management, lack of employees
training. The breach contained the patient’s information and the medical data of about one
hundred and sixty thousand patients. This was due to the lack of adequate cybersecurity
awareness, resources together with training to respond to the attack (Duckett, and Willcox,
2015). There was also misconfiguration issues throughout the network, which allowed hackers
to breach the system. It is also stated that the hackers gained access by a significant coding
vulnerability within the connection between Citrix servers.
What can be learnt from Singapore Data breach to improve the security of Australian
MHR System?
There are high chances that any system can be hacked and breached. This is evidenced
with the Singapore attack where personal information of over 160, 000 patient was
compromised with. It is stated that hackers gained access to the fronted workstations where
they got login credentials for the SingHealth database.
The data breach in Singapore shows that there is a requirement of tightening up the security
measures with every system that stores data. In that case, the My Health Record needs to have
increased control on servers, main workstations together with system accounts so as prevent
such an attack. As observed in Singapore's attack, the hackers were in possession of advanced
tools for hacking (Neubeck et al., 2016). In that case, the government has to put in place
necessary measures such as acquiring the latest software and tools and keep updating them.
Furthermore, the security attack can be prevented by forming the cyber cell to spy on unusual,
harmful and suspicious activities. Cyber experts should take immediate action after suspecting
any attack or suspicious activity.
The Singapore data breach was caused by poor system management, lack of employees
training. The breach contained the patient’s information and the medical data of about one
hundred and sixty thousand patients. This was due to the lack of adequate cybersecurity
awareness, resources together with training to respond to the attack (Duckett, and Willcox,
2015). There was also misconfiguration issues throughout the network, which allowed hackers
to breach the system. It is also stated that the hackers gained access by a significant coding
vulnerability within the connection between Citrix servers.
What can be learnt from Singapore Data breach to improve the security of Australian
MHR System?
There are high chances that any system can be hacked and breached. This is evidenced
with the Singapore attack where personal information of over 160, 000 patient was
compromised with. It is stated that hackers gained access to the fronted workstations where
they got login credentials for the SingHealth database.
The data breach in Singapore shows that there is a requirement of tightening up the security
measures with every system that stores data. In that case, the My Health Record needs to have
increased control on servers, main workstations together with system accounts so as prevent
such an attack. As observed in Singapore's attack, the hackers were in possession of advanced
tools for hacking (Neubeck et al., 2016). In that case, the government has to put in place
necessary measures such as acquiring the latest software and tools and keep updating them.
Furthermore, the security attack can be prevented by forming the cyber cell to spy on unusual,
harmful and suspicious activities. Cyber experts should take immediate action after suspecting
any attack or suspicious activity.
IT ASSIGNMENT SOLUTION 12
The organizations, along with the government, should work together in order to improve
the security of systems. The My Health Record can also be equipped with Intrusion Detection
System, which has the ability to detect any breach (Daniels, 2017). In terms of response after
an attack, the system admins should inform the security agency immediately after an attack o
take necessary actions. The users should also be informed as soon as possible to reset their
password. It's also essential to recover the data has been compromised with after the data
breach.
As per the lesson learned from the Singapore data breach, the Australian
government needs an enhanced security structure and readiness. As an illustration, the firms has
to employ the defense in-depth strategy together with policies and procedures of addressing the
security gaps. The officials should also review the cyber-attack in order to determine if they are
in position to respond to the advanced and persistent threats. This can however be achieved by
mapping layers of IT stack against the available security tools.
The Australian My Health Record can also be improved by security checks. As an
illustration, the vulnerability assessment needs to be conducted on a regular basis together with
the certification of the vendor products. Accordingly, the responsible team should consider doing
pen testing and threat hunting. The staff should also be educated to recognize the signs of a
security incident. The My Health Record should also have a two factor authentication to reduce
the risks of being compromised with. Accordingly, the inventory of the administrative accounts
has to be created so as to facilitate rationalization of such accounts. Last but not least, the server
local administrator accounts should be managed at a central point across the whole system.
The organizations, along with the government, should work together in order to improve
the security of systems. The My Health Record can also be equipped with Intrusion Detection
System, which has the ability to detect any breach (Daniels, 2017). In terms of response after
an attack, the system admins should inform the security agency immediately after an attack o
take necessary actions. The users should also be informed as soon as possible to reset their
password. It's also essential to recover the data has been compromised with after the data
breach.
As per the lesson learned from the Singapore data breach, the Australian
government needs an enhanced security structure and readiness. As an illustration, the firms has
to employ the defense in-depth strategy together with policies and procedures of addressing the
security gaps. The officials should also review the cyber-attack in order to determine if they are
in position to respond to the advanced and persistent threats. This can however be achieved by
mapping layers of IT stack against the available security tools.
The Australian My Health Record can also be improved by security checks. As an
illustration, the vulnerability assessment needs to be conducted on a regular basis together with
the certification of the vendor products. Accordingly, the responsible team should consider doing
pen testing and threat hunting. The staff should also be educated to recognize the signs of a
security incident. The My Health Record should also have a two factor authentication to reduce
the risks of being compromised with. Accordingly, the inventory of the administrative accounts
has to be created so as to facilitate rationalization of such accounts. Last but not least, the server
local administrator accounts should be managed at a central point across the whole system.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
1 out of 14
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.