Health Information System Vulnerabilities

1264 Words3 Pages

Abstract
The purpose of this report is to identify the potential vulnerabilities and threats that might affect the system and the business processes. The health center is equip with free open source Health Information System, which needs tools and procedures to keep the system running and functioning as it intend to be. We will discuss the methods and technique that can be used to secure the network system by using encryption algorithm. Securing the health information system need to go through many steps in order to prevent any type of cyber attacks, by understanding the technique that hackers and attacker follows and by identifying the weak points in the system. Understanding the access control is the first step to secure any system, following …show more content…

The health information system is consist of data, hardware and software, which work together to ensure the safety of the system and the organization as well. Using information system in healthcare helps the organization to improve their productivities and decreasing the medical errors. Health information system is like any other systems, which might have potential threat and risks. However, information system risks, and attacks increased in past few years including the threats against health information system. There are many type of risk that may threat the system some are physical threat and other are threat by compromising the information system. The health information system might compromised in such threat like power failure, network failure, hardware or software failure, Malware attacks, human errors and communication failures. In order to secure the system the organization need to maintain the confidentiality, integrity and availability of the information. Confidentiality means an unauthorized person cannot read the sensitive information; the system must provide the information only to the person how have the right to read. Integrity means the privacy of the information and this information should not be changed or deleted. Availability means the information must be available any time and under any …show more content…

The best practice in this regard is to control the access to the system, which means the employee should granted with the privilege that enough to do his job and not to give him all the right access, including the administration account for the computers that located in the 25 clinical rooms and 5 computer use for the patient appointment. Installing the monitoring system including CCTV in all the center facilities will reduce the physical threat and human errors. Malware threat is one of the most common risk in any system, were Malware can be in form of viruses, Trojan horse or worms. Malware are software that replicates itself in the system, these software can spread among the network to reach all the PCs in the same network. To prevent Malware we need to install fresh anti-viruses and maintain the application and network servers to block any type of intrusion virus. With the increasing of scanning tool all over the Internet, it becomes easy to scan and analyze the system. Hackers and attacker always find the way to access systems if they find any chance, there are many way of attacking systems, such as Dos, and social engineering.

Open Document