RUNNING HEAD: IT
Report on Westmead Hospital information security
By Frederick Lewis Allen
[Name of the Writer]
[Name of the Institution]
Contents
TOC \o "1-3" \h \z \u Introduction PAGEREF _Toc20066831 \h 2
Executive summary PAGEREF _Toc20066832 \h 3
Discussion PAGEREF _Toc20066833 \h 4
Conclusion PAGEREF _Toc20066834 \h 8
Introduction
Information security has become one of the main concern and area of focus for many hospitals. With the advancement of time, technology is getting towards the next level of advancement and institutions are becoming more conscious of their maintainance and upgrading of their IT security systems . For Westmead Hospital, securing data and its safe transmission is of central importance. Westmead hospital is focusing on implementing straightforward and strict security policies. It is also using more reliable security procedures so that it could keep its Information security networks more secure and could make sure safe transfer of the data so that confidential data of the patients could be protected. In order to conduct audit and monitoring practices, Westmead Hospital is trying to provide a safer and secure IT environment. For the security management, IT department of Westmead is training its best personnel to allocate resources effectively and proactively manage matter linked with information security so that fluctuating regulations and ever-evolving threats could be resolved timely. Information technology clears one thing that when technology is not handled carefully, institutes could get harm. Information security system and management plays a significant role in making Westmead trustworthy for people who are more concerned about their privacy and personal data.
Executive summary
In this paper, various aspects of IT security management has been highlighted as for the hospitals, it is important to manage and update the security system. In this report, there are certain areas that are providing basic information how Westmead is improving its information security system and encouraging its management to be equipped against all the challenges that all the other companies and security institutes are facing in order to increase authentication of its information system. In this report, not only challenges are being mentioned but at the same time, there have been given all the possible solutions. It has also been mentioned in this report that why information security departments are trusted so much when it is about the confidential data about which patients used to show much concern. There have been listed a number of benefits for which information department of Westmead designed its effective security policies. For avoiding the cyber-attacks, it is important to secure the information system. Information security department needed to be equipped with the latest technology and informational strategies. List of benefits is being given that sheds a light on why organizations and hospitals like Westmead are spending more time and money on improving their information security. In the health market competition is becoming tougher as people prefer to visit hospitals that provides better security to their details.
Discussion
With the advancement of technology, like other institutes, Westmead Hospital has also centred its focus on providing safety to the patient data that could be used for different purposes. For knowing and improving the level of safety of patient's data Westmead is trying to consider challenges that could serve as the real threat to the information security system of Westmead. There are certain areas that Westmead is considering while improving the security system so that personal details could be made more secure (Cucchiaro, et al, 2019, pp.S100-S101). Field of information security is at more risk of breaching and as the area of information technology is growing more, challenges and risks are also arising at same rate. Security management of Westmead Hospital have become more aware of confidentiality, integrity and uninterrupted availability of the required data (patient’s data in most cases) and these are the three main areas and concepts of security concerning computer systems. One of the main threats that Westmead information technology management is trying to mitigate is, checking the unauthorized access to the patient’s data, which they termed as the loss of confidentiality. For Westmead Hospital, confidentiality is an important attribute that provides its patient with confidence that their personal details and medical records are safe and would not be misused. Confidentiality could be at a risk when information would be shared or present on insecure networks. Security management of Westmead is trying to make its security networks more secure for which it is trying to use access control and authentication techniques. Integrity is another major area that is being focused on when critical safety of the patient's data is concerned. In the field of technology, there are many ways through which unauthorized alterations are being made in information. Both human errors and intentional tempering have become a real threat for the information security mamangement of Westmead.
Main challenges faced by Westmead Hospital in the area of information security
There are different attacks that the information security department of the Westmead Hospital is facing. Different security attacks that have become a risk for the information security are not easy to handle and for solving these security issues, management of Westmead needed to be updated regarding security challenges. Westmead information security management is currently working on mitigating few main issues that are becoming a real threat for its network security syste. Like all other major institutions, Westmead is trying to make its information system secure from security risks. Two of the main challenges that Westmead is facing at present are people and access control. The investigation has shown that one of the main causes of data breach from the information security system of Westmead is that people unintentionally do something that they should not (Australia, et al, 2019). People always try to access the control system or the associated data for which mostly they don’t have the proper guidance.
Next big security-related challenge that Westmead is facing is “authentication”. It has become difficult to know whether the information shared between the two hospitals or other parties is authentic or reliable as security systems could be hacked and information could be tampered. Authentication is of great importance as it has been seen that in some cases law agencies i.e. courts need medical reports so, in order to deal with the challenge of the threat of authentication, Westmead information security experts are trying to find best possible solution.
Rise of CaaS comes next on the list of challenges that Westmead Hospital is facing. Crime –as-a-Service is one of the ever-growing batches of malicious software-based elements. It is used for stealing the requirred data from any of the information systems and as it has already been mentioned that in some cases when the legal departments want any medical report from Westmead for patients, it becomes important for them to assure them of credibility of high-level security of the information system.
External breaches are another grasping challenge that encourages Westmead IT security management to pay more attention towards securing and updating patient’s data. It is considered as the most damaging security risk and it is because of the inherent vulnerability of the security policies and the framework. External breaches could be because of the poorly equipped security team, so Westmead is trying to providing its information security department with all the latest equipments.
Solutions
The main factor that Westmead is focusing on is designing high-quality software as it has been seen that most of the security risks and challenges arise because of the poorly designed software. So, it could be said that information management department must be focused on the designing of software that could not be tampered and hacked easily (Wurst, et al, 2019). Next element that has been given the most important is keeping into consideration the limitations of hardware. For finding the solution, it is important to understand what exactly security threat is and what is needed for coping with the challenges and fixing the breach.
Most of the information security issues arise because of personal negligence. Westmead information security department is focusing on hiring the well-trained security personnel so that the rate of personal error could be mitigated. Hiring people who are well-versed with knowledge regarding information security is being used as a solution as most of the issues are because of personal errors. This fact cannot be denied that all the potential challenges being mentioned above have solutions. Westmead is trying to find out a single cybersecurity solution that would meet all the needs and requirements of the security network and system. Solutions like cryptographic segmentation that could control and meet all the necessities is being considered. 3i Infotech comes first in mind when it is about solutions regarding information security. Systems and networks are interconnected so Westmead needs to have an effective and operative security that could check any kind of unnecessary invasions. 3i Infotech is being used by Westmead as it provides end-to-end solutions to the hospital. One of the most effective solutions that are being used by Westmead is preventing data from being stolen. Leaking of the data is the main threat to the whole of the network or system. So like most of the other hospitals, Westmead is also aiming at providing proper protection and security to the networks and systems.
Advantages of the effective information security system
It is important to mention purpose of improving and updating the information security. There are various reasons for which information securityof Westmead is upgraded and proper department of security was founded. Data of the patients is one of the most private and confidential things that Westmead wants to protect so, preventing data theft is given the maximum value. Information security is also helpful for thwarting identity theft so that personal details of the patients could be safeguarded. Numbers of cases have been seen in which the hospitals are being charged with the allegation of not securing patient’s data so information security also helps in avoiding the legal consequences of not screening information. Maintaining information security systems also help in increasing the productivity of the hospital. Information security helps in the streaming of the communication as hospitals and government institutes need to share the patient information most of the time, so for the smooth flow of information and facilitating the communication, information security department plays an important role. IT security department of Westmead helps in storing and safeguarding valuable information. IT of Westmead is famous for storing, preserving and maintaining information and it is another domain for which this department is known for (Makeham, et al, 2019, pp.S3-S4). IT helps in storing, sharing and having the backup of the files that could be accessed for later use. Though IT seems expensive when it is implemented for the first time but in long run, it becomes cost-effective, as it streamlines the hospital's managerial and operational processes. IT helps in improving Westmead’s internal processes by reducing the time spent outside of work and reducing the coverall cost. This department also helps in creating jobs for those who show interest in this field of information security. Information security also helps in improving the economic conditions of a country. Westmead by improving its information security networks and systems is competing with the top rank hospitals of world.
Conclusion
Taking a look at the above-mentioned facts related to information security network and system, it could be concluded that providing hospitals with safe security is much more important than providing security to any other organization as hospital industry is highly information-intensive and involves more human interferences that lead towards more human errors. Generally, it has been witnessed that professionals (doctors and nurses) linked with health industry usually lack cybersecurity information and knowledge. Information security department of Westmead is responsible for taking care of all the operations by making sure the safety of patient’s data. Taking into consideration all the challenges, it won’t be wrong to say that keeping in consideration the latest happens in the field of information technology has become important As a whole, it could be promulgated that information security risks need to be taken seriously in order to avoid damaging breach that may threaten the reputation of Westmead hospital. Westmead higher management knows how important is to secure the information security. Patients must be realized that they are in safe hands and their confidential information is safe and secure. Training of security personnel is also an important factor that helps Westmead in avoiding many security threats and risks. Selecting and training highly competent people is an important factor that could make this hospital more trustworthy for the patients.
References
Australia, H., 2019. The public and private hospital systems.
Cucchiaro, S., Delgaudine, M., Princen, F. and Coucke, P., 2019. OC-0194 Continuous improvement by crossing patient satisfaction surveys, adverse events and complaints. Radiotherapy and Oncology, 133, pp.S100-S101.
Makeham, M.A. and Ryan, A., 2019. Sharing information safely and securely: the foundation of a modern health care system. The Medical Journal of Australia, 210(6), pp.S3-S4.
Wurst, B.E., 2019. Systems and methods for biometrically retrieving medical information. U.S. Patent Application 10/204,704.
