Tuesday, December 3, 2019
Information Security A Critical Discussion
Within the contemporary, hyper-connected and interlinked business landscape, organizations ââ¬â large and small ââ¬â are continually under attack.Advertising We will write a custom essay sample on Information Security: A Critical Discussion specifically for you for only $16.05 $11/page Learn More A computer crime and security survey conducted in 2005 through the joint efforts of the Computer Security Institute (CSI) and the San Francisco Office of the Federal Bureau of Investigation (FBI) demonstrated that six in every ten organizations were victims of unauthorized computer use during the past 12 months (Johnston Hale, 2009). These unauthorized uses, according to the authors, included ââ¬Å"â⬠¦malicious acts such as theft or destruction of intellectual property, insider abuse and unauthorized access to information that resulted in loss of data integrity and confidentiality, as well as malware threats such as viruses, spyware, worms, and Tro jansâ⬠(p. 126). It is against this background that the present paper aims to put into perspective some critical issues regarding information security, particularly in healthcare organizations. In laymanââ¬â¢s language, information security can be defined as the protection of data against unauthorized or illegal access through the employment of authentication protocols such as passwords, fingerprints, and digital certificates, as well as employing encrypting processes for highly sensitive data (Bodin, Gordon Loeb, 2008). A computer system that asks users to input personal identification numbers (PIN) demonstrates a good example of how information security functions. In more complex terms, however, the concept of information security is often viewed under the lens of protecting data and complex information systems from unauthorized or illegal access, use, revelation, interruption, modification, examination, inspection, recording or obliteration of information, whether in pri nt, electronic or any other format, and against the denial of access to authorized users (Khansa Liginlal, 2009).Advertising Looking for essay on computer science? Let's see if we can help you! Get your first paper with 15% OFF Learn More In practice, therefore, information security entails taking proactive measures and strategies aimed at detecting, documenting, and countering any form of unauthorized use, access or modification of information systems (Bodin et al, 2008). A good example here is the heavy investments organizations make to install antivirus software, firewalls and other internet security tools to ensure that cyber criminals do not have access to their networks, and to incapacitate any attempts made by these criminals to modify the information systems and databases through malware threats. Today, more than ever before, the daily functioning of contemporary healthcare organizations is becoming more intricately tied to the investments made in terms of ado pting information technology, as well as the integrity and accountability of the information systems by virtue of the fact that ââ¬Å"â⬠¦patient care, research, operations, and finance all rely on highly available, trustworthy, and robust applications, data, and infrastructureâ⬠(Glaser Aske, 2010, p. 40). The very fact that health organizations must continuously invest in latest information technologies demonstrate the importance of adopting information security technology; they, as is the case in other business organizations, deal with particularly sensitive data that must be protected from unauthorized access, use or modification (Bernstein McCreless, 2007). Patient and health data, which are the mainstay of most heath organizations, are particularly sensitive to a point where client trust and satisfaction levels are largely evaluated on account of how well the organizations are able to secure confidential information on behalf of their clients (Cooper Collman, 2003) . Away from patient-related issues, it is very important for health organizations to protect their information systems, which are often costly to design and implement, from any possible attack or unauthorized access (Weems, 2010). It simply does not make any business sense for health organizations to expose themselves to these attacks or unauthorized access of information systems since such actions always come with high financial and reputational implications for the healthcare organizations involved.Advertising We will write a custom essay sample on Information Security: A Critical Discussion specifically for you for only $16.05 $11/page Learn More Consequently, it is always advisable and beneficial to assume a proactive stance and invest heavily on information security technology. Lastly, it is generally believed that information security in healthcare settings can only be achieved by addressing the germane issues of confidentiality, integrity/veracit y, availability/accessibility, reliability, and accountability. While confidentiality implies that sensitive patient and health data should not be made available or disclosed to unauthorized individuals or processes, integrity implies that such kind of data or information must not be altered, modified and/or destroyed in an unauthorized manner (Cooper Collman, 2003). Availability as a critical component in healthcare information security implies that data or information should always be accessible and useable upon demand by any authorized entity, while accountability is used to describe the capability to audit the actions of all parties, procedures and processes which continually interact with the data or information, and to intrinsically determine if such actions or interactions are appropriate (Cooper Collman, 2003). It goes without saying that data or information contained in information systems within the healthcare context must be reliable and free of error at all times. Refe rence List Bernstein, M.L., McCreless, T., Cote, M.J. (2007). Five constants of information technology adoption in healthcare. Hospital Topics, 85(1), 17-25. Retrieved from MasterFILE Premier Database Bodin, L.D., Gordon, L.A., Loeb, M.P. (2008). Information security and risk management. Communications of the ACM, 51(4), 64-68. Retrieved from Business Source Premier DatabaseAdvertising Looking for essay on computer science? Let's see if we can help you! Get your first paper with 15% OFF Learn More Cooper, T., Collman, J. (2003). Managing information security and privacy in healthcare data mining: State of the art. In: C.J. Alberts A.J. Derofee (Ed.), Managing information security risks: The octave approach. Boston, MA: Addison-Wesley Professional Glaser, J., Aske, J. (2010). Healthcare IT trends raise bar for information security. Healthcare Financial Management, 64(7), 40-44. Retrieved from MasterFILE Premier Database Johnston, A.C., Hale, R. (2009). Improved security through information security governance. Communications of the ACM, 52(1), 126-129. Retrieved from Business Source Premier Database Khansa, L., Liginlal, D. (2009). Quantifying the benefits of investing in information security. Communications of the ACM, 52(11), 113-117 Weems, K. (2010). Health IT the road so far. Health Financial Management, 64(6), 86-90. Retrieved from MasterFILE Premier Database This essay on Information Security: A Critical Discussion was written and submitted by user Isis Foreman to help you with your own studies. You are free to use it for research and reference purposes in order to write your own paper; however, you must cite it accordingly. You can donate your paper here.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.