Module 3 Chap 7 Discussion

.docx

School

Northern Kentucky University *

*We aren’t endorsed by this school

Course

600

Subject

Information Systems

Date

Dec 6, 2023

Type

docx

Pages

2

Uploaded by ChiefMandrillPerson882 on coursehero.com

When an organization provides an online health community, there are several IT security and IT architecture risks that should be mitigated. IT Security Risks: Malware – Malware is deployed by a third party and is designed to gain access to unauthorized computer systems and capture data before it is encrypted. Insecure Passwords – 80% of breaches are caused by stealing a password (Wiley, 2020). Passwords can be stolen through phishing attacks, guessing weak passwords, or evil twin Wi-Fi. Cross-site scripting – malicious code pointing to a link requiring log-in at an imposter site (Wiley, 2020). This is a security vulnerability that IT Architecture Risks: Unauthorized Access – Restricting access from unauthorized personnel is especially important on a for the protection of PHI data. Password limitations, periodic changing of passwords, and two-factor authentication should be implemented to limit unauthorized access. Network Security – PHI data is valuable to hackers because they can use the data to make false medical claims, buy prescriptions, or sell for profit (NCBI, 2023). A potential vulnerability of an online health platform is that the network is not secure enough to store and transmit PHI data. Implementing storage and transmission tools such as a VPN can help establish a trusted network connection (Wiley, 2020). I would not join an online health community forum. I don’t think organizations do a good enough job protecting PII and PHI data. In fact, tech companies such as Apple and Google are under class action lawsuits for recording conversations, including personal health information, without consent (Lerman, 2021). References: Pearlson, K. E., Saunders, C. S., & Galletta, D. F. (2020). Managing and using information systems: A strategic approach (7th ed.). Wiley. Isola, S., & Al Khalili, A. (n.d.). Protected health information - statpearls - NCBI bookshelf . National Center for Biotechnology Information. https://www.ncbi.nlm.nih.gov/books/NBK553131/ Lerman, R. (2021, September 21). Lawsuits say Siri and Google are listening, even when they’re not supposed to . Washington Post. https://www.washingtonpost.com/technology/2021/09/02/apple-siri-lawsuit-privacy/
Hi Steven, If patients are using an online platform for support, do you think that could potentially make them more vulnerable? I am thinking about phishing links (Wiley, 2020) in particular, where a user posts a link to an external source and a patient unknowingly clicks on it. Although I do think an online health community could be helpful for support, you also risk posting personal details. As a result, patients/users have to rely on the site’s security measures. The defense mechanisms to reduce risk in an online forum are limited. Thanks! Molly References: Pearlson, K. E., Saunders, C. S., & Galletta, D. F. (2020). Managing and using information systems: A strategic approach (7th ed.). Wiley.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help