Answer To: My Assignment topic is mobile health devicesWord limit: 10 to 15 pages in length and the template is...
Kuldeep answered on Sep 26 2020
Mobile devices in healthcare
Student Name
University Name
Executive Summary
Healthcare provider is finding great values in connecting with the patients outside brick-or-mortar confine of doctor’s clinic, office as well as hospital. Doctor is looking for the data that enable them to tracking their patient. They may want to understand whether the patients are doing what they are doing in the days and hours of surgery and they are tracking anyone after the secrecy. Perhaps they need to monitor somebody with chronic conditions and know whether the physiology and physical environment in the patient's ongoing health and care management is played. Digital well being tools and information have the ability to move the US's unsafe healthcare system into a cost-based care environment. Encouragement promotion with workflow comes from aligning. Research on using mobile technology for the problem of alcohol use is a developing area. In addition to creating a scalable system capable of rapid technological advances in mobile health research, an unprecedented amount of data collection and real-time intervention, research creates both opportunities and challenges, including protecting the confidentiality and security of the participants. According to the survey, the top hindrance is to refuse to know the changes and new skills of employees or to oppose the technology due to the fear of obstructing their flow of work; About 70 % of those survey said that it is "very hard" to defeat. Some 64 % of people have expressed concern about the prize of latest technology as well as 61 percent of people describe the complexity, fears of poor integration and patient error caused by "unclear introduction of new devices". We continue to improve in the same way technology is developing.
Contents
Executive Summary 2
Provides a clear statement of the technology project that is being assessed 3
An overview of your recommendations to management as to the merits of the project based on your risk assessment 3
Risk assessment based on threats, vulnerabilities and consequences 4
4.1 These are must be derived from an IT control framework and any existing industry risk recommendations for the project. 5
4.2 Identify and discuss the key threat agents. 5
List threat agents 5
4. Issues 6
Consequences 7
4.3 What could be done to mitigate the risks and their impact on the system 8
Mitigation 8
5 Provide a brief summary 8
5.1 Protection mechanisms you could employ for the information security. 8
Other measurements Security mechanisms 9
Like change in key principle of information security 9
Conclusion 9
References 11
Appendices 13
Provides a clear statement of the technology project that is being assessed
Even though research material in these areas is unclear, lessons from the other communities, for example cyber security and Internet security, which several technologies offer to, decrease the probable threat of data violations and harassment in MHT. It is necessary to reduce the risks to reducing risks of privacy and security in the MBH. Nevertheless, the mHealth should not stop the research progress, while the field is waiting for the perfect solution.
An overview of your recommendations to management as to the merits of the project based on your risk assessment
MHD includes wearable activity tracker, smartphones, wireless connected scale, blood pressure cuff, pulse oximeter, and glucometer. Despite the enthusiasm for the improvement of health for this device, their successful reliance on customers as well as patients for a self-monitoring on a regular basis is uncertain (Biswas & Mukhopadhyay, 2016). Access to the mobile platform has ability to improve self-care behavior such as exercise, diet, weight management moreover lifestyle choices for example smoking, which has been also shown to protect against 80 percent of acute ailments. Disease for long-term patients, mobile platforms can be monitored in real-time through coaching and target management individually, and for that active maintenance of the patients, there may be the highest risk for hospital admission (Brody, Bianca & Krysa, 2012).
Risk assessment based on threats, vulnerabilities and consequences
However, clear consent is need for the purpose of research, education as well as publication; that is why it is advisable to obtain consent for taking any images taken by this consent and especially when the mobile platform is used (Carabine, 2015).
Potential security violations in case of an electronic mobile device being hacked, lost or stolen, this means that the images on the device such as recording and sharing of patient information are risky. There is a wide set of programmed apps with Dropbox, Icod, Facebook, Google Plus and Instagram, documents and images stored on mobile devices, automatic access. Images can be shared extensively on an easy network or can be backed up to non-vulnerable systems. Data can be easily public without adequate security (Coles-Kemp, 2009). Privacy Commissioners provide some guidance on what to do if breached. For example, in Ontario, the Information and Privacy Commissioner has demanded an immediate implementation of the Protocol; Violation scope inspection and evaluation; Notification of affected person; and subsequent inspections and remedies 7. Canada's private commissioner and British Columbia and Albert's Information and Intelligence Commissioner issued joint document provided guidance on the BYOD program. Documents focus on important privacy or security risks, which must be consider when deciding on a program, in which it is necessary to include whether an organization is appropriate or not. They provide step-by-step methods for implementation of the biodegradable program as well as particularly address the pilot program, training, security moreover management process (Foulser-Piggott, Bowman & Hughes, 2017).
Healthy service providers or organizations are at risk of civil liabilities if the data store on the mobile devices is safely handled. Legal suit are establishing latest privacy practices related to privacy and autonomy (wrongful action resulting from injuries to individuals, property or reputation and the right to compensation to the injured party) (Janiszewski, Felkner & Olszak, 2017).
4.1 These are must be derived from an IT control framework and any existing industry risk recommendations for the project.
It is necessary to use these tools to collect, display, and secure data from time to time and unified systems to take advantage of mobile health to promote long-term disease management. In addition, mobile health practices show flexibility in responding to regulatory hurdles in changing environments in terms of rules and regulations. The purpose of this pilot viability study is to develop technical infrastructure to integrate and analyze mobile health data from multiple devices available to people, and to check consistency in the timing of stressed and critically ill patients through the application (Johnson, 2011).
4.2 Identify and discuss the key threat agents.
List threat agents
1. Competitors and organized crime
2. Hacktivists
3. Thieves
Image Source: healthit.gov
Image Source: mhealthspot.com
4. Issues
Competitors as well as organized crime: The Private criminal organizations have been understood to be fairly resourceful or sophisticated. But, in this category, we include professional competitors who compete for monetization or for resources (eg acquisition) (Macrea & Macrea, 2017). For example, a competitor may try to get copy of the device firmware’s to damage the reputation of its competitors. Likewise, using same Act vector, the engineer of device that is attacking may reverse engineer and use parts of its own product. These integrated circuits have malicious code improvements that may be use to enable the access to criminals on data and running software on the device.
Hacktivists: In this category, individuals or group groups pursue political or social agendas related to the rights of human rights and information (Maheswaran & Rao, 2014). An example of an anonymous group is an example. Hacktivists activity often disrupts business and focuses on CEO, media coverage and people's attention. The stunt hackers involved in this group can be proved by hacking devices, especially those IOT devices that are known or promoted by promotional gains (Malhotra, 2015).
Thieves: These risk agents include individuals who steal personally for personal economic gain. Such as, the researchers show how the vulnerability is shown in devices like Chamberlain Mutual System and UB when a garage is in the door, the thief can be suggested. Opened / stopped or resident came home as well as thus showed a window of an opportunity to break the house. Thieves are linked to DOS, system infiltration and spoofing (Olawale & Sun, 2015).
Consequences
Many of the mHealth researches also run confidentiality and security concerns with the power (ie the potentially sensitive and possibly the ability to collect and maintain continuous flow data on the range of illegal activities and programs). These topics, and privacy, are all independent but yet connected problems that researcher need to address to protect research. For the important and health-related statistics, the National Committee thus clarifies the difference between privacy and confidentiality and security:
The respect to privacy of those who are closely related, to respect privacy of those whose data is related, is to refer to the liabilities of those who receive the information. Securities are completely different (Pasăre, 2015). This refers to the physical, technical, and administrative protection as well as tools utilized to protect unrecognized access or disclosure of known health data. There are the several legal or ethical concern about mHhalth, particullarly when using alcohol, medicines, and learning mental well being. The MHELT community should discuss legal and ethical considerations but it will be not reviewed (Verma, 2013).
4.3 What could be done to mitigate the risks and their impact on the system
Impact
To ensure the safety and health of the patient's privacy, it is necessary to review the existing laws and standards so that further research is needed to determine whether mobile health technology still creates certain non-specific circumstances. There are many challenges for healthcare on how to use these tools in a best manner and how to incorporate them into their own diagnostic assistive systems.
Mitigation
Implement remote and automatic lock and wipe capabilities for use when devices are lost and stolen, moreover after excessive number of wrong login attempt.
Install security programs. Hackers as well as viruses now target mobile device with intensities like desktop computers, but healthcare professional must install Internet securities software on their mobile device, preventing harmful apps or malware from accessing health service networks moreover compromising protected information (Biswas & Mukhopadhyay, 2016).
5 Provide a brief summary
5.1 Protection mechanisms you could employ for the information security.
Safe guards
Implement user authentication controls. One of a biggest danger on healthcare and any external device is insufficient security controls. Use any and all device locking methods to protect the devices used by the providers.
Other measurements Security mechanisms
Develop an application policy. BYOD Environment Control Applications installed on individual devices is a great topic, but healthcare users must know the potential threats related with damaging applications (Brody, Bianca & Krysa, 2012). At a minimum, providers should be educated on how to evaluate apps or get approval for approved apps on the devices that are used for work. At least, the file-sharing applications must be banned moreover providers prevented the patient from using data that is not allowed to share data and is unsafe filing-sharing services. 33978
Like change in key principle of information security
Encourage regular updates. Updating operating systems is a very important part of several security policies. Hackers target vulnerability in the operating system or installing updates closes the pores and helps protect the data (Carabine, 2015). Develop a policy to notify providers of significant updates moreover enforce the updated needs.
Employ encryption. Depending on the device or on an app-by-application basis, the data stored and transmitted through device must be encrypted. Email or attachments must be secure as well as encrypted to make sure that unauthorized persons do not see it in an accident.
Conclusion
Mobile health shows a shift in order to take care of the patient. The issue of concern is classically located in the hospital or clinic. Mobile Health is starting to move the model so that the person at that time has to take care of where it is located, and as a result, the opportunity to take more time to care for it . It is also important to remember that these tools help to increase the population of Healthcare, where the direct access to healthcare professionals is limited, and therefore health management customers are frequently overlooked. In order to consider various mobile health tools, policies and guidelines in these sources, Tools Health Centers try to engage and actively engage their patients in order to take advantage of this technology.
References
Biswas, B., & Mukhopadhyay, A. (2016). GARCH-Based Volatility Assessment of Software Vulnerabilities. SSRN Electronic Journal.
Brody, T., Bianca, P., & Krysa, J. (2012). Analysis of Inland Crude Oil Spill Threats, Vulnerabilities, and Emergency Response in the Midwest United States. Risk Analysis, 32(10), 1741-1749.
Carabine, E. (2015). Policy for the Sendai Framework for Disaster Risk Reduction 2015-2030: Lessons from Existing International Science Partnerships. Plos Currents.
Coles-Kemp, L. (2009). Information security management: An entangled research challenge. Information Security Technical Report, 14(4), 181-185. d
Foulser-Piggott, R., Bowman, G., & Hughes, M. (2017). A Framework for Understanding Uncertainty in Seismic Risk Assessment. Risk Analysis.
Janiszewski, M., Felkner, A., & Olszak, J. (2017). Trust and Risk Assessment Model of Popular Software Based on Known Vulnerabilities. International Journal Of Electronics And Telecommunications, 63(3), 329-336.
Johnson, B. (2011). Risk Assessment, Risk Management, and a Historic Political Deal. Human And Ecological Risk Assessment: An International Journal, 17(6), 1171-1172.
Macrea, R., & Macrea, P. (2017). Vulnerabilities and Threats to Human Security Generated by an Ineffective Educational System. International Conference KNOWLEDGE-BASED ORGANIZATION, 23(2), 324-327.
Maheswaran, M., & Rao, D. (2014). STRESS TEST FOR RISK ASSESSMENT UNDER BASEL FRAMEWORK APPLIED IN BANKING INDUSTRY. Risk Governance And Control: Financial Markets & Institutions, 4(3).
Malhotra, Y. (2015). Cybersecurity & Cyber-Finance Risk Management: Strategies, Tactics, Operations, &, Intelligence: Enterprise Risk Management to Model Risk Management: Understanding Vulnerabilities, Threats, & Risk Mitigation (Presentation Slides). SSRN Electronic Journal.
Olawale, Y., & Sun, M. (2015). Construction project control in the UK: Current practice, existing problems and recommendations for future improvement. International Journal Of Project Management, 33(3), 623-637.
Pasăre, I. (2015). Risks, Threats And Vulnerabilities At The Eastern Border Of NATO And Of The EU. International Conference KNOWLEDGE-BASED ORGANIZATION, 21(1), 77-83.
Verma, S. (2013). Automatic/Mandatory Cross-Border Debarment: Key Constitutional & Trade Conflict Considerations That Any Robust Debarment Framework Must Necessarily Address. SSRN Electronic Journal.
Даник, Ю., Шестаков, В., & Чернишук, С. (2014). RISK ASSESSMENT OF CYBER THREATS REALIZATION TOWARDS COMPLEX INFORMATION SYSTEM. Science-Based Technologies, 21(1).
Appendices
Image Source: healthit.gov
Image Source: uthealthleader.org