Module 3 Chap 7 Discussion
docx
keyboard_arrow_up
School
Northern Kentucky University *
*We aren’t endorsed by this school
Course
600
Subject
Information Systems
Date
Dec 6, 2023
Type
docx
Pages
2
Uploaded by ChiefMandrillPerson882
When an organization provides an online health community, there are several IT security and IT
architecture risks that should be mitigated.
IT Security Risks:
Malware
– Malware is deployed by a third party and is designed to gain access to
unauthorized computer systems and capture data before it is encrypted.
Insecure Passwords
– 80% of breaches are caused by stealing a password (Wiley, 2020).
Passwords can be stolen through phishing attacks, guessing weak passwords, or evil twin
Wi-Fi.
Cross-site scripting
– malicious code pointing to a link requiring log-in at an imposter site
(Wiley, 2020). This is a security vulnerability that
IT Architecture Risks:
Unauthorized Access
– Restricting access from unauthorized personnel is especially
important on a for the protection of PHI data. Password limitations, periodic changing of
passwords, and two-factor authentication should be implemented to limit unauthorized
access.
Network Security
– PHI data is valuable to hackers because they can use the data to
make false medical claims, buy prescriptions, or sell for profit (NCBI, 2023). A potential
vulnerability of an online health platform is that the network is not secure enough to
store and transmit PHI data. Implementing storage and transmission tools such as a VPN
can help establish a trusted network connection (Wiley, 2020).
I would not join an online health community forum. I don’t think organizations do a good
enough job protecting PII and PHI data. In fact, tech companies such as Apple and Google are
under class action lawsuits for recording conversations, including personal health information,
without consent (Lerman, 2021).
References:
Pearlson, K. E., Saunders, C. S., & Galletta, D. F. (2020).
Managing and using information
systems: A strategic approach
(7th ed.). Wiley.
Isola, S., & Al Khalili, A. (n.d.).
Protected health information - statpearls - NCBI bookshelf
.
National Center for Biotechnology Information.
https://www.ncbi.nlm.nih.gov/books/NBK553131/
Lerman, R. (2021, September 21).
Lawsuits say Siri and Google are listening, even when they’re
not supposed to
. Washington Post.
https://www.washingtonpost.com/technology/2021/09/02/apple-siri-lawsuit-privacy/
Hi Steven,
If patients are using an online platform for support, do you think that could potentially make
them more vulnerable? I am thinking about phishing links (Wiley, 2020) in particular, where a
user posts a link to an external source and a patient unknowingly clicks on it. Although I do think
an online health community could be helpful for support, you also risk posting personal details.
As a result, patients/users have to rely on the site’s security measures. The defense mechanisms
to reduce risk in an online forum are limited.
Thanks!
Molly
References:
Pearlson, K. E., Saunders, C. S., & Galletta, D. F. (2020).
Managing and using information
systems: A strategic approach
(7th ed.). Wiley.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help