Information Security System for Twinkle Health Organization

Introduction

Twinkle Health Centre is a private organization whose main objective is to provide health services to the society. It was established in 2005 and has been running smoothly in its operations particularly in offering health services to patients. However, in the recent past, the organization has had problems with its information security system because some of its important information leaked out courtesy of a hacking process (Doyle, 2001). This shows that the security program of the organization is not efficient. Before establishing information security system, it is important to understand what information security in a system like health centre is all about. Information security system refers to a well-documented structure with senior management support that is crucial for the defense purposes. Threats exist from both within the walls of hospitals and any other organization and from external sources like the hackers, foreign governments and competitors. Information security system constitutes of privacy, confidentiality, access, accountability, availability, authentication, and information technology system and network maintenance.

Note that all these components work hand-in-hand in enhancing a comprehensive information security system in a health centre (McKilligan & Powell, 2009). The ultimate aim of this context is to evaluate the information security system for Twinkle Health Centre. This involves, identifying the assets of the organization and threats linked to those assets. It then analyzes and evaluates these threats and identifies options for treatment of the risks. It winds up by selecting control objectives and control treatment of risks.

Methods

The method used for carrying out this study was research on various aspects of information security system. The research was conducted on health related organization and information security as whole.

Results

Primary functions of information security system

Confidentiality refers to the needs of the medical centre, its obligations and desires to secure private, proprietary and other crucial information from the people who do not have the right and need to obtain it (Sweeny & Newton, 2003). These include people like the outsiders and/or competitors who may wish to pull it down. Therefore, this element must be taken into consideration in order to secure a medical centre. Access refers to the privileges, rights and ways of protecting assets from access or loss. Accountability refers to the responsibilities of users, operation staff and management (Islan & Brankovic, 2004). Authentication defines the development of password and authentication policy to safeguard information. Availability refers to resource redundancy, availability, recovery, and maintenance. Other essential elements for security system include the policy statement, scope, roles and responsibilities, security directives, acceptable use policy (AUP), incident response procedure and document control factors. Any information security system that comprises of the above factors is comprehensive and very safe for any organization (Moore, Brown & Miller, 2000).

Identification of Twinkle Health Centre’s Assets

This organization has many assets related to information because it is a firm dealing with human health. The greatest asset of any health organization is patient’s information which must be private and secure. Nobody is allowed to access the health information of a patient apart from the physician and the patient’s family. Therefore, any internal data access needs by intruders or any other irrelevant parties should not occur to such information. The internal data access needs refers to the requirement of an individual to have access to the main database of the hospital. This rarely happens to the unknown individuals in the hospitals (Wiederhold, 2002). For example, people like the security personnel, patients, cleaners, cooks and to some extent nurses have no authority to access the internal information of the system especially when the database contains patient-physician communications (Curtis & Cobham, 2008). The internal database also contains important information about the hospital that need not to be disclosed to the outsiders other than the management and physicians.

Such exposure of internal hospital information to anyone other than the management and physicians means the system is at a risk. For instance, information like the hospitals’ profits, number of operational equipments doctor-doctor information and patient-doctor information should never be open to rogue users (Aycock, 2006). This is the greatest asset of twinkle health organization and can only be accessed by relevant parties. External information of the hospital on the other hand can be accessed by anyone because most of it is business-oriented information aimed at promoting the hospital. Information like when the hospital was opened, how it performs, who the manager is, how efficient it is and so on. This is the best example of external information data access which is open to everyone. Generally, internal data of the hospital is only accessed by the core people particularly the management while external data is accessed by anyone who wishes to (Sweeney, 1997). Since the organization has been having problems with its internal data meaning that it might have been licking to the irrelevant parties. The information system of Twinkle health organization is at risk and some of the risks involved are as follows.

Identification of Threats and Vulnerabilities of Twinkle Organization Information System

Several threats are posed to the Twinkle organization since it contains a technology-oriented system. Its computer system and the information it holds have numerous threats that instigate from within and outside the organization (Thomas et al, 2002). Some of the major threats in the organization’s information system include malicious codes like Trojan horses, worms and viruses. Malicious codes mostly take advantages of the weaknesses in operating system software but also rely on organizational vulnerabilities like failure to organize, advance or train employees in the use of malicious free software like antivirus. Malicious code is dangerous to the system in the sense that it may enable impersonation, service attacks, information theft and other infringements. Attacks by well known malicious code like the Lovebug or Melissa viruses draws attention on the threat of “hackers’, intruders with intention of harming specific organizational operations or network functionality (Wiederhold, 2002). Insiders with privilege access to network operations such as the physicians and nurses may use a grudge against their employer to inflict great harm to the system. For instance, a physician may not be in good terms with his or her employer then decides to harm the information system of the organization because he or she has access to the network operation of the organization (Skoudis & Zeltser, 2003).

For instance, they post on the organization’s website negative information such as poorly trained employees, poor quality services, no competent infrastructure and several other negative comments. For the people who have the responsibilities of guarding the security of computerized information assets, the most significant point to keep in mind is that every computer system with its host firm has its own security constraints or vulnerabilities (Murphy & Chueh, 2002). The approach for these risks is for the organization to carry out best information security risk evaluation, which functions as the basis for information guarantee plan. Since the computer system is pertinent, there is no surety for absolute security and therefore, the information assurance plan looks forward to employ cost-effective control measures to minimize to certain extent the probability of loss of organizational data to possible threats. This means that the information assurance strategy is modeled to manage risk (Moore, Brown & Miller, 2001). The control measures related to the information assurance plan include procedures, policies and technology. Risk evaluation should be performed occasionally since both threats and vulnerabilities alternate over time thus, information assurance plan need to be updated from time to time as well.

Type of information that might be found when the system is at risk

When an organizational information system is at risk, some of the most anticipated information to be acquired are as follows:

• Spam – emails sent to the system with garbage data to inform or annoy (Anderson, 2006)
• Denial of service – due to too much threats, the system may be overwhelmed in terms of ala IP syn flooding, Smurf with ICMP Echo appeal or mail bombing. In case of such, take advantage of software packages such as Ping of death, LAND and ala Buffer overflow.
• Bacteria – this is known for corrupting live data and destruction of boot zone. It prevents recovery of back up data.
• IP Address spoofing – this is when a scoundrel site cuts off authenticated communications between lawful users and bestows altered material as rightful.
• Man-in-the middle spoofing – this is where the captured bags are interfered with and reinserted into a lively session tube (Dhillon, 2007).
• Spoofing – interfering and changing DNS namespace to complex Web Page Redirection

Discussion

Risk Assessment is a Significant Element of Risk Management

Assessment risk is one component of a wider set of risk control actions. Such elements encompass implementing suitable policies and related management, developing a vital management central point, endorsing awareness and supervision and assessing policy and control efficiency. Despite the fact that all components of risk management sequence are crucial, risk evaluation issues the basis for other components of the sequence (Sweeney, 2002). Specifically, risk evaluation gives a foundation for developing suitable policies and choosing cost-effective methods to put the policies into practice. Because risks and threats change with time, it is significant that organizations re-evaluate risks from time to time and reassess the effectiveness and appropriateness of the policies and management they have chosen. This persisting sequence of actions, encompassing risk evaluation, is described in the diagram below of the risk management sequence.

Basic Elements of Risk Assessment Process

Risk evaluation whether they are relevant to information security or any other type of threat, is a way of issuing decision makers with the required information to acknowledge concepts that can affect results and operations negatively and come up with well-versed judgments about the degree of activities required to minimize threats. For instance, bank administrators have carried out risk evaluations to control the threat of evasion related with their loan portfolios, and nuclear power plant engineers have undertaken such evaluations to control risks to public health and safety (Moore, Brown & Miller, 2001). As dependence on computer systems and electronic data has developed, information security risk has combined the collection of threats that must be managed by businesses, governments and organizations (Oliveira & Zaïane, 2003). Despite the kinds of threats being examined, all risk evaluations usually encompass the following elements.

1. Realization of risks that may damage information system is important since it can unfavorably influence significant functions and assets. Threats that encompass things like criminals, intruders, disgruntled workers natural disasters and terrorists.
2. Identification of probability that these risks may occur based on chronological information and ruling of well-informed people is also crucial (Curtis & Cobham, 2008).
3. Realization and positioning the sensitivity, value, and criticality of the functions and investments that could be influenced in case a risk occurs in order to identify the type of operation and assets that are extensively significant (Islan & Brankovic, 2004).
4. Approximating for the most significant and responsive assets and operations, the possible damages that could take place if the risks happens, encompassing cost of recovery.
5. Realizing the cost-effective activities to alleviate or minimize the threats (Kovacich, 2003). These activities can encompass, putting new organizational processes and policies into practice as well as technical or physical management.
6. Keeping a record of the outcomes and establishing an action plan.

There are several models and techniques for evaluating threat, and the degree of analysis and the reservations spent can differ depending on the range of the evaluation and the existence of dependable data on threat concepts (Melton, 1997). Moreover, the existence of information can influence the degree to which threat evaluation outcomes can be dependably enumerated. An enumeration approach normally approximates the financial costs of threats and threat minimization methods based on:

1. The probability that a harmful event may take place (Peltier, 2001),
2. The costs of possible losses, and
3. The costs of alleviating activities that could be undertaken

When dependable data on probability and costs are not obtainable, a qualitative can be acquired by describing threat in highly slanted and general terms like medium, high and low. In this consideration, qualitative evaluations depend greatly on professionalism, experience and ruling of those undertaking the evaluation. It is potential to employ a grouping of enumerated and qualitative techniques (Sweeney, 2003).

Challenges related to evaluation of information security Risks

Dependably evaluating information security threats can be great tricky than evaluating other kinds of threats, since the data on the possibility and costs related to information security concepts are mostly more imperfect and because risk concepts are steadily changing. For example;

1. Data are imperfect on threat concepts, like the probability of a complicated hacker assault and the costs of harm, loss or disturbance brought about by occurrences that take advantages of security vulnerabilities;
2. Certain costs, like deficit of client confidence or revelation of significant information, are intrinsically difficult to enumerate (Skoudis & Zeltser, 2003).
3. Despite the price of the hardware and software required to reinforce controls may be realized, it is mostly not potential to specifically approximate the associated indirect prices like the potential deficit of productivity that may occur when the new controls are put to practice (Murphy & Chueh, 2002); and
4. Although specific information was present, it would rapidly require modification due to the swift advancement in technology and concepts like developments in tools present to possible intruders.

This deficiency of dependability and present data mostly prevents specific determinations whereby information security threats are the most critical and contrast of which controls are the most cost-effective (Saul, 2004). Due to these constraints, it is essential that organizations like Twinkle health centre recognize and use techniques that smoothly acquire the reimbursement of risk evaluation while preventing costly trials to enlarge seemingly specific outcomes that are of doubtable dependability.

Steps to help Resolve Information Security System Risks

Most of the internal threats to information security system encompass malicious codes (Layton, 2007). This means that before fighting anything else, the Twinkle organization has to make sure that it does away with malicious codes such as Trojan horses, worms and viruses. The best approach to such threat is to employ antivirus for its information system in order to destroy all the malicious codes and to influence a strong shield against them. The next step is to develop an information plan, which documents Twinkle Organization’s recommendations to alleviate the revelation by putting into practice new or reinforced controls (National Institute of Health, 2004). The action plan has to encompass the steps to take, time structure for fulfillment and the responsible crowds within the organizational structure. The duration of the action plan differs greatly, although according to one central point, the plan should be succinct and center on little main recommendations (Stallings & Brown, 2009).

The next step is to establish risk acceptance statement for remaining publicity. This means that if the security solution in regard to the recognized exposures is not practical. The business structure head is enlightened about the exposure and its possible influence on organization. Other steps include approving the risk acceptance statement and documenting the outcomes.

Risk Management Program Process

The six major processes involved are as follows.

• Establish context – locating the context or extent of the risk evaluation encompass, developing several characteristics before the evaluation in order to ensure suitable data is accumulated and assessed. Some of the details in that may be assessed in the context encompass geographical sites of the information assets and equipment.
• Recognizing critical assets – after the risk evaluation context has been set, the owners of the asset assess the assets that are significant and which one are not. The assets taken into consideration include primary assets (information, business processes and activities) and supporting assets such as network devices, hardware, software and facilities (Islan & Brankovic, 2004).
• Identify risks – this is where workshops or interviews are employed to importune input. Also helps to assess operational data.
• Assesses risks – risks like malicious codes are evaluated and solutions obtained.
• Report and review risks – issue management with data required to make effective business choices.
• Treat and manage risks – this encompasses recognizing liable risk owners and pertain risk treatment plans to the threats the management chose to minimize, transfer or prevent in the prior phase. Potential treatments encompass applying special projects or other predefined management meant to tackle those threats (Sweeney, 2002).

Assets/Benefits of Hospital Information Security System

Hospital organization such as Twinkle is a place where there must be security and privacy of information at all costs. This is because the doctor-patient communication must be private and the system enclosed for security of that information (Stallings & Brown, 2009). In this way, establishment of an information security system in a hospital will be able to fulfill the following purposes;

Protect people and information

The communication between the doctor and the patient must just be between the two, no third party should access it unless permitted to. The best example of information security is the use of email (National Institute of Health, 2004). E-mail is one of the best aspects of conveying information privately and maintaining its privacy since it is a communication done between two people; a patient and a physician where the patient has his or her own password to access personal e-mail (Waldo, 2007). The physician on the other hand also has his or her e-mail with a private and personal password where nobody else can access therefore ensuring appropriate patient confidentiality. Besides, the physician can access information at his own private time or when free where disturbances are not thus ensuring enough privacy of the information (Islan & Brankovic, 2004). Either this is much far better than verbal communication through telephone or one-on-one where confidentiality and privacy is rare because this is mostly done in health centers where there are several people.

Set the principles for anticipated behaviors by the users, administrator, management and security personnel

Such principles are vital for safeguarding the system’s information since the users will not be able to go beyond the system’s boundaries or restrictions (Meany, 2001).

Describe and authorize the outcomes of violation

This is where specific consequences are listed according to the type of violation undertaken. In most cases, the outcome of violation should be elimination of the person from the organization because he or she may lead to massive loss of important information in the organization at later stages (Dhillon, 2007).

Describe the consequence baseline stance on security for the health centre and Minimize risks

Take full precautions by laying down disaster recovery and business continuity plans.

Conclusion

Electronic information is important to the attainment of organizational goals. Its dependability, availability and integrity are essential apprehension in most organization. The use of computer system particularly network and internet is changing the way organizations undertake business. Twinkle health organization had a problem of information insecurity but when the mistakes, vulnerabilities and threats were identified, the organization worked towards achieving solution. The process of risk assessment was undertaken and all the basic elements of risk assessment process performed, the outcome was benefits of the new information security system, which included appropriate protection of people and information of the organization. Eventually, Twinkle organization acquired the best information security system it wanted and its information is now safe.

References

Aycock, J, (2006). Computer Viruses and Malware. New York: Springer.

Curtis, G. & Cobham, D. (2008). Business Information Systems: Analysis, Design and Practice. London, FT: Prentice Hall.

Dhillon, Gurpreet (2007). Principles of Information Systems Security: text and cases. New York, NY: John Wiley & Sons.

Doyle, S. (2001). Information Systems for You. Cheltenham: Nelson Thornes.

Islan, M.Z., & Brankovic, L., A. (2004). Framework for Privacy Preserving Classification in Data Mining, School of Electrical Engineering and Computer Science. Sydney: Australasian Computer Science.

Kovacich, GL (2003). The Information Security Officer’s Guide. Burlington, MA: Elsevier Butterworth Heinemann.

Layton, Timothy P. (2007). Information Security: Design, Implementation, Measurement, and Compliance. Boca Raton, FL: Auerbach publications.

Malin, B., Sweeny, L., &Newton, E. (2003). “Trail Re-identification: Learning Who You Are from Where You Have Been,” Carnegie Mellon University, School of Computer Science Data Privacy Laboratory, Technical Report. London: British Standards Institution.

McKilligan, N. & Powell, N. (2009). Data Protection Pocket Guide. London: British Standards Institution.

Meany, M.E. (2001). “Data Mining, Dataveillance, and Medical Information Privacy,” in Medical De-identification,” Web.

Melton, L.J. (1997). The Threat to Medical-Records Research. Washington, DC: National Academy Press.

Moore, G.W., Brown, L.A., Miller, R.E. (2000). “Set Theory Definition and Algorithm for Privacy in Health Care. Journal of Humber, ed., Humana Press, pp. 145-164.

Moore, G.W., Brown, L.A., Miller, R.E. (2001). Gödelization of a Pathology Database. Washington, DC: National Academy Press.

Murphy, S.N., Chueh, H.C. (2002). A Security Architecture for Query Tools Used to Access data. New York: New York press.

National Institute of Health (2004). HIPAA Privacy Rule, Frequently Asked Questions # 17. Washington, DC: National Academy Press.

Oliveira, S.R.M., Zaïane, O.R. (2003). Protecting Sensitive Knowledge by Data Sanitization,” in Proceedings of the Third IEEE International Conference on Data Mining. Florida: Melbourne.

Peltier, Thomas R. (2001). Information Security Risk Analysis. Boca Raton, FL: Auerbach publications.

Saul, M. (2004). “De-Identification Tool for Patient Records Used in Clinical Research,” Journal of Health Services Library System, 9(3).

Skoudis, E. & Zeltser, L. (2003). Malware – Fighting Malicious Code. London: Prentice Hall

Stallings, W. & Brown, L. (2009). Computer Security: Principles and Practice. New Jersey, NJ: Pearson Education.

Sweeney, L. (1997). Guaranteeing Anonymity When Sharing Medical Data, The Datafly System. Jersey, NJ: Pearson Education.

Sweeney, L. (2002). “K-anonymity: A Model for Protecting Privacy,” International Journal on Uncertainty, Fuzziness, and Knowledge-based Systems, 10(7) 557-570.

Sweeney, L. (2003). “Navigating Computer Science Research through Waves of Privacy Concerns: Discussions among Computer Scientists at Carnegie Mellon University,” Journal of ACM Computers and Society, 34(1):1-18.

Thomas, S.M., Mamlin, B., Schadow, G., McDonald, C. (2002). “A Successful Technique for Removing Names in Pathology Reports Using an Augmented Search and Replace Method.” Jersey, NJ: Pearson Education.

Waldo, J. (2007). Engaging Privacy and Information Technology in a Digital Age. Washington, DC: National Academy Press.

Wiederhold, G. (2002). “Future of Security and Privacy in Medical Information,” Journal of Stud Health Technol Inform, 80:213-29.