Healthcare information system using cloud security

Almost all the human living in Earth forgets to take care of their health. To say specifically, the elder ones and the younger ones need con-tinuous examination to note down the variation in their health issues (either improvement or a decrement). This can be achieved through the digitalization of the data. In the present day scenario information security and privacy in healthcare systems is an issue that is growing at alarming rate. The espousal of digital records of the patient, the enlarged order, provider integration and the growing need to exchange in-formation between patients, providers and payers each targets at the necessity for a developed information system. Inspite of so many measures taken to prevent the theft of patient's healthcare records offenders find some loophole or the other to get the records. This article strives to list certain health issues faced by a majority of people, threats to HIS, the method adopted to store huge amount of data and measures to prevent security threats.

Download Full-text

Information Security of Critically Important Information Systems

International Journal of Recent Technology and Engineering - 2 ◽

10.35940/ijrte.d4380.118419 ◽

2019 ◽

Vol 8 (4) ◽

pp. 9030-9034

Keyword(s):

Information System ◽

Information Systems ◽

Information Security ◽

Legal Regulation ◽

Security Threats ◽

Legal Basis ◽

Sources Of Information ◽

Effective Mechanism ◽

System Information

The article provides a comprehensive analysis of the concepts related to the information security of critically important information systems in Russia. Today, problems exist, which are associated with numerous threats to Russian information security due to the rapidly increasing role of the information sphere. To solve these problems, an effective mechanism is needed to prevent and eliminate these threats. To develop the organizational and legal basis of the mechanism, it is necessary to define a number of concepts, such as information security, critically important information system, information infrastructure, etc. The authors explore Russian legal regulation, as well as international experience and research on this topic. The article shows the main sources of information security threats and defines general principles and approaches to ensuring information security of critically important information systems. The concept and types of critically important information systems are identified and the necessity of developing and improving their legal regulation is substantiated. A number of legal and organizational measures aimed at ensuring the information system security of Russian infrastructure are proposed.

Download Full-text

A Survey of U.S. Laws for Health Information Security & Privacy

International Journal of Information Security and Privacy ◽

10.4018/jisp.2012100102 ◽

2012 ◽

Vol 6 (4) ◽

pp. 40-54 ◽

Cited By ~ 1

Author(s):

Francis Akowuah ◽

Xiaohong Yuan ◽

Jinsheng Xu ◽

Hong Wang

Keyword(s):

United States ◽

Patient Safety ◽

Information Security ◽

Health Information ◽

Healthcare Providers ◽

Security And Privacy ◽

Security Threats ◽

Healthcare Organizations ◽

Sarbanes Oxley ◽

Technological World

As healthcare organizations and their business associates operate in an increasingly complex technological world, there exist security threats and attacks which render individually identifiable health information vulnerable. In United States, a number of laws exist to ensure that healthcare providers take practical measures to address the security and privacy needs of health information. This paper provides a survey of U.S. laws related to health information security and privacy, which include Health Insurance Portability and Accountability Act (HIPAA),Gramm-Leach-Bliley Act, Sarbanes-Oxley Act of 2002, Patient Safety and Quality Improvement Act of 2005, and Health Information Technology for Economic and Clinical Health (HITECH).The history and background of the laws, highlights of what the laws require, and the challenges organizations face in complying with the laws are discussed.

Download Full-text

FORMALIZATION OF THE APPROACH TO DETERMINING THE DEGREE OF SOCIAL DAMAGE FOR INFORMATION SYSTEM OPERATORS

ИНФОРМАЦИЯ И БЕЗОПАСНОСТЬ ◽

10.36622/vstu.2020.23.4.007 ◽

2020 ◽

pp. 545-550

Author(s):

Оксана Михайловна Голембиовская ◽

Екатерина Владимировна Кондрашова ◽

Михаил Юрьевич Рытов ◽

Кирилл Евгеньевич Шинаков ◽

Сергей Александрович Ермаков ◽

...

Keyword(s):

Information System ◽

Information Security ◽

Russian Federation ◽

Regulatory Framework ◽

Security Threats ◽

Security Properties ◽

The Russian Federation ◽

Degree Of Damage ◽

Social Damage

На сегодняшний день в нормативно-правовой базе Российской Федерации отсутствуют точные механизмы определения степени ущерба от нарушения свойств информационной безопасности. Имеющиеся упоминания о степени ущерба (Приказ № 17ФСТЭК, проект методики ФСТЭК 2015 года) предлагают экспертный аппарат определения точных значений степени ущерба, а, следовательно, полученные результаты у экспертов разных направленностей и уровня знаний будут разными. В данной статье приведен подход к определению степени социального ущерба, основанный на проекте методики ФСТЭК по определению угроз безопасности информации в ИС от 2015 года. To date, the regulatory framework of the Russian Federation does not have precise mechanisms for determining the degree of damage caused by a violation of information security properties. The existing references to the degree of damage (Order No. 17FSTEC, draft FSTEC methodology 2015) offer an expert apparatus for determining the exact values of the degree of damage, and, consequently, the results obtained by experts of different fields and levels of knowledge will be different. This article presents an approach to determining the degree of social damage based on the draft FSTEC methodology for determining information security threats in IP from 2015.

Download Full-text

Analysis of Information Threats to Industrial Security

NBI Technologies ◽

10.15688/nbit.jvolsu.2020.2.1 ◽

2020 ◽

pp. 6-10

Author(s):

Grigory Zharkov ◽

◽

Vadim Shevtsov ◽

Keyword(s):

Information System ◽

Information Security ◽

Security System ◽

Comprehensive Approach ◽

Security Threats ◽

Enterprise Information ◽

System A ◽

Industrial Security ◽

Data Objects ◽

High Level

Information security of an enterprise (IS of an enterprise) is the state of security of data, objects of informatization of an enterprise and its interests. IS of an enterprise is achieved only when such properties of the basic properties of IS as confidentiality, integrity, availability of information and the technical component of an enterprise involved in technological processes are met. Ensuring IS of an enterprise is effective only with a systematic and comprehensive approach to protection. The information security system should take into account all current information threats and vulnerabilities. Information security threats are analyzed to determine the full set of requirements for the developed security system. A threat is considered relevant if it can be implemented in the information system of the enterprise and poses a threat to information with limited access. It is shown that the list of threats to information security of an industrial enterprise is very wide and is limited not only to those considered in this article. It is very important to maintain a high level of enterprise information security, especially at critical information infrastructure facilities.

Download Full-text

Safeguarding the Information Systems in an Organization through Different Technologies, Policies, and Actions

Computer and Information Science ◽

10.5539/cis.v12n2p117 ◽

2019 ◽

Vol 12 (2) ◽

pp. 117

Author(s):

Hend K. Alkahtani

Keyword(s):

Information System ◽

Information Security ◽

Security Policy ◽

Background Information ◽

Security Threats ◽

Security Threat ◽

Information Security Policy ◽

Study Results ◽

Improved Performance ◽

Awareness Level

Background: Information system use has substantially increased among the organization based on its effective integration of the resources and improved performance. The increasing reliance on the information system serves as a great security threat for the firms. Objective: The study intends to evaluate the security of the information system in the organization located in the region of Saudi Arabia, concerning the user’s awareness level. Methods: The quantitative design of the study is adopted which uses the survey approach. A close-ended questionnaire is used for evaluating the awareness level among the individuals. A total of 109 participants (males and females) in the Saudi Company were recruited for the study. Results: Despite the implementation of the policy, employees were unaware of it. The study highlights that the development of the firm’s information security policy requires the firm to make employees aware of the significance of the information security. Conclusion: The study concludes that the organization needs to educate the workforce of the information security policy and develop their necessary understanding of the information security system. This allows the employees to identify and report security threats and risks which helps in the improvement of information security awareness.

Download Full-text

TECHNOLOGY OF IMPLEMENTATION OF THE MATLAB ENVIRONMENT IN THE INVESTIGATION MODEL OF INFORMATION SECURITY THREATS

ΛΌГOΣ МИСТЕЦТВО НАУКОВОЇ ДУМКИ ◽

10.36074/2663-4139.15.08 ◽

2020 ◽

Author(s):

M. Delembovskyi ◽

O. Terentiev ◽

Ye. Shabala

Keyword(s):

Information System ◽

Information Security ◽

General Scheme ◽

Information Resources ◽

Production Model ◽

Security Threats ◽

Practical Research

The paper presents practical research in the field of modeling information security threats. There are several ways to determine the assessment of the level of information security in the context of threats that could potentially affect their information resources. The general scheme of information system and fuzzy production model of information security is developed. Using this approach, a study of the modeling of threats to IT goals.

Download Full-text

The Model of Intrusion into the Information System

NBI Technologies ◽

10.15688/nbit.jvolsu.2018.3.3 ◽

2019 ◽

pp. 19-23 ◽

Cited By ~ 1

Author(s):

Dmitriy Klenin ◽

Elena Maksimova

Keyword(s):

Information System ◽

Information Security ◽

Security System ◽

Design Stage ◽

Software Protection ◽

Proposed Model ◽

External Conditions ◽

System Life ◽

Definition Of ◽

Almost All

Categories ‘attack’, ‘intrusion’ and ‘incident’ of information security are defined. The types of intrusions into the information system are revealed, and their brief analysis is given. The proposed model of intrusion into the information system will allow to increase its efficiency at almost all stages of the information security system life cycle. The use of the proposed model is associated with the solution of specific practical problems in the field of information security, including the definition of vulnerabilities of the information system. The latter, in turn, is necessary to determine the elements of the protection system. For example, at the design stage of the information security system, when choosing software protection you need to take into account the location of the intruder relative to the attacked object. When working with functioning systems of information protection, i.e. at the solution of questions of modernization or optimization, changes in the system of information security are resolved in accordance with statistical data for the intrusion into the information system with available results of information security incidents, with the forecast data. Thus, the proposed model of intrusion into the information system is one of the external conditions when working with the information system of the organization (enterprise) may well determine (set) the level of risk of information security of the enterprise.

Download Full-text

Application of Fractal Methods to Ensure the Cyber-Resilience of Self-Organizing Networks

Nonlinear Phenomena in Complex Systems ◽

10.33581/1561-4085-2019-22-4-336-341 ◽

2019 ◽

Vol 22 (4) ◽

pp. 336-341

Author(s):

D. V. Ivanov ◽

D. A. Moskvin

Keyword(s):

Information Security ◽

Network Structure ◽

Self Regulation ◽

Security Threats ◽

Self Organizing Networks ◽

Self Organizing ◽

Fractal Methods

In the article the approach and methods of ensuring the security of VANET-networks based on automated counteraction to information security threats through self-regulation of the network structure using the theory of fractal graphs is provided.

Download Full-text

Issues in security and privacy of big data

International Journal of Advanced Research in Computer Science and Software Engineering ◽

10.23956/ijarcsse.v7i12.482 ◽

2018 ◽

Vol 7 (12) ◽

pp. 1

Author(s):

Shaveta Bhatia

Keyword(s):

Cloud Computing ◽

Big Data ◽

Approximate Method ◽

Biomedical Research ◽

Cyber Security ◽

Data Science ◽

Third Party ◽

Security And Privacy ◽

Security Threats ◽

The Third

The epoch of the big data presents many opportunities for the development in the range of data science, biomedical research cyber security, and cloud computing. Nowadays the big data gained popularity. It also invites many provocations and upshot in the security and privacy of the big data. There are various type of threats, attacks such as leakage of data, the third party tries to access, viruses and vulnerability that stand against the security of the big data. This paper will discuss about the security threats and their approximate method in the field of biomedical research, cyber security and cloud computing.

Download Full-text

Rancang Bangun Sistem Informasi Zakat Infaq Shodaqoh Menggunakan Metodologi Extreme Programming

Jurnal Buana Informatika ◽

10.24002/jbi.v9i1.1666 ◽

2018 ◽

Vol 9 (1) ◽

pp. 31-42

Author(s):

Rysa Sahrial

Keyword(s):

Information System ◽

The Other ◽

Extreme Programming ◽

Limited Time ◽

Limited Information ◽

Research Information ◽

Development Method ◽

Know How ◽

Five Factors ◽

Research Information System

Poverty is one continuing social issue which is hard to solve. Dealing with this problem, Islam has already had the alternative solution that is tithe (Zakat). Zakat is implemented to decrease economy imbalanced appeared in the society. While in fact, not all the Moslem pay Zakat. There are five factors as the reason why Moslem didn’t do that. First, some Muzakki wants to deliver his zakat directly.Seconde, not all Muzakki know how much Zakat must be paid. The other factors are Limited information about Mustahik home, limited time that Muzakki have to deliver his Zakat directly and the easiness to report Mustahik data. Dealing with those factors, it is required to have an information system which can make Muzakki meets Mustahik. In this research, information system application used Extreme Programming (XP) development method. XP method is required to program a system which will be made by accomodating the users’ needs and expectations.

Download Full-text