Introduction
Since the technological world has made significant progress, a high number of software-driven threats have emerged in all areas of human life. The main achievement of the global network — the ability to connect people from different continents and have near-instant access to data — also became a primary challenge. In other words, the concept of cybercrime is not fantastic for the 21st-century society, since almost any industry, be it a small business or even an entire state, can fall victim to hackers. Aware of this, a high amount of companies are seeking to establish internal departments dealing with virtual security issues. The creation of secure channels, encryption of data in all three states, differentiation of access to them, and the design of autonomous Internet are of primary importance. As one of the most complex and innovative industries, healthcare is directly dependent on the degree of perfection of the cybersecurity mechanisms of electronic medical devices, life-support devices, prostheses, and databases with complete patient personal data. Information about diseases, medications prescribed by a doctor, address, credit data, and insurance policy data may be in the hands of hackers. This threat dictated the author’s desire to study more deeply the theoretical and applied fundamentals of computer security to have more competence in implementing health information projects as the project manager.
Healthcare Need for Protection: Ideas From the Course
It is essential to recognize that healthcare is an absolute priority: without stable and smoothly functioning systems, public health risks severe deterioration. According to Milkovich (2020), at least one computer attack occurs every 39 seconds around the world. On the other hand, Dobran (2019) reports that absolutely all web applications designed to monitor critical health indicators are vulnerable to hacking: this justifies the high percentage of leaks (89%) among clinical organizations over the past two years. Such conditions dictate the need to create potentially new, alternative options for implementing a secure Internet structure. To solve this problem, the author suggests an idea inspired by the ITS833 course, namely the delimitation of access. During the sixth week of training, the teacher offered the class the opportunity to study the data access models used in business organizations. The author of this paper believes that the use of the mandatory access control (MAC) model, in which each user is given a digital label, is appropriate to solve the problem of providing specific data for the doctor, nurses, patient, and family members. Hence, the database includes all the above-described data: owners give users a temporary digital key that can be used for an entrance in an electronic portal. With this model, the patient will be able to familiarize themselves with anamnesis, epicrisis, and medical tests that were provided by medical staff. Moreover, the patient chooses what information to share with the family members and whether to share it.
However, this is not the only lesson learned from the course that can be applied in a clinical setting. The number of fraudulent threats that infect computer systems and require ransomware has recently tripled (Donovan, 2017). Such programs block the functionality of electronic medical devices connected to the Internet, which hinders patient therapy. This problem is especially relevant for such devices, on the performance of which the patient’s life depends directly. The theory of closed networks, such as VPN tunneling, can be applied to clinical equipment to increase the safety of the network. However, it is necessary to admit that, in this case, there is a risk of a connection speed drop.
Personal Growth as a Result of the Course
Academic courses are of primary importance and are reflected in students’ professional activities. The writer finds the past course ITS833 extremely useful, as the work conducted competently and organically structured the knowledge. Among others, the course enabled the author to noticeably improve their theoretical and practical skills in the field of information security. It seems quite logical that the qualification of the writer as an employee of the health care organization has dramatically increased, which is important for further career development. In other words, a computer security-trained writer is a more valuable human resource for the company. Consequently, it is appropriate to consider expanding the range of responsibility and general promotion at work. As the project manager, the writer’s role is included strategic planning, delegating responsibilities, setting and controlling work tasks, and preventing potential threats. At the same time, it is expected that in professional practice, the author will start using the concepts learned in the course: secure networks, encryption algorithms, selection of more optimal security protocols, and leak management.
Conclusion
Summing up, it is necessary to note, first of all, the critical role that the course ITS833 played in the author’s professional development. The lessons offered by the teacher were helpful and beneficial for use in clinical practice. Moreover, two variants of how the studied concepts can be implemented in healthcare have already been proposed in this paper, namely, differentiation of access to the database based on MAC and VPN to protect medical equipment. This is particularly important as information risks have increased significantly in today’s world, and cybersecurity threats surround all areas of life. It is necessary to recognize that upon the termination of education, the author has received the knowledge of information protection of the data that is especially useful for work by the project manager.
References
Dobran, B. (2019). 31 must-know healthcare cybersecurity statistics 2020. Phoenix NAP. Web.
Donovan, F. (2018). Healthcare industry takes brunt of ransomware attacks. Health IT Security. Web.
Milkovich, D. (2020). 15 alarming cyber security facts and stats. Cybint. Web.