Background
Purpose
The purpose of this report is to help the management of the Galaxy Hospital to assess the risks to its sensitive patient data and protect the IT Systems which support their mission. The hospital receives dozens of patients on a daily basis. These patients leave varying types of information with the hospital, starting from their basic details, to the results obtained from their treatment process, to their payment information towards the end of the process. All these information goes into the hospital's system from real-time utilization and for later use. These data are also sensitive if it gets into unauthorized hands, and for that purpose, the hospitals conduct various security assessment from time to time to ensure the information is well stored and protected from being misused.
This security assessment at Galaxy Hospital was carried out from January 2017 to August 2017. And the report compiled below highlight the key risk and vulnerable areas. It also discusses in details other related cases similar to the situation at the hospital, before recommending various methodology which the vulnerabilities and threats could be addressed.
Organization
Galaxy Hospital is based in New York City. The hospital has been in operation for the last 25 years, and its main division deals with children, even though it runs a general section that deals with public cases. It is ranked as the fifth best hospital in the city regarding services, and the sixth best regarding cost and efficiency.
That is an epic score for a hospital that is less than three decades old and they have been quite satisfied with it. The hospital's mission is delivering the best possible care and service to the patients and families who entrust them with their lives, a promise they have kept. The hospital has moved in recent past to strengthen other vital areas, like protection of patient data and financial information in their systems. For that reason, they are always in search of talented and driven individuals who want to build their careers to the topmost. The employees serve in various capacities with no expertise in information technology security systems.
Critical Information System
The hospital has multiple information systems. However, there are those who act as the backbone of the hospital. Hospitals must have threat intelligence to help address any issue in the critical systems. The following are seven of the most important information systems at Galaxy Hospital.
Patient Record Systems
The number of patients is usually high at any given moment. Despite the considerable patient numbers, hospitals need to have their information recorded in an orderly manner. This record is utilized by various interested parties in the hospitals, from nurses, doctors, and even patients themselves. To solve the case, the hospitals are using electronic health records to manage the information. This enables them to make it readily available in real time to any party that needs it.