Information communication technology has revolutionized business transactions, communication, and planning. The real benefits of information and communication technology can be realized with a secure system. However, the existence of system vulnerabilities has exposed organizations to security risks and cyber-attacks which have in the past led to the collapse several organizations such as banks. Healthcare system thrives in strict adherence to healthcare code of conduct. Patients’ information integrity and safety can make or break a healthcare facility success. No patient wants to be associated with healthcare facilities where their health record can leak or get into wrong hands at any time. It is therefore paramount for any healthcare institution to use the secure network and top encryption technology to enhance patient data security, confidentiality, and integrity.
The Riyadh healthcare facility uses local area network and has forty-seven computers and other communication device connected to the network. The first security threat relates to the five portable computers used by physicians in the e-prescription. These portable gadgets are connected to other computers and any person with access to the computers can access detailed patient’s health record. The lack of restriction to access the facility breaches patients’ confidentiality, and it only takes one rogue employee with access to all the files to ruin the reputation of the facility or cause extensive harm to patients frequenting the facility. Some of the potential threat includes unauthorized access. Local area network connections are prone to intrusion when the network is not secured and tested for possible intrusion. If not monitored there may be more than forty-seven users having unlimited access to the facility network. Additionally, the facility risks system intrusion as a result of the lack of vendor security patches to systems and application used.
The facility should use 802.1x network user authentication tool to ensure authorized access only. It will show the users connected at any given time. Such monitoring and control eliminate incidents of unauthorized user access. Also, the facility should use WPA wireless encryption tool. According to Galliers and Leidner (2014), WPA will protect the healthcare facility network thus preventing network attacks which if not controlled exposes the organization to security risks. The facility should use vendor security patches to secure all applications and systems the institution uses to enhance service delivery.
Data and network encryption in the healthcare system are critical ingredients for enhancing patients’ confidentiality, information and data integrity and safety as well as information availability for day-to-day decision-making in any institution. A majority of enterprises continue to use WEP network encryption despite the several exploitable network flaws. WAP network encryption technique remains superior in securing the network. Also, the facility should use asymmetric data encryption technology to enhance. The technique uses two-key encryption and decryption which guarantee much-need data and information safety.
Cyber-attack remains eminent security nightmare for organizations. It has flattened many organizations that heavily rely on information communication technology in their daily transactions. Regrettably, there is no known permanent solution to cyber-attack. Cyber-attack has become a global security threat. Kim and Solomon (2016) posit that organizations such as the Riyadh healthcare can protect themselves against cyber-attacks through the purchase of genuine software and applications, periodic maintenance of their system and computers and educating their employees on how to protect the facility network and system through in-house training. Riyadh healthcare facility employees can be trained on how to keep every software and applications on their computers and tablets up-to-date. Most cyber-attacks exploit security vulnerabilities of out-dated software versions in use. They should also be educated on the danger of opening any links sent to them both in their company email or person.