Introduction

Cyber security deals with the protection of data and security systems from unauthorized

access, damage or theft. In the modern-day healthcare sector, health records are digitized and

stored in a digital storage device for easy access (Martin et al, 2017). Digital storage despite its

numerous advantages comes with security risks of infiltration by hackers on cyberspace making

cyber security a pertinent issue in healthcare.

What is the issue, what is the problem associated with the issue that you want to work

toward solving, and who are the main stakeholders who can influence the success of the

policy?

Cyber security is one of the emerging issues in healthcare. In response to the danger

posed by cyber security, a very aggressive policy is vital. The policy must lay down the laws and

regulations defining the rules of healthcare data handling and storage. A proper data storage and

handling policy must involve all the stakeholders in the healthcare sector (Conaty-Buck, 2017).

These stakeholders include the patients (target population), hospitals IT department front-

runners, the hospital managers, the department of health and lawmakers.

Why is this issue important and what is the target population?

The cyber security issue is very important to the target population because it

encompasses the entire ecosystem of their healthcare data. Healthcare data is very critical and

leakage of such data may cause a lot of damage to the individual patients. The target population

must have their healthcare records safely stored they must be assured of top-level security of

their data. As it stands, the healthcare records are securely kept but there is no distinct policy that

offers working guidelines. The absence of the guidelines means that each hospital uses a

different approach to enhancing cyber security (Martin et al, 2017). The policy is a direct
response to the cyber security issue. The policy will handle data collection, access management,

data protection, vulnerability management, incident response, and medical device security.

How would you suggest implementing the policy and at what level (federal or state

government)?

Healthcare cyber security potentially affects the entire nation and hence requires a federal

level implementation. The federal-level means a more assured and uniform format. The

suggested implementation approach would be the template used in the United Kingdom. The

United Kingdom incorporated cyber security in healthcare in the 2018 Data Protection Act. The

suggested implementation will resemble that of the UK where institutions including hospitals

and other the actors in the healthcare sector are required to follow specific ground rules. At data

collection, the data collection device must use updated software and must use data encryption

techniques as a way of enhancing data security (Ayala, 2016). The servers used in storage will be

secured according to the thresholds set in the law. The persons handling data will have specific

guidelines to follow and punitive measures will be included in case of a breach in regulations.

How would you propose the policy be evaluated and when would the evaluation occur?

The policy is evaluation looks into its effectiveness based on the success of the key

actionable points. In evaluating this policy, the first step will be stakeholder engagement. The

stakeholders will describe their views on the policy, and justify their views using real interaction

experiences with the policy. From the feedback by the stakeholders, justification will be made.

The justification will form part of the shared lessons learnt which will form the basis of the

tweaks to be made in the policy.

What possible courses of action (revisions) would likely be needed if the evaluation of the

policy suggests that the proposed policy is not fulfilling its intended purpose?

Policies are malleable and are always subject to regular changes when need arise.

Therefore, the cyber security policy will require revisions as time goes. Cyberspace is a dynamic

place, hence the policy on cyber security must also adapt based on the changes in cyberspace

(Conaty-Buck, 2017). Some of the possible revisions required may be related to evolving trends

in cyberspace which include frontiers in artificial intelligence, internet of things (IoT) expansion,

the blockchain evolution, and the general behavioral changes among people handling healthcare

data.
 References

Martin, G., Martin, P., Hankin, C., Darzi, A., & Kinross, J. (2017). Cybersecurity and

healthcare: how safe are we? Bmj, 358, j3179.

Conaty-Buck, S. (2017). Cybersecurity and healthcare records. American Nurse

Today, 12(9), 62-64.

Ayala, L. (2016). Cybersecurity for hospitals and healthcare facilities: A guide to

detection and prevention. Apress.