Académique Documents
Professionnel Documents
Culture Documents
Cyber security deals with the protection of data and security systems from unauthorized
access, damage or theft. In the modern-day healthcare sector, health records are digitized and
stored in a digital storage device for easy access (Martin et al, 2017). Digital storage despite its
numerous advantages comes with security risks of infiltration by hackers on cyberspace making
What is the issue, what is the problem associated with the issue that you want to work
toward solving, and who are the main stakeholders who can influence the success of the
policy?
Cyber security is one of the emerging issues in healthcare. In response to the danger
posed by cyber security, a very aggressive policy is vital. The policy must lay down the laws and
regulations defining the rules of healthcare data handling and storage. A proper data storage and
handling policy must involve all the stakeholders in the healthcare sector (Conaty-Buck, 2017).
These stakeholders include the patients (target population), hospitals IT department front-
The cyber security issue is very important to the target population because it
encompasses the entire ecosystem of their healthcare data. Healthcare data is very critical and
leakage of such data may cause a lot of damage to the individual patients. The target population
must have their healthcare records safely stored they must be assured of top-level security of
their data. As it stands, the healthcare records are securely kept but there is no distinct policy that
offers working guidelines. The absence of the guidelines means that each hospital uses a
different approach to enhancing cyber security (Martin et al, 2017). The policy is a direct
response to the cyber security issue. The policy will handle data collection, access management,
data protection, vulnerability management, incident response, and medical device security.
How would you suggest implementing the policy and at what level (federal or state
government)?
Healthcare cyber security potentially affects the entire nation and hence requires a federal
level implementation. The federal-level means a more assured and uniform format. The
suggested implementation approach would be the template used in the United Kingdom. The
United Kingdom incorporated cyber security in healthcare in the 2018 Data Protection Act. The
suggested implementation will resemble that of the UK where institutions including hospitals
and other the actors in the healthcare sector are required to follow specific ground rules. At data
collection, the data collection device must use updated software and must use data encryption
techniques as a way of enhancing data security (Ayala, 2016). The servers used in storage will be
secured according to the thresholds set in the law. The persons handling data will have specific
guidelines to follow and punitive measures will be included in case of a breach in regulations.
How would you propose the policy be evaluated and when would the evaluation occur?
The policy is evaluation looks into its effectiveness based on the success of the key
actionable points. In evaluating this policy, the first step will be stakeholder engagement. The
stakeholders will describe their views on the policy, and justify their views using real interaction
experiences with the policy. From the feedback by the stakeholders, justification will be made.
The justification will form part of the shared lessons learnt which will form the basis of the
policy suggests that the proposed policy is not fulfilling its intended purpose?
Policies are malleable and are always subject to regular changes when need arise.
Therefore, the cyber security policy will require revisions as time goes. Cyberspace is a dynamic
place, hence the policy on cyber security must also adapt based on the changes in cyberspace
(Conaty-Buck, 2017). Some of the possible revisions required may be related to evolving trends
in cyberspace which include frontiers in artificial intelligence, internet of things (IoT) expansion,
the blockchain evolution, and the general behavioral changes among people handling healthcare
data.
References
Martin, G., Martin, P., Hankin, C., Darzi, A., & Kinross, J. (2017). Cybersecurity and