IOT security risk management model for healthcare industry

Internet of Things (IoT) is predicted as one of the biggest emerging environments in the future that creates simultaneous smart communication between machines or a variety of digital devices. Besides improving how data can be controlled, monitored and collected, IoT also allows us to generate revenu...

Full description

Saved in:
Bibliographic Details
Main Authors: Salih, Fathi Ibrahim, Abu Bakar, Nur Azaliah, Hassan, Noor Hafizah, Yahya, Farashazillah, Kama, Nazri, Shah, Jalal
Format: Article
Published: Faculty of Computer Science and Information Technology 2019
Subjects:
Online Access:http://eprints.utm.my/id/eprint/89555/
http://dx.doi.org/10.22452/mjcs.sp2019no3.9
Tags: Add Tag
No Tags, Be the first to tag this record!
id my.utm.89555
record_format eprints
spelling my.utm.895552021-02-22T01:47:58Z http://eprints.utm.my/id/eprint/89555/ IOT security risk management model for healthcare industry Salih, Fathi Ibrahim Abu Bakar, Nur Azaliah Hassan, Noor Hafizah Yahya, Farashazillah Kama, Nazri Shah, Jalal T Technology (General) Internet of Things (IoT) is predicted as one of the biggest emerging environments in the future that creates simultaneous smart communication between machines or a variety of digital devices. Besides improving how data can be controlled, monitored and collected, IoT also allows us to generate revenue through the identifying of new business opportunities and deployment of advanced analytics processes for decision-making purposes. IoT enables us to accelerate changes in the healthcare environment in improving patient engagement and outcome, as well as transforming healthcare from reactive to proactive accessibility. Nevertheless, IoT's expansion brings new vulnerabilities, risk and security challenges for healthcare practitioners and their patients. However, there is still a lack of study focusing on IoT risk management in healthcare. Existing researches tend to focus only on the implementation of IoT peripherals in a healthcare environment and tend to embed the secured applications solution with it. Since healthcare information and data are highly confidential, it is important to ensure that a secured health IoT application is in place. Thus, the aim of this study is to investigate the IoT risk management aspects in a healthcare environment with particular attention to proposing a step-by-step process of an IoT risk management model. The proposed IoT risk management model was developed leveraging on DEMATEL IoT Risk Assessment Procedure. This study was conducted based on a case study of one hospital in Sudan which has recently invested in IoT technologies in their operation. Interviews were conducted with selected respondents from the hospital and findings suggested that the selected case study does not have an established IoT risk management mechanism due to the ad-hoc IoT implementation approach. The case study also lacks of protection for health data and information with several unclear work process. As a solution, this study proposes an enhanced IoT risk management model for healthcare with consideration of three risk categories; 1) Secured Technology, 2) Human Privacy and 3) Trustable Process and Data. The proposed model was then evaluated by three IoT experts and two IT healthcare practitioners based on System Usability Score (SUS) and received Good Usability score which means the model is usable as a healthcare IoT risk management model. Faculty of Computer Science and Information Technology 2019 Article PeerReviewed Salih, Fathi Ibrahim and Abu Bakar, Nur Azaliah and Hassan, Noor Hafizah and Yahya, Farashazillah and Kama, Nazri and Shah, Jalal (2019) IOT security risk management model for healthcare industry. Malaysian Journal of Computer Science (3). pp. 131-144. ISSN 0127-9084 http://dx.doi.org/10.22452/mjcs.sp2019no3.9
institution Universiti Teknologi Malaysia
building UTM Library
collection Institutional Repository
continent Asia
country Malaysia
content_provider Universiti Teknologi Malaysia
content_source UTM Institutional Repository
url_provider http://eprints.utm.my/
topic T Technology (General)
spellingShingle T Technology (General)
Salih, Fathi Ibrahim
Abu Bakar, Nur Azaliah
Hassan, Noor Hafizah
Yahya, Farashazillah
Kama, Nazri
Shah, Jalal
IOT security risk management model for healthcare industry
description Internet of Things (IoT) is predicted as one of the biggest emerging environments in the future that creates simultaneous smart communication between machines or a variety of digital devices. Besides improving how data can be controlled, monitored and collected, IoT also allows us to generate revenue through the identifying of new business opportunities and deployment of advanced analytics processes for decision-making purposes. IoT enables us to accelerate changes in the healthcare environment in improving patient engagement and outcome, as well as transforming healthcare from reactive to proactive accessibility. Nevertheless, IoT's expansion brings new vulnerabilities, risk and security challenges for healthcare practitioners and their patients. However, there is still a lack of study focusing on IoT risk management in healthcare. Existing researches tend to focus only on the implementation of IoT peripherals in a healthcare environment and tend to embed the secured applications solution with it. Since healthcare information and data are highly confidential, it is important to ensure that a secured health IoT application is in place. Thus, the aim of this study is to investigate the IoT risk management aspects in a healthcare environment with particular attention to proposing a step-by-step process of an IoT risk management model. The proposed IoT risk management model was developed leveraging on DEMATEL IoT Risk Assessment Procedure. This study was conducted based on a case study of one hospital in Sudan which has recently invested in IoT technologies in their operation. Interviews were conducted with selected respondents from the hospital and findings suggested that the selected case study does not have an established IoT risk management mechanism due to the ad-hoc IoT implementation approach. The case study also lacks of protection for health data and information with several unclear work process. As a solution, this study proposes an enhanced IoT risk management model for healthcare with consideration of three risk categories; 1) Secured Technology, 2) Human Privacy and 3) Trustable Process and Data. The proposed model was then evaluated by three IoT experts and two IT healthcare practitioners based on System Usability Score (SUS) and received Good Usability score which means the model is usable as a healthcare IoT risk management model.
format Article
author Salih, Fathi Ibrahim
Abu Bakar, Nur Azaliah
Hassan, Noor Hafizah
Yahya, Farashazillah
Kama, Nazri
Shah, Jalal
author_facet Salih, Fathi Ibrahim
Abu Bakar, Nur Azaliah
Hassan, Noor Hafizah
Yahya, Farashazillah
Kama, Nazri
Shah, Jalal
author_sort Salih, Fathi Ibrahim
title IOT security risk management model for healthcare industry
title_short IOT security risk management model for healthcare industry
title_full IOT security risk management model for healthcare industry
title_fullStr IOT security risk management model for healthcare industry
title_full_unstemmed IOT security risk management model for healthcare industry
title_sort iot security risk management model for healthcare industry
publisher Faculty of Computer Science and Information Technology
publishDate 2019
url http://eprints.utm.my/id/eprint/89555/
http://dx.doi.org/10.22452/mjcs.sp2019no3.9
_version_ 1692991796830797824
score 13.214268