Universiti Teknologi Malaysia Institutional Repository

IOT security risk management model for healthcare industry

Salih, Fathi Ibrahim and Abu Bakar, Nur Azaliah and Hassan, Noor Hafizah and Yahya, Farashazillah and Kama, Nazri and Shah, Jalal (2019) IOT security risk management model for healthcare industry. Malaysian Journal of Computer Science (3). pp. 131-144. ISSN 0127-9084

Full text not available from this repository.

Official URL: http://dx.doi.org/10.22452/mjcs.sp2019no3.9


Internet of Things (IoT) is predicted as one of the biggest emerging environments in the future that creates simultaneous smart communication between machines or a variety of digital devices. Besides improving how data can be controlled, monitored and collected, IoT also allows us to generate revenue through the identifying of new business opportunities and deployment of advanced analytics processes for decision-making purposes. IoT enables us to accelerate changes in the healthcare environment in improving patient engagement and outcome, as well as transforming healthcare from reactive to proactive accessibility. Nevertheless, IoT's expansion brings new vulnerabilities, risk and security challenges for healthcare practitioners and their patients. However, there is still a lack of study focusing on IoT risk management in healthcare. Existing researches tend to focus only on the implementation of IoT peripherals in a healthcare environment and tend to embed the secured applications solution with it. Since healthcare information and data are highly confidential, it is important to ensure that a secured health IoT application is in place. Thus, the aim of this study is to investigate the IoT risk management aspects in a healthcare environment with particular attention to proposing a step-by-step process of an IoT risk management model. The proposed IoT risk management model was developed leveraging on DEMATEL IoT Risk Assessment Procedure. This study was conducted based on a case study of one hospital in Sudan which has recently invested in IoT technologies in their operation. Interviews were conducted with selected respondents from the hospital and findings suggested that the selected case study does not have an established IoT risk management mechanism due to the ad-hoc IoT implementation approach. The case study also lacks of protection for health data and information with several unclear work process. As a solution, this study proposes an enhanced IoT risk management model for healthcare with consideration of three risk categories; 1) Secured Technology, 2) Human Privacy and 3) Trustable Process and Data. The proposed model was then evaluated by three IoT experts and two IT healthcare practitioners based on System Usability Score (SUS) and received Good Usability score which means the model is usable as a healthcare IoT risk management model.

Item Type:Article
Uncontrolled Keywords:Healthcare, IoT
Subjects:T Technology > T Technology (General)
Divisions:Razak School of Engineering and Advanced Technology
ID Code:89555
Deposited By: Widya Wahid
Deposited On:22 Feb 2021 09:47
Last Modified:22 Feb 2021 09:47

Repository Staff Only: item control page