Order Now
Uncategorized

Privacy And Security Concerns In Healthcare Data Processing And Use Of Cloud Accounting System

15 min read
Posted on 
April 17th, 2025
Home Uncategorized Privacy And Security Concerns In Healthcare Data Processing And Use Of Cloud Accounting System

Privacy Problems and Recommendations for Correction

Part A: Data input

Save Time On Research and Writing
Hire a Pro to Write You a 100% Plagiarism-Free Paper.
Get My Paper

Problem: One of the most common problem which can arise with the data entry is the actual data input process. this can be stated as a seemingly mistake which is insignificant and can cause long term as well as short term problems leading to record which would be incorrect, disorganised and misinformation. Even the best person who is responsible for the process can indulge in a mistake concerning into the data input which in turn can cause a lot of problem relating to the working of the business (Efford 2017).

Recommendation: The person who is concerned with the data entry should be very much carefully when entering the important data. On the other hand, the use of software for example hospital management system should be incorporated which would directly reduce the human involvement and the factor is mistake in order of input of the data (Chesters, Davies and Wilson 2016).

Processing of patient records

Problem: it can be stated that the process of the patient record is very much essential from the point of view of the doctors in order to manage the patient properly. The maintenance of the record is crucial basically for two reasons. The first being that it helps the doctors in the scientific evaluation of the profile of the patient which helps them in analysing the treatment result and the second one is that the legal system mainly relies on the documentation part when any issue related to negligence of the treatment is being recorded or taken into account (Ro et al. 2016)

Save Time On Research and Writing
Hire a Pro to Write You a 100% Plagiarism-Free Paper.
Get My Paper

Recommendation: the implementation of the electronic medical record (EMR) should be incorporated which would be keeping all the details of the patient which would be directly beneficial from the point of view of the doctors and patients (Petrakaki, Klecun and Cornford 2016).

Data enquiry 

Problem: The concept of the data enquiry can be directly related to the concept of the data retrieval when it is required to do so. The data entry process has a direct relation with the data enquiry. The data which is entered is only retrieved when it is required. Disorganised data can be very much time consuming on the part of the organisation which may directly lead to organisation default (Morgan et al. 2016). The record of the individual patient is very much important for the doctors as well as the organisation so any fault in it can create a serious problem.

Recommendation: The retrieval of the data during the data enquiry should be a timely process which should not involve any time lags involved in it. The use of software should be incorporated and during the time of the entry of the data it should be taken into care that the data should be stored in a organised manner so that retrieval when it is needed is not a problem (Rao et al. 2016)

Buffer overflows

Working: The buffer can be termed as a temporary area which is related to the data storage. In a situation when more data is allocated than the estimated limit it gets replaced by a program or a system process. the extra data in this case would overflow hence the name buffer overflow. In the attack of buffer overflow the extra data may sometimes hold instruction which are specific for the attacks which are intended by the hackers or the users termed as malicious users. An example of this case may be the data could trigger a direct response that mainly damage the file, unveils the information which are private and changes the data of the files (Christodorescu, Kundu and Mohindra 2017). The hackers would usually use the buffer overflow to exploit and take advantage of a program that is waiting at the point of the users input.

Control Measures for Attacks

Control: The main control measures that can be associated with the buffer overflow are avoiding using the files which are stored in the library, filtering of the user input and testing of the applications prior to the deployment ensuring the secure coding involved in it (Alwan and Younis 2017).

SQL injection

Working: The SQL injection can be referred to as a code injection technique that mainly exploits a security vulnerability which occurs in the database layer of an application. It mainly works by injecting a SQL code in as user input in the inside of the query. The SQL injection can manipulate data by various means for example delete the data, update the data and corrupt or delete the tables which are in the database (Pearson and Bethel 2016).

Control: There are mainly options available in order to control from the attack of the SQL injections the options are.

Option 1: Prepared statement usage (with the queries which are parameterized)

Option 2: Stored procedure Usage.

Option 3: Input validation of white list.

Option 4: Escaping all the users of the supplied input (Morgan et al. 2016)

Cross site scripting 

Working: The attack of the which is termed as cross site scripting can be referred mainly as a code injection which is done in the site of the client. The attack is mainly justified by the attackers executing a script which is mainly malicious which is termed as payload malicious in a website. The attackers do not directly target the victim but they tend to be vulnerable within the frame work of a website and when the user accesses the website they fall in the trap of the activity. There are mainly sector which are affected by the activity but the most important sector which can be taken into consideration is the Java script this is due to the factor that java script can be considered to be very much fundamental to most of the experiences which are related to the browsing.

Control: Cross site scripting can be summed up into two rules that can be involved in the control of the activity:

Rule 1: Insertion of the data should be avoided expect for only in allowed locations.

Rule 2: The HTML escape inserting before untrusted data into the HTML element Content (Christodorescu, Kundu and Mohindra 2017).

The ice creams Pvt LTD is a small company which mainly manufactures ice cream that are mainly sold to the restaurants throughout Australia. The company currently uses an accounting information system which is located at their own hardware location in the company premises. The main concern for the Chief Executive Officer (CEO) of the company is that, he has suggested to move the company to the cloud accounting due to the factor that concerns in the sector of risk related to the cybercrime and the CEO is very reluctant to the company’s movement towards the concept of cloud computing.

The main focus point which is mainly highlighted in the report is the concept which is involved in the term of cloud computing bringing into account the benefits which are related to the adaptation of the concept and the risk associated with it and the steps which can be included in order to reduce them.

Buffer Overflows

The concept of the cloud computing can be stated as a service in order to deliver all the means of computing services such as storage, servers, database, networking, software and many more over the internet (the cloud).  The companies which provide the basic framework of the cloud are called the cloud providers and they typically charge for the service which is being achieved from them (Almorsy, Grundy and Müller 2016). This is based on the concept of usage which is very much similar to the concept of the electric bill which is generated. Essentially the cloud computing is a kind of outsourcing which is related to the computer programs and the basic data which is related to the business. Using the concept, the user of the cloud computing is able to access the applications and the software from anywhere they need the access and at any time when they need to do so, this is mainly achieved from tye service which is provided by the third party which is technically termed as the cloud providors. The overall result which can be seen by the movement to the concept of the cloud is the burden which is related to the hardware and the software is kept in the part of the cloud providers and the organisation can lend its direct concern towards more important organisational matters. (Rittinghouse and Ransome 2016).

Cloud computing can be stated as a big shift from the traditional thinking of the business concept when relating to the concept of the Information technology (IT) resources. The common benefits which can be achieved by a business turning to the cloud computing services are stated below:

  1. Cost: The cloud computing concept eliminates the expense which is related to the capital in order to buy the software and the hardware and setting and the running of the onsite datacentres.
  2. Speed: Most of the service related to the concept of the cloud computing are provided on demand and are self-service, taking this into consideration a vast amount of computing resources can be easily be provisioned in a minute of time gap, which is typically just a few click of the mouse away (Hwang 2017). This benefit which is achieved from the cloud computing gives the business body a flexibility and takes the pressure off the capacity of the planning.
  3. Global scale: The ability to scale elastically can be achieved easily by moving towards the concept of the cloud. The cloud provides the right amount of information technology (IT) services at the right time to lessen the burden into the framework of any organisation planning to move towards the concept.
  4. Productivity: The concept of racking and stacking can be easily being related to any organisation who have an onsite data centres, set up of the hardware and patching of the software are very much time consuming in the part of the organisation. The cloud computing concept removes all these needs and helps the IT team of the organisation to spend time on achieving the more important goals which are relate to the business (Rittinghouse and Ransome 2016).

The cloud computing provides a number of benefits to the organisation but on the other hand there are risk also which are associated with the concept. The risk of the cloud computing is broadly described below:

  1. Unauthorized access to the business data and the customer: The criminals or the hackers tend to be more towards the small business bodies than the large organisation. This is due to the factor that the small business bodies are easier to breach than large organisation. The small business bodies tend to push the security risk towards the part of the large organisation who are more capable of protecting the important data. However, each of the organisation that uses the concept of the cloud computing increase the value of that service which can be termed as a potential target. this mainly concentrates the risk at a single point of failure.
  2. Vendor security Risk: When the cloud vendors are providing critical business service such as customer payment and mailing list, the business organisation tend to put the life of the business into the hand of the vendors. On the other hand, how the vendors tackle this aspect is a very much concern issue for any organisation who are using the service related to the concept of the cloud (Yadav, D.S. and Doke 2016). This concept mainly puts the overall trust in the hand of the other person. trusting issue plays a very vital role in this issue.
  3. Legal risk and compliance: Many security data regulations are put forward in order to tackle the concept of the securing a set of data which can be termed as critical data. The sectors which are a main concern are those that accepts the credit card which includes the banking, government, healthcare etc.
  4. Risk related to control: When a business hosts their service on a local network they have the full control over the aspect any changes can be implemented very easily. On the other hand, when the cloud computing service is taken into consideration the vendors are the main controller (Xia et al. 2016) The vendors have the full control, if taking into account the vendors double the price related to any service and if the organisation are dependent on that service the organisation have no other way but to pay the excess money and regain the service.

When moving towards the concept of the cloud computing the following measures would directly reduce the risk associated with the concept.

  1. Due of diligence when researching about the concept of the cloud: The organisation is moving its whole part which include the software as well as the hardware solutions towards the concept of the cloud. Whether it is PaaS or IaaS or SaaS the research of the potential towards the vendors should be done thoroughly. This may include vendor’s security history and checking of the known security vulnerabilities.
  2. Utilization of single sign on (SSO) solutions in order to gain security: Depending on the size of the organisation the number of user of the cloud can be created. One user can get more than one login account and with it its password. This would highly increase the advantage which can be achieved from the concept with it the security aspect can also be doubled with more than one account being generated from the same point.
  3. Working with a third party: Generally, it can be stated that working with a third party increase the risk highly. However medium and small organisation which do not have large IT departments sometimes need assistance in the part of their audit and cloud security issue (Talluri 2016).

Conclusion 

The concept of cloud computing in the first hand can be stated as very much challenging bringing into account the different challenges which are guided with the implementation. The challenges can be omitted merely by ensuring some of the simple security mitigation strategies and the whole benefit of the concept can be achieved. It can also be started that the movement towards the cloud lessen the burden aspect which is relating to handling of the hardware and the software issue of the organisation due to which the organisation can focus more on business oriented goals.

References

 Almorsy, M., Grundy, J. and Müller, I., 2016. An analysis of the cloud computing security problem. arXiv preprint arXiv:1609.01107.

Alwan, Z.S. and Younis, M.F., 2017. Detection and Prevention of SQL Injection Attack: A Survey.

Chesters, A., Davies, G. and Wilson, A., 2016. Four years of pre-hospital simple thoracostomy performed by a physician-paramedic helicopter emergency medical service team: A description and review of practice. Trauma, 18(2), pp.124-128.

Christodorescu, M., Kundu, A. and Mohindra, A., International Business Machines Corporation, 2017. System and method for protection from buffer overflow vulnerability due to placement new constructs in C++. U.S. Patent 9,600,663.

Efford, M., 2017. Data input for secr.

Gupta, S. and Gupta, B.B., 2016. XSS-SAFE: a server-side approach to detect and mitigate cross-site scripting (XSS) attacks in JavaScript code. Arabian Journal for Science and Engineering, 41(3), pp.897-920.

Gupta, S. and Gupta, B.B., 2017. Cross-Site Scripting (XSS) attacks and defense mechanisms: classification and state-of-the-art. International Journal of System Assurance Engineering and Management, 8(1), pp.512-530.

Hwang, K., 2017. Cloud and Cognitive Computing: Principles, Architecture, Programming. MIT Press.

Morgan, A.S., Marlow, N., Costeloe, K. and Draper, E.S., 2016. Investigating increased admissions to neonatal intensive care in England between 1995 and 2006: data linkage study using Hospital Episode Statistics. BMC medical research methodology, 16(1), p.57.

Pearson, E. and Bethel, C.L., 2016. A design review: Concepts for mitigating SQL injection attacks. 4th Internatinal Symposum on Digital Forensic and Security (ISDFS).

Petrakaki, D., Klecun, E. and Cornford, T., 2016. Changes in healthcare professional work afforded by technology: The introduction of a national electronic patient record in an English hospital. Organization, 23(2), pp.206-226.

Rao, J., He, Z., Xu, S., Dai, K. and Zou, X., 2016. BFWindow: Speculatively Checking Data Property Consistency against Buffer Overflow Attacks. IEICE TRANSACTIONS on Information and Systems, 99(8), pp.2002-2009.

Rittinghouse, J.W. and Ransome, J.F., 2016. Cloud computing: implementation, management, and security. CRC press.

Ro, Y.S., Do Shin, S., Lee, Y.J., Lee, S.C., Song, K.J., Ryoo, H.W., Ong, M.E.H., McNally, B., Bobrow, B., Tanaka, H. and Myklebust, H., 2017. Effect of dispatcher-assisted cardiopulmonary resuscitation program and location of out-of-hospital cardiac arrest on survival and neurologic outcome. Annals of emergency medicine, 69(1), pp.52-61.

Talluri, S., 2016. Novel Techniques In Detecting Reputation based Attacks And Effectively Identify Trustworthy Cloud Services. IJSEAT, 4(6), pp.287-289.

Xia, Z., Wang, X., Zhang, L., Qin, Z., Sun, X. and Ren, K., 2016. A privacy-preserving and copy-deterrence content-based image retrieval scheme in cloud computing. IEEE Transactions on Information Forensics and Security, 11(11), pp.2594-2608.

Yadav, D.S. and Doke, K., 2016. Mobile Cloud Computing Issues and Solution Framework.

Order an Essay Now & Get These Features For Free:

Turnitin Report

Formatting

Title Page

Citation

Outline

Place an Order
Calculate the price
Pages (275 words)
$0.00
Course Scholars
Company
Legal
How Our Service is Used:
Course Scholars essays are NOT intended to be forwarded as finalized work as it is only strictly meant to be used for research and study purposes. Course Scholars does not endorse or condone any type of plagiarism.
Subscribe
No Spam
© 2025 Course Scholars. All rights reserved.
Course Scholars will be listed as ‘Course Scholars’ on your bank statement.

Order your essay today and save 15% with the discount code GINGER

Order Now