Securing healthcare information system through fuzzy based decision-making methodology

Abstract

The purpose of the healthcare Information System (HIS) is to replace the conventional method of data gathering and organization in hospitals into a modern method of systematic data collection, maintenance and dissemination. There has been an unprecedented rise in the malware and cyber-attacks on HIS recently. Cyber-attacks have become a major crisis for the healthcare industry. To address this scenario, the present paper conducts a study on the security factors integral to the healthcare information system and conducts the performance analysis of these factors. For this intent, the study has employed the Fuzzy Analytic Hierarchy Process (F.AHP) integrated with Technique Order Preference by Similarity to Ideal Solution (TOPSIS) integrated framework for evaluating the performance of each factor. Thereafter, the factors that play a vital role in healthcare data security breaches have been prioritized as per their security weights. Furthermore, the validity of the results obtained by the stated methodology has been established by conducting the sensitivity analysis and comparison of results with the other methods by using the same data set. Based on results thus obtained, the access control and software security have been identified as the most promising security factors.