Skip to content

DA5. Medical vs E-Commerce Industry Security Requirements

Statement

Different fields have different security requirements around big data capture and use. Identify one of the four areas noted in the article by Gupta (2018) and:

  • Discuss the issues faced by that industry.
  • Compare those issues to one of the other industries noted in the article.

Eg. If you are choosing the medical industry, then you can compare its issue with either the Internet, telecommunication, or E-commerce industry.

Answer

Introduction

Data security and privacy are two different concepts. Data security is concerned with the CIA triad: Confidentiality, Integrity, and Availability; while privacy is concerned with the protection of personal information even from legitimate data owners (Serious Data Solutions, 2020).

This text will compare the security requirements of the medical industry with the e-commerce industry.

Medical Industry

The medical industry gives extra importance to data security according to the requirements of the Health Insurance Portability and Accountability Act (HIPAA). Data in this industry is of great value and any data loss directly affects patients’ lives, thus it requires fault-tolerant systems with reliable recovery capabilities (Gupta, 2018).

The nature of the industry requires it to collect sensitive data from patients, including real identity, medical history, and other personal information; the leakage of such data at a large scale can lead to national disaster if such data ends up in the wrong hands; thus, the industry requires strong, efficient, and reliable encryption mechanisms to protect data at all stages of its life cycle.

The industry faces challenges in staffing, and the end-users of systems are usually doctors and nurses with little technical knowledge who are the sources of most collected data; thus, the industry requires systems to have reliable and user-friendly authentication mechanisms that ensure the authenticity of the data.

E-Commerce Industry

The e-commerce industry also faces challenges in data security. The industry expanded rapidly in transaction volume, user expectations, and areas it covers from retail to supply chain management; thus, the industry requires systems that can scale and handle sudden spikes in traffic.

The industry is known for its diversity, where multiple points of sales, payment gateways, and delivery systems are involved which means multiple data sources and data formats; thus, the industry requires systems that are flexible in connecting to cloud services, APIs, and other systems which give extra importance to network security.

The industry security requirements also pressure on data access control, processing algorithms, network security, data management, and applications; and using those technologies to better control internal operations and improve financial risk management (Gupta, 2018).

Conclusion

The medical industry has more focus on data privacy and confidentiality, while such data in the e-commerce industry may be useful in generating better recommendations; especially as the de-identification (making data anonymous) of data is easier in the e-commerce industry (Gupta, 2018).

Both industries require reliable data security and privacy protection mechanisms; those mechanisms need to be compatible, efficient, and with mechanisms to ensure the authenticity of the data.

References