Date of Award

Summer 7-1-2021

Document Type

Dissertation

Degree Name

Doctor of Philosophy in Technology Management

Department

College of Technology

Abstract

According to a survey, the healthcare industry is one of the least cloud-adopting industries. The low adoption reflects the healthcare industry's ongoing concerns about the security of the cloud. Business applications, according to another survey, are among the most vulnerable components of business information systems. Many risk assessment frameworks available today, particularly for health information applications, require significant customization before they can be used. This study created a new framework to assess cloud risks specifically for their health information applications, utilizing data-driven risk assessment methodologies to avoid surveys, interviews, and meetings for data collection. For the feasibility study, the open-source application codes were chosen from over 190 million GitHub repositories using a decision tree method, while a purposive sampling method was used to choose for a simulated patient information database from the healthcare industry. Using these methods, the researcher discovered security warnings and privacy violation suspects and subsequently converted them into quantitative measures to calculate the risks of the cloud-based health information application and a database. The significance of this study lies in the collection of data directly from applications and databases with a quantitative approach for risk calculation.

Download

Share

COinS