Estimating Security Risk of Healthcare Web Applications: A Design Perspective

In the recent years, the booming web-based applications have attracted the hackers' community. The security risk of the web-based hospital management system (WBHMS) has been increasing rapidly. In the given context, the main goal of all security professionals and website developers is to maintain security divisions and improve on the user's confidence and satisfaction. At this point, the different WBHMS tackle different types of security risks. In WBHMS, the security of the patients' medical information is of utmost importance. All in all, there is an inherent security risk of data and assets in the field of the medical industry as a whole. The objective of this study is to estimate the security risk assessment of WBHMS. The risks assessment pertains to securing the integrity of the information in alignment with the Health Insurance Portability and Accountability Act. This includes protecting the relevant financial records, as well as the identification, evaluation, and prevention of a data breach. In the past few years, according to the US-based cyber-security firm Fire-eye, 6.8 million data thefts have been recorded in the healthcare sector in India. The breach barometer report mentions that in the year 2019, the data breaches found were up to 48.6% as compared to the year 2018. Therefore, it is very important to assess the security risk in WBHMS. In this research, we have followed the hybrid technique fuzzy analytic hierarchy process-technique for order of preference by similarity to ideal solution (F-AHPTOPSIS) approach to assess the security risk in WBHMS. The place of this empirical database is at the local hospital of Varanasi, U.P., India. Given the affectability of WBHMS for its board framework, this work has used diverse types of web applications. The outcomes obtained and the procedure used in this assessment would support future researchers and specialists in organizing web applications through advanced support of safety and security.