Skip to content

Latest commit

 

History

History
16 lines (16 loc) · 1.3 KB

InherentRiskReportCareConnect360.md

File metadata and controls

16 lines (16 loc) · 1.3 KB
Raw
Risk Area Risk Description Inherent Risk Level
Data Privacy Unauthorized access to sensitive patient health information (PHI) High
Data Security Breach of encrypted data at rest or in transit High
Authentication Compromise of user credentials or 2FA mechanisms High
Cloud Infrastructure Misconfiguration or vulnerabilities in AWS services (EC2, S3, Lambda) High
Database Security Unauthorized access or data leakage from MariaDB instance High
API Security Exploitation of vulnerabilities in RESTful APIs High
Compliance Non-compliance with HIPAA regulations High
Telehealth Security Privacy and security risks during video consultations (WebRTC) Medium
Third-Party Integrations Vulnerabilities in integrations with MedTrack Pro Medium
Web Application Security Exploitation of vulnerabilities in the React.js frontend Medium
Real-time Communication Security risks in Socket.IO implementation Medium
Continuous Deployment Introduction of vulnerabilities through automated deployment processes Medium
Monitoring and Logging Failure to detect or respond to security incidents Medium
User Error Accidental data exposure due to healthcare provider mistakes Medium