Curricular Unit:Code:
Computer Security in Health1097SISA
Year:Level:Course:Credits:
1CTSPAdministrative Management in Clinical Context6 ects
Learning Period:Language of Instruction:Total Hours:
Winter SemesterPortuguese/English78
Learning Outcomes of the Curricular Unit:
1 - Study issues related to ethical, legal and social issues arising from the use of ICT and IS in the health sector, gaining knowledge of its importance and how to act in solving new problems;
2 - Analyze concepts, principles, institutions and tools related to health information security, as well as the risks and threats to which it is subject, students acquire skills to safeguard and protect information.
3 - To know the main lines of concern that the data protection institutions consider regarding the privacy of citizens.
4 - Studying the best practices, through the analysis of cases, allows students to know the difficulties already overcome, solutions adopted and results achieved in experiences of implementing IS in health.
5 - Acquire basic skills for the application of a health safety mechanism.
Syllabus:
1.Definition of cybercrime
2. Reference legislation
3.Characterization of Cybercrime
4. Main cybercrime actions
5. Cybercrime prevention
6. Proposal for legal framework
7. Cybercrime terminology
8. Digital Forensic Analysis
9. Information Security;
10. Security features: Confidentiality, Integrity and Availability;
11. Main security threats;
12. Security problems: Internal and external;
13. Security mechanisms: prevention, detection and correction;
14. Data Protection;
14.1. The Amendments introduced by the General Data Protection Regulation and its impact on Companies
14.2. Conclusion: What to do to adapt to the GDPR?
15. Case Studies
Demonstration of the Syllabus Coherence with the Curricular Unit's Objectives:
The program provides students with basic training in matters related to computer security, especially in the area of ??health, in order to provide them with the capacity for critical analysis of security, cybercrime and personal data protection issues.
The syllabus provides a social, technical and legal perspective of cybercrime, allowing students to acquire bases to develop activities for the identification, analysis and development of cybercrime scenarios and respective security measures.
Throughout the course, the different dimensions of computer security will be analyzed, namely the historical and contemporary patterns of this form of criminality. Specific areas of security will also be addressed, providing students with the opportunity to understand the factors that make institutions particularly vulnerable to this form of crime.
Teaching Methodologies (Including Evaluation):
Expository methodology of concepts in the classroom, with work proposal to be carried out. The work to be carried out by the students includes brief thematic analyzes, including searching for information in databases and portals of national and international agencies. In some specific situations, students use computer applications to test the concepts presented.
The evaluation contemplates the accomplishment, at least, a frequency and two or more small works done individually or in group, according to the constitution of the class.
Demonstration of the Coherence between the Teaching Methodologies and the Learning Outcomes:
The teaching methodology is based on the exposure of concepts and analysis of situations, inviting students to get involved in scenarios of computer security, cybercrime and protection of personal data in the light of the GDPR, whether from a social or legal point of view, looking for information, documenting and debating the issues addressed about possible threats, being able to develop scenarios from the point of view of observers. Theoretical-practical classes - Oral presentation of theoretical content; practical exercises to collect bibliography related to the themes developed in this teaching unit using the databases subscribed by the University; group discussions where the analysis of the themes addressed in this teaching unit will be promoted.
Reading:
- Antunes, M. & Rodrigues B. (2018). Introdução à Cibersegurança: a Internet, os aspectos legais e a Análise Digital Forense. FCA - Editora de Informática, Lda.
- Antunes, L. (2018). Pôr em prática o RGPD. FCA - Editora de Informática, Lda.
- Saldanha, N,. (2018). Novo Regulamento Geral de Proteção de Dados. FCA - Editora de Informática, Lda.
- Menezes Cordeiro, A. B. (2020). Direito da Proteção de Dados - À luz do RGPD e da Lei nº 58/2019. Edições Almedina SA.
- Duque, R., Noivo, D. & Almeida e Silva, T. (2016). Segurança Contemporânea. Pactor - Edições de Ciências Sociais, Forenses e da Educação.
- McQuade, S., "Understanding and Managing Cybercrime", Pearson Education, 2006,
- Shortliffe, E. e Cimino, J. (2014). Biomedical Informatics - Computer Applications in Health Care and Biomedicine. (Vol. 1). (pp. 1---). New York: Springer