Cybersecurity in radiology: Cautionary Tales, Proactive Prevention, and What to do When You Get Hacked.

Abstract

To improve awareness and understanding of cybersecurity threats to radiology practice and better equip healthcare practices to manage cybersecurity risks associated with medical imaging, this article reviews topics related to cybersecurity in healthcare, with emphasis on common vulnerabilities in radiology operations. This review is intended to assist radiologists and radiology administrators who are not information technology specialists to attain an updated overview of relevant cybersecurity concepts and concerns relevant to safe and effective practice of radiology and provides a succinct reference for individuals interested in learning about imaging-related vulnerabilities in healthcare settings. As cybersecurity incidents have become increasingly common in healthcare, we first review common cybersecurity threats in healthcare and provide updates on incidence of healthcare data breaches, with emphasis on the impact to radiology. Next, we discuss practical considerations on how to respond to a healthcare data breach, including notification and disclosure requirements, and elaborate on a variety of technical, organizational, and individual actions that can be adopted to minimize cybersecurity risks applicable to radiology professionals and administrators. While emphasis is placed on specific vulnerabilities within radiology workflow, many of the preventive or mitigating strategies are also relevant to cybersecurity within the larger digital healthcare arena. We anticipate that readers, upon completing this review article, will gain a better appreciation of cybersecurity issues relevant to radiology practice and be better equipped to mitigate cybersecurity risks associated with medical imaging.