Balancing Patient Safety, Clinical Efficacy, and Cybersecurity with Clinician Partners.

Joseph Schneider, Axel Wirth
{"title":"Balancing Patient Safety, Clinical Efficacy, and Cybersecurity with Clinician Partners.","authors":"Joseph Schneider, Axel Wirth","doi":"10.2345/0899-8205-55.1.21","DOIUrl":null,"url":null,"abstract":"Where We Stand Today Cybersecurity events affecting healthcare organizations are in the news with increasing frequency, indicating their growing impact and expanse. We have seen incidents ranging from breaches affecting millions of patient records to attacks shutting down hospitals across the country, with at least one of them tragically contributing to the death of a patient. Most recently, the Cybersecurity and Infrastructure Security Agency, Federal Bureau of Investigation, and Department of Health & Human Services (HHS) issued a joint warning about the healthcare industry being a target of expanding ransomware activity. Meanwhile, ransom financial demands are rising and adversaries are resorting to increasingly brazen methods, including exfiltrating data and extorting patients. COVID-19 has accelerated the trend toward connectivity in healthcare. We have added remote workers and remote patients using telehealth services and are placing devices in patients’ homes, offering a wide range of attack opportunities as critical data are transmitted across home and public networks. Healthcare is now taking place in a much more complex and highly accessible space, offering rich data and a growing attack surface. With the rapidly evolving, increasingly connected information technology (IT) infrastructure and growth of cyberthreats, healthcare is facing a perfect storm. The danger is exacerbated by the fact that we are no longer dealing solely with individual hackers but mainly with well-resourced cybercriminal organizations, as well as politically and economically motivated adversaries (e.g., nation-states, cyber terrorists). Global economic losses due to cyber incidents are estimated to be in the $3-trillion range and are expected to reach $6 trillion in 2021 and $10.5 trillion by 2025. Healthcare organizations are expected to spend $125 billion on cybersecurity over the next 5 years. It is imperative that healthcare improve its cyber defenses and “cyber culture.” This includes expanding our understanding of cyber risks, better defining what we must protect, learning how to protect it in ways that support efficient workflows and safety, and instilling good user cyber behavior. IT security and clinical engineering cannot do this alone. To develop a safe and effective path forward, we also need cyber-savvy clinicians working as partners to ensure that clinical needs are met in security decisions. This article proposes an approach and explores how we might achieve this.","PeriodicalId":35656,"journal":{"name":"Biomedical Instrumentation and Technology","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2021-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.ncbi.nlm.nih.gov/pmc/articles/PMC8641426/pdf/i0899-8205-55-1-21.pdf","citationCount":"4","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Biomedical Instrumentation and Technology","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.2345/0899-8205-55.1.21","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"Medicine","Score":null,"Total":0}
引用次数: 4

Abstract

Where We Stand Today Cybersecurity events affecting healthcare organizations are in the news with increasing frequency, indicating their growing impact and expanse. We have seen incidents ranging from breaches affecting millions of patient records to attacks shutting down hospitals across the country, with at least one of them tragically contributing to the death of a patient. Most recently, the Cybersecurity and Infrastructure Security Agency, Federal Bureau of Investigation, and Department of Health & Human Services (HHS) issued a joint warning about the healthcare industry being a target of expanding ransomware activity. Meanwhile, ransom financial demands are rising and adversaries are resorting to increasingly brazen methods, including exfiltrating data and extorting patients. COVID-19 has accelerated the trend toward connectivity in healthcare. We have added remote workers and remote patients using telehealth services and are placing devices in patients’ homes, offering a wide range of attack opportunities as critical data are transmitted across home and public networks. Healthcare is now taking place in a much more complex and highly accessible space, offering rich data and a growing attack surface. With the rapidly evolving, increasingly connected information technology (IT) infrastructure and growth of cyberthreats, healthcare is facing a perfect storm. The danger is exacerbated by the fact that we are no longer dealing solely with individual hackers but mainly with well-resourced cybercriminal organizations, as well as politically and economically motivated adversaries (e.g., nation-states, cyber terrorists). Global economic losses due to cyber incidents are estimated to be in the $3-trillion range and are expected to reach $6 trillion in 2021 and $10.5 trillion by 2025. Healthcare organizations are expected to spend $125 billion on cybersecurity over the next 5 years. It is imperative that healthcare improve its cyber defenses and “cyber culture.” This includes expanding our understanding of cyber risks, better defining what we must protect, learning how to protect it in ways that support efficient workflows and safety, and instilling good user cyber behavior. IT security and clinical engineering cannot do this alone. To develop a safe and effective path forward, we also need cyber-savvy clinicians working as partners to ensure that clinical needs are met in security decisions. This article proposes an approach and explores how we might achieve this.
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
与临床医生合作伙伴平衡患者安全、临床疗效和网络安全。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
Biomedical Instrumentation and Technology
Biomedical Instrumentation and Technology Computer Science-Computer Networks and Communications
CiteScore
1.10
自引率
0.00%
发文量
16
期刊介绍: AAMI publishes Biomedical Instrumentation & Technology (BI&T) a bi-monthly peer-reviewed journal dedicated to the developers, managers, and users of medical instrumentation and technology.
期刊最新文献
Effect of Gamma and X-ray Irradiation on Polymers Commonly Used in Healthcare Products. Effect of Vaporized Hydrogen Peroxide and Nitrogen Dioxide Sterilization on Nitinol. Toward Enhanced Machine-Based Release in X-ray Sterilization. Beyond Endoscopes: Pilot Study of Surgical Instrument Lumen Inspection. Advantages and Limitations of Physical and Virtual Dose Mapping.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1