Catalogue Search | MBRL
Are you sure you want to remove the book from the shelf?
{{itemTitle}}
728
result(s) for
"Medical informatics Security measures."
Sort by:
Cybersecurity for hospitals and healthcare facilities : a guide to detection and prevention
Learn how to detect and prevent the hacking of medical equipment at hospitals and healthcare facilities. A cyber-physical attack on building equipment pales in comparison to the damage a determined hacker can do if he/she gains access to a medical-grade network as a medical-grade network controls the diagnostic, treatment, and life support equipment on which lives depend. News reports inform us how hackers strike hospitals with ransomware that prevents staff from accessing patient records or scheduling appointments. Unfortunately, medical equipment also can be hacked and shut down remotely as a form of extortion. Criminal hackers will not ask for a $$500 payment to unlock an MRI, PET or CT scan, or X-ray machine--they will ask for much more. Litigation is bound to follow and the resulting punitive awards will drive up hospital insurance costs and healthcare costs in general. This will undoubtedly result in increased regulations for hospitals and higher costs for compliance. Unless hospitals and other healthcare facilities take the steps necessary to secure their medical-grade networks, they will be targeted for cyber-physical attack, possibly with life-threatening consequences. Cybersecurity for Hospitals and Healthcare Facilities is a wake-up call explaining what hackers can do, why hackers would target a hospital, the way hackers research a target, ways hackers can gain access to a medical-grade network (cyber-attack vectors), and ways hackers hope to monetize their cyber-attack. By understanding and detecting the threats, hospital administrators can take action now--before their hospital becomes the next victim. This book shows you how to: Determine how vulnerable hospital and healthcare building equipment is to cyber-physical attack. Identify possible ways hackers can hack hospital and healthcare facility equipment. Recognize the cyber-attack vectors--or paths by which a hacker or cracker can gain access to a computer, a medical-grade network server, or expensive medical equipment in order to deliver a payload or malicious outcome. Detect and prevent man-in-the-middle or denial-of-service cyber-attacks. Detect and prevent hacking of the hospital database and hospital web application.
Book
Dictionary of health information technology and security
Over 10,000 Detailed Entries!\"There is a myth that all stakeholders in the healthcare space understand the meaning of basic information technology jargon.In truth, the vernacular of contemporary medical information systems is unique, and often misused or misunderstoodÖ Moreover, an emerging national Heath Information Technology (HIT).
eBook
Health Data Governance
All countries are investing in health data. There are however significant cross-country differences in data availability and use. Some countries stand out for their innovative practices enabling privacy-protective data use while others are falling behind with insufficient data and restrictions that limit access to and use of data, even by government itself. Countries that develop a data governance framework that enables privacy-protective data use will not only have the information needed to promote quality, efficiency and performance in their health systems, they will become a more attractive centre for medical research. After examining the current situation in OECD countries, a multi-disciplinary advisory panel of experts identified eight key data governance mechanisms to maximise benefits to patients and to societies from the collection, linkage and analysis of health data and to, at the same time, minimise risks to the privacy of patients and to the security of health data. These mechanisms include coordinated development of high-value, privacy-protective health information systems, legislation that permits privacy-protective data use, open and transparent public communication, accreditation or certification of health data processors, transparent and fair project approval processes, data de-identification and data security practices that meet legal requirements and public expectations without compromising data utility and a process to continually assess and renew the data governance framework as new data and new risks emerge.
eBook
Risk management-based security evaluation model for telemedicine systems
Background
Infectious diseases that can cause epidemics, such as COVID-19, SARS-CoV, and MERS-CoV, constitute a major social issue, with healthcare providers fearing secondary, tertiary, and even quaternary infections. To alleviate this problem, telemedicine is increasingly being viewed as an effective means through which patients can be diagnosed and medications prescribed by doctors via untact Thus, concomitant with developments in information and communication technology (ICT), medical institutions have actively analyzed and applied ICT to medical systems to provide optimal medical services. However, with the convergence of these diverse technologies, various risks and security threats have emerged. To protect patients and improve telemedicine quality for patient safety, it is necessary to analyze these risks and security threats comprehensively and institute appropriate countermeasures.
Methods
The security threats likely to be encountered in each of seven telemedicine service areas were analyzed, and related data were collected directly through on-site surveys by a medical institution. Subsequently, an attack tree, the most popular reliability and risk modeling approach for systematically characterizing the potential risks of telemedicine systems, was examined and utilized with the attack occurrence probability and attack success probability as variables to provide a comprehensive risk assessment method.
Results
In this study, the most popular modelling method, an attack tree, was applied to the telemedicine environment, and the security concerns for telemedicine systems were found to be very large. Risk management and evaluation methods suitable for the telemedicine environment were identified, and their benefits and potential limitations were assessed.
Conclusion
This research should be beneficial to security experts who wish to investigate the impacts of cybersecurity threats on remote healthcare and researchers who wish to identify new modeling opportunities to apply security risk modeling techniques.
Journal Article
Towards developing a secure medical image sharing system based on zero trust principles and blockchain technology
Background
Data security has been a critical topic of research and discussion since the onset of data sharing in e-health systems. Although digitalization of data has increased efficiency and speed, it has also made data vulnerable to cyber attacks. Medical records in particular seem to be the regular victims of hackers. Several data breach incidents throughout history have warranted the invention of security measures against these threats. Although various security procedures like firewalls, virtual private networks, encryption, etc are present, a mix of these approaches are required for maximum security in medical image and data sharing.
Methods
Relatively new, blockchain has become an effective tool for safeguarding sensitive information. However, to ensure overall protection of medical data (images), security measures have to be taken at each step, from the beginning, during and even after transmission of medical images which is ensured by zero trust security model. In this research, a number of studies that deal with these two concepts were studied and a decentralized and trustless framework was proposed by combining these two concepts for secured medical data and image transfer and storage.
Results
Research output suggested blockchain technology ensures data integrity by maintaining an audit trail of every transaction while zero trust principles make sure the medical data is encrypted and only authenticated users and devices interact with the network. Thus the proposed model solves a lot of vulnerabilities related to data security.
Conclusions
A system to combat medical/health data vulnerabilities has been proposed. The system makes use of the immutability of blockchain, the additional security of zero trust principles, and the scalability of off chain data storage using Inter Planetary File Systems (IPFS). The adoption of this system suggests to enhance the security of medical or health data transmission.
Journal Article
Security Techniques for the Electronic Health Records
The privacy of patients and the security of their information is the most imperative barrier to entry when considering the adoption of electronic health records in the healthcare industry. Considering current legal regulations, this review seeks to analyze and discuss prominent security techniques for healthcare organizations seeking to adopt a secure electronic health records system. Additionally, the researchers sought to establish a foundation for further research for security in the healthcare industry. The researchers utilized the Texas State University Library to gain access to three online databases: PubMed (MEDLINE), CINAHL, and ProQuest Nursing and Allied Health Source. These sources were used to conduct searches on literature concerning security of electronic health records containing several inclusion and exclusion criteria. Researchers collected and analyzed 25 journals and reviews discussing security of electronic health records, 20 of which mentioned specific security methods and techniques. The most frequently mentioned security measures and techniques are categorized into three themes: administrative, physical, and technical safeguards. The sensitive nature of the information contained within electronic health records has prompted the need for advanced security techniques that are able to put these worries at ease. It is imperative for security techniques to cover the vast threats that are present across the three pillars of healthcare.
Journal Article
Improving accessibility of the Australian My Health Records while preserving privacy and security of the system
Australian My Health Record (MyHR) is a significant development in empowering patients, allowing them to access their summarised health information themselves and to share the information with all health care providers involved in their care. Consequently, the MyHR system must enable efficient availability of meaningful, accurate, and complete data to assist an improved clinical administration of a patient. However, while enabling this, protecting data privacy and ensuring security in the MyHR system has become a major concern because of its consequences in promoting high standards of patient care. In this paper, we review and address the impact of data security and privacy on the use of the MyHR system and its associated issues. We determine and analyse where privacy becomes an issue of using the MyHR system. Finally, we also present an appropriate method to protect the security and privacy of the MyHR system in Australia.
Journal Article
The state of research on cyberattacks against hospitals and available best practice recommendations: a scoping review
Background
The health sector has quickly become a target for cyberattacks. Hospitals are especially sensitive to these sorts of attacks as any disruption in operations or even disclosure of patient personal information can have far-reaching consequences. The objective of this study was to map the available literature on cyberattacks on hospitals and to identify the different domains of research, while extracting the recommendations and guidelines put forth in the literature.
Methods
Four databases (PubMed, Web of Science, ProQuest, and Scopus) were searched using standardized and adapted search syntax in order to identify relevant manuscripts published between 1997 and 2017. These were screened by two reviewers and included or excluded based on inclusion and exclusion criteria. Data from articles were then extracted and analyzed.
Results
The search identified 818 records of which 97 were included. Of the 97, 32% were published in 2017 while around 40% of the articles were published prior to the last three years. Six domains of research emerged through the analysis, which are included here: context and trends in cybersecurity (27.8%), connected medical devices and equipment (29.9%), hospital information systems (14.4%), raising awareness and lessons learned (6.2%), information security methodology (15.4%), and specific types of attacks (6.2%).
Conclusion
There is a generally growing interest in the research field, but the available literature remains limited in number. There are important aspects of cybersecurity (e.g. cloud storage and access management) as well as specific medical fields that rely on various medical devices that have been neglected. Recommendations are available, but comprehensive guidelines and standardized best practice measures are still necessary.
Journal Article