Journal:Cybersecurity and privacy risk assessment of point-of-care systems in healthcare: A use case approach
Full article title | Cybersecurity and privacy risk assessment of point-of-care systems in healthcare: A use case approach |
---|---|
Journal | Applied Sciences |
Author(s) | Jofre, Marc; Navarro-Llobet, Diana; Agulló, Ramon; Puig, Jordi; Gonzalez-Granadillo, Gustavo; Zamorano, Juan M.; Romeu, Ramon |
Author affiliation(s) | Fundació Privada Hospital Asil de Granollers, Atos Research & Innovation, Servicio Madrileño de Salud |
Primary contact | Email: diananavarro at fphag dot org |
Editors | Chizari, Hassan |
Year published | 2021 |
Volume and issue | 11(15) |
Article # | 6699 |
DOI | 10.3390/app11156699 |
ISSN | 2076-3417 |
Distribution license | Creative Commons Attribution 4.0 International |
Website | https://www.mdpi.com/2076-3417/11/15/6699/htm |
Download | https://www.mdpi.com/2076-3417/11/15/6699/pdf (PDF) |
This article should be considered a work in progress and incomplete. Consider this article incomplete until this notice is removed. |
Abstract
Point-of-care (POC) systems are generally used in healthcare to respond rapidly and prevent critical health conditions. Hence, POC systems often handle personal health information, and, consequently, their cybersecurity and privacy requirements are of crucial importance. However, assessing these requirements is a significant task.
In this work, we propose a use-case approach to assess specifications of cybersecurity and privacy requirements of POC systems in a structured and self-contained form. Such an approach is appropriate since use cases are one of the most common means adopted by developers to derive requirements. As a result, we detail a use case approach in the framework of a real-based healthcare IT infrastructure that includes a health information system, integration engines, application servers, web services, medical devices, smartphone apps, and medical modalities (all data simulated) together with the interaction with participants. Since our use case also sustains the analysis of cybersecurity and privacy risks in different threat scenarios, it also supports decision making and the analysis of compliance considerations.
Keywords: cybersecurity, healthcare, incidents, information privacy, IT infrastructure, point-of-care, risk assessment, sensitive medical data, threats, use case
Introduction
References
Notes
This presentation is faithful to the original, with only a few minor changes to presentation, grammar, and punctuation. In some cases important information was missing from the references, and that information was added.