Risk management-based security evaluation model for telemedicine systems

There is no author summary for this article yet. Authors can add summaries to their articles on ScienceOpen to make them more accessible to a non-specialist audience.

Abstract

Background

Infectious diseases that can cause epidemics, such as COVID-19, SARS-CoV, and MERS-CoV, constitute a major social issue, with healthcare providers fearing secondary, tertiary, and even quaternary infections. To alleviate this problem, telemedicine is increasingly being viewed as an effective means through which patients can be diagnosed and medications prescribed by doctors via untact Thus, concomitant with developments in information and communication technology (ICT), medical institutions have actively analyzed and applied ICT to medical systems to provide optimal medical services. However, with the convergence of these diverse technologies, various risks and security threats have emerged. To protect patients and improve telemedicine quality for patient safety, it is necessary to analyze these risks and security threats comprehensively and institute appropriate countermeasures.

Methods

The security threats likely to be encountered in each of seven telemedicine service areas were analyzed, and related data were collected directly through on-site surveys by a medical institution. Subsequently, an attack tree, the most popular reliability and risk modeling approach for systematically characterizing the potential risks of telemedicine systems, was examined and utilized with the attack occurrence probability and attack success probability as variables to provide a comprehensive risk assessment method.

Results

In this study, the most popular modelling method, an attack tree, was applied to the telemedicine environment, and the security concerns for telemedicine systems were found to be very large. Risk management and evaluation methods suitable for the telemedicine environment were identified, and their benefits and potential limitations were assessed.

Conclusion

This research should be beneficial to security experts who wish to investigate the impacts of cybersecurity threats on remote healthcare and researchers who wish to identify new modeling opportunities to apply security risk modeling techniques.

Related collections

Most cited references 26

Record: found
Abstract: found
Article: found

Characteristics of and Important Lessons From the Coronavirus Disease 2019 (COVID-19) Outbreak in China: Summary of a Report of 72 314 Cases From the Chinese Center for Disease Control and Prevention

Zunyou Wu, Jennifer M. McGoogan (2020)

0 comments Cited 8511 times – based on 0 reviews      Review now

Bookmark

Record: found
Abstract: found
Article: not found

Middle East Respiratory Syndrome Coronavirus (MERS-CoV): Announcement of the Coronavirus Study Group

R. J. De Groot, S C Baker, R. S. Baric … (2013)

Journal of Virology, 87(14), 7790-7792

0 comments Cited 659 times – based on 0 reviews      Review now

Bookmark

Record: found
Abstract: found
Article: not found

Security and privacy issues in implantable medical devices: A comprehensive survey.

Carmen Cámara, Pedro Peris-Lopez, Juan Tapiador (2015)

Bioengineering is a field in expansion. New technologies are appearing to provide a more efficient treatment of diseases or human deficiencies. Implantable Medical Devices (IMDs) constitute one example, these being devices with more computing, decision making and communication capabilities. Several research works in the computer security field have identified serious security and privacy risks in IMDs that could compromise the implant and even the health of the patient who carries it. This article surveys the main security goals for the next generation of IMDs and analyzes the most relevant protection mechanisms proposed so far. On the one hand, the security proposals must have into consideration the inherent constraints of these small and implanted devices: energy, storage and computing power. On the other hand, proposed solutions must achieve an adequate balance between the safety of the patient and the security level offered, with the battery lifetime being another critical parameter in the design phase.

0 comments Cited 63 times – based on 0 reviews      Review now

Bookmark

All references

Author and article information

Contributors

Keun-hee Han:

ORCID: http://orcid.org/0000-0001-6385-0617

khhan@formal.korea.ac.kr

Journal

Journal ID (nlm-ta): BMC Med Inform Decis Mak

Journal ID (iso-abbrev): BMC Med Inform Decis Mak

Title: BMC Medical Informatics and Decision Making

Publisher: BioMed Central (London )

ISSN (Electronic): 1472-6947

Publication date (Electronic): 10 June 2020

Publication date PMC-release: 10 June 2020

Publication date Collection: 2020

Volume: 20

Electronic Location Identifier: 106

Affiliations

GRID grid.222754.4, ISNI 0000 0001 0840 2678, Information Security Department, , Korea University, ; Seoul, Republic of Korea

Author information

Keun-hee Han http://orcid.org/0000-0001-6385-0617

Article

Publisher ID: 1145

DOI: 10.1186/s12911-020-01145-7

PMC ID: 7286211

PubMed ID: 32522216

SO-VID: 8f8f2d19-3e90-42b2-8682-c1fc314664b7

License:

Open AccessThis article is licensed under a Creative Commons Attribution 4.0 International License, which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons licence, and indicate if changes were made. The images or other third party material in this article are included in the article's Creative Commons licence, unless indicated otherwise in a credit line to the material. If material is not included in the article's Creative Commons licence and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder. To view a copy of this licence, visit http://creativecommons.org/licenses/by/4.0/. The Creative Commons Public Domain Dedication waiver ( http://creativecommons.org/publicdomain/zero/1.0/) applies to the data made available in this article, unless otherwise stated in a credit line to the data.

History

Date received : 13 February 2020

Date accepted : 3 June 2020

Funding

Funded by: Korea Health Technology R&D Project through the Korea Health Industry Development Institute (KHIDI), funded by the Ministry of Health & Welfare, Republic of Korea

Award ID: HI19C0811

Award Recipient : Dong-won Kim

Custom metadata

ScienceOpen disciplines: Bioinformatics & Computational biology

Keywords: telemedicine security,medical information security,smart medical security,telecare security

Data availability:

ScienceOpen disciplines: Bioinformatics & Computational biology

Keywords: telemedicine security, medical information security, smart medical security, telecare security