Program Information

Medical Physicist's Role in Digital Information Security: Threats, Vulnerabilities and Best Practices

K McDonald

B Curran

K McDonald¹*, B Curran²*, (1) Mayo Clinic, Rochester, MN, (2) The Warren Alpert Medical School of Brown University, Providence, RI

Presentations

TH-A-12A-1 Thursday 7:30AM - 8:25AM Room: 12A

I. Information Security Background (Speaker = Kevin McDonald)

1. Evolution of Medical Devices
2. Living and Working in a Hostile Environment
3. Attack Motivations
4. Attack Vectors
5. Simple Safety Strategies
6. Medical Device Security in the News
7. Medical Devices and Vendors
8. Summary

II. Keeping Radiation Oncology IT Systems Secure (Speaker = Bruce Curran)

1. Hardware Security
a. Double-lock Requirements
b. "Foreign" computer systems
c. Portable Device Encryption
d. Patient Data Storage
e. System Requirements

2. Network Configuration
a. Isolating Critical Devices
b. Isolating Clinical Networks
c. Remote Access Considerations

3. Software Applications / Configuration
a. Passwords / Screen Savers
b. Restricted Services / access
c. Software Configuration Restriction
d. Use of DNS to restrict access
e. Patches / Upgrades

4. Awareness
a. Intrusion Prevention
b. Intrusion Detection
c. Threat Risk Analysis

5. Conclusion

Learning Objectives:
1. Understanding how Hospital IT Requirements affect Radiation Oncology IT Systems.
2. Illustrating sample practices for hardware, network, and software security.
3. Discussing implementation of good IT security practices in radiation oncology.
4. Understand overall risk and threats scenario in a networked environment.

Handouts

• 90-25579-334462-108445.pdf (K McDonald)

• 90-25580-334462-102874.pdf (B Curran)

Contact Email: