Cyber Security in Health: Standard Protocols for IoT and Supervisory Control Systems

Cyber Security in Health: Standard Protocols for IoT and Supervisory Control Systems

Bruno J. Santos (Instituto Federal de São Paulo, Brazil), Rachel P. Tabacow (Instituto Federal de São Paulo, Brazil), Marcelo Barboza (Instituto Federal de São Paulo, Brazil & Escola Politécnica da Universidade de São Paulo, Brazil), Tarcisio F. Leão (Instituto Federal de São Paulo, Brazil) and Eduardo G. P. Bock (Instituto Federal de São Paulo, Brazil)
DOI: 10.4018/978-1-7998-2910-2.ch015

Abstract

Cyber security in Healthcare is a growing concern. Since it has been a proliferation of IoT devices, data breaches from the healthcare industry are increasing the concern about how cyber security can protect data from connected medical devices. Recent years have seen numerous hacking and IT security incidents. Many healthcare organizations are facing problems to defend their networks from cybercriminals. In the current digital era, the physical world has a cyber-representation. Both the real and virtual worlds are connected in areas, such as informatics and manufacturing. Health 4.0 (H4.0) refers to a group of initiatives aiming to improve medical care for patients, hospitals, researchers, and medical device suppliers. Increasing collaboration in terms of medical equipment, artificial organs, and biosensors is a way to facilitate H4.0. As a result, cyber security budgets have increased, new technology has been purchased, and healthcare organizations are improving at blocking attacks and keeping their networks secure.
Chapter Preview
Top

Background

An increase in attacks and invasions on medical devices has caused regulators to take notice; Food and Drugs Administration (FDA) issued a safety communication in June 2013 entitled “Cybersecurity for Medical Devices and Hospital Networks”. The working group, involving representatives of the FDA, the Office of the National Coordinator for Health Information Technology, and the Federal Communications Commission, has released a report calling for increased private-sector involvement and a risk-based regulatory framework. But the problem is that they did not define the framework, and burdensome with regulation could greatly increase emerging threats. Cyberattack is a clear and present threat in healthcare; thus it is time to organize, convene, and focus in protection of patient data. Since technology has unquestionably improved healthcare, it is mandatory to ensure that the promised benefits continue to be delivered safely (Baheti & Gill, 2011).

An important related topic is Telehealth, an approach that aims to provide high quality health services to people who cannot easily access these services. When it comes to cyber threats and frequently reported health data breaches, many people may be hesitant to use Telehealth-based services. The HIPAA protocol includes comprehensive details that are not always specific to telehealth and is therefore difficult for telehealth professionals to use (Zhou et al., 2019).

Key Terms in this Chapter

Collaborative Control Theory (CCT): A collection of principles and models for supporting the effective design of collaborative e-Work systems.

Artificial Intelligence (AI): An area of computer science that emphasizes the creation of intelligent machines that work and react like humans.

Health 4.0 (H4.0): Since Industry 4.0 extends further the IoT model with the inclusion of robotics and automation, H4.0 is the application of the I4.0 paradigm to the healthcare sector.

Big Data: Extremely large data sets that may be analyzed computationally to reveal patterns, trends, and associations, especially relating to human behavior and interactions.

Computer Integrated Manufacturing (CIM): The manufacturing approach of using computers to control entire production process. This integration allows individual processes to exchange information with each other and initiate actions.

Health Insurance Portability and Accountability Act (HIPAA): The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is an American federal law that requires employers to protect employee medical records as confidential. HIPAA includes regulations that cover how employers must protect employees' medical privacy rights and the privacy of their health information.

Food and Drugs Administration (FDA): The American agency is separated into divisions that oversee a majority of the organization's obligations involving food, drugs, cosmetics, animal food, dietary supplements, medical devices, biological goods, and blood products.

Internet of Things (IoT): A system of interrelated computing devices, mechanical and digital machines, objects, animals or people that are provided with unique identifiers (UIDs) and the ability to transfer data over a network without requiring human-to-human or human-to-computer interaction.

Distributed Hierarchical Control System (DHCS): A form of control system in which a set of devices and governing software are arranged in a hierarchical tree.

Radio Frequency Identification (RFID): A form of wireless communication that incorporates the use of electromagnetic or electrostatic coupling in the radio frequency portion of the electromagnetic spectrum to uniquely identify an object, animal or person.

Complete Chapter List

Search this Book:
Reset