Medical Physicist's Role in Cyber Security

Questions and Answers

What is one of the main objectives of the medical physicist's role in cyber security?

To promote medical research

To discuss why cyber security is critically important for in healthcare (correct)

To improve healthcare services

To design new healthcare technologies

What is a major concern in healthcare that medical physicists need to address?

Hospital administration

Equipment maintenance

Medical research funding

Patient data security (correct)

What do cyber criminals often target in healthcare?

Medical research data

Patient medical records (correct)

Pharmaceutical supplies

Medical equipment

What can clinical physicists do to prevent cyber security threats?

Taking simple and effective precautions

What is the focus of cyber security in healthcare beyond electronic health records (EHR)?

Cyber-Physical Systems

What was the outcome of the cyber attack on the radiation oncology department?

All radiation oncology patient appointments were cancelled for 3 days

What is the primary focus of Cyber Security?

Protecting computers, networks, programs and data from unauthorized access

Why is Cyber Security crucial in Radiation Oncology?

All of the above

What is the duration the clinical physicist and dosimetry staff spent on QA before resuming patient treatments?

Numerous hours

When did patient treatments resume after the cyber attack?

On the 5th day

What is the primary function of malicious software such as Trojan Horses?

To gain unauthorized access to computer systems

What is a common threat to cyber security in public Wi-Fi networks?

Untrusted wireless access points

What is a key concern when sharing patient health data via email?

Using unencrypted email messages

What is a common characteristic of medical device companies?

Having less than 50 employees

What is a primary focus of medical device companies' research and development?

Producing patient care functionality

What is a current challenge in the medical device industry?

Lack of general technology resources, processes, and security knowledge

What is the main purpose of using firewalls, virtual private networks, and encryption in a clinical environment?

To protect data and ensure secure communication

What is the main benefit of whitelisting in a medical device network?

To create a list of trusted entities that can access the device or network

Why may IT systems not allow non-registered computers to be connected to hospital networks?

To ensure data security and prevent unauthorized access

What is the main purpose of two-factor authentication in a medical environment?

To add an extra layer of security to the login process

What is the main reason why medical devices should not be directly accessible to the Internet?

To prevent unauthorized access and potential security breaches

Why is it important to encourage vendors to integrate their login system with the hospital's active directory system?

To enable single sign-on for vendors

What is a recommended practice for vendor systems to ensure device data encryption?

Adhering to industry standards such as NIST's FIPS-140-2

What is a crucial aspect of account use best practices for medical devices?

Ensuring no non-expiring passwords and no regular accounts with elevated administrator privileges

What is a benefit of using site-to-site VPN for vendor support?

Improved security for vendor device communications

Why is it important for vendor systems to upgrade operating systems and third-party/open source applications?

To minimize the risk of security vulnerabilities

What is a recommended practice for securing medical devices?

Avoiding hard-coded or default passwords and ensuring secure encryption