Medical Physicist's Role in Cyber Security

Questions and Answers

What is one of the main objectives of the medical physicist's role in cyber security?

• To promote medical research
• To discuss why cyber security is critically important for in healthcare (correct)
• To improve healthcare services
• To design new healthcare technologies

What is a major concern in healthcare that medical physicists need to address?

• Hospital administration
• Equipment maintenance
• Medical research funding
• Patient data security (correct)

What do cyber criminals often target in healthcare?

• Medical research data
• Patient medical records (correct)
• Pharmaceutical supplies
• Medical equipment

What can clinical physicists do to prevent cyber security threats?

Taking simple and effective precautions (C)

What is the focus of cyber security in healthcare beyond electronic health records (EHR)?

Cyber-Physical Systems (C)

What was the outcome of the cyber attack on the radiation oncology department?

All radiation oncology patient appointments were cancelled for 3 days (D)

What is the primary focus of Cyber Security?

Protecting computers, networks, programs and data from unauthorized access (C)

Why is Cyber Security crucial in Radiation Oncology?

All of the above (D)

What is the duration the clinical physicist and dosimetry staff spent on QA before resuming patient treatments?

Numerous hours (C)

When did patient treatments resume after the cyber attack?

On the 5th day (B)

What is the primary function of malicious software such as Trojan Horses?

To gain unauthorized access to computer systems (B)

What is a common threat to cyber security in public Wi-Fi networks?

Untrusted wireless access points (D)

What is a key concern when sharing patient health data via email?

Using unencrypted email messages (A)

What is a common characteristic of medical device companies?

Having less than 50 employees (A)

What is a primary focus of medical device companies' research and development?

Producing patient care functionality (C)

What is a current challenge in the medical device industry?

Lack of general technology resources, processes, and security knowledge (C)

What is the main purpose of using firewalls, virtual private networks, and encryption in a clinical environment?

To protect data and ensure secure communication (A)

What is the main benefit of whitelisting in a medical device network?

To create a list of trusted entities that can access the device or network (C)

Why may IT systems not allow non-registered computers to be connected to hospital networks?

To ensure data security and prevent unauthorized access (D)

What is the main purpose of two-factor authentication in a medical environment?

To add an extra layer of security to the login process (D)

What is the main reason why medical devices should not be directly accessible to the Internet?

To prevent unauthorized access and potential security breaches (A)

Why is it important to encourage vendors to integrate their login system with the hospital's active directory system?

To enable single sign-on for vendors (B)

What is a recommended practice for vendor systems to ensure device data encryption?

Adhering to industry standards such as NIST's FIPS-140-2 (C)

What is a crucial aspect of account use best practices for medical devices?

Ensuring no non-expiring passwords and no regular accounts with elevated administrator privileges (D)

What is a benefit of using site-to-site VPN for vendor support?

Improved security for vendor device communications (A)

Why is it important for vendor systems to upgrade operating systems and third-party/open source applications?

To minimize the risk of security vulnerabilities (D)

What is a recommended practice for securing medical devices?

Avoiding hard-coded or default passwords and ensuring secure encryption (B)