This paper is an updated summary with feedback of a paper originally presented at the ACM HealthSec Workshop held in Salt Lake City October 2024 [4]. The content is computer-related risks to healthcare documented within the book [6] and the ACM Forum on Risks to the Public on Computers and Related Subjects, which was created by the first author in 1985 and has been continuously moderated by him since then. The complete set of RISKS archives is dual-hosted online and specific issues referred to as (R vol no) can be obtained directly in the searchable site in Newcastle UK [7]. The paper style provides direct references to hundreds of events which have occurred over several decades. Computer-related risks in healthcare include data breaches, provider outages interrupting continuity of care via ransomware and denial-of-service attacks, system malfunctions, unauthorized access, data loss, data corruption, insider threats, and supply chain attacks. All of these risks can lead to patient harms ranging from minor inconvenience all the way to patient death. By identifying the events and describing the conditions that have brought us to our current state, broader patterns emerge beyond isolated occurrences, from which we can learn to better understand the present to improve in the future.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Computer-Related Healthcare Risks – Updated!

  • Peter G. Neumann,
  • William Yurcik

摘要

This paper is an updated summary with feedback of a paper originally presented at the ACM HealthSec Workshop held in Salt Lake City October 2024 [4]. The content is computer-related risks to healthcare documented within the book [6] and the ACM Forum on Risks to the Public on Computers and Related Subjects, which was created by the first author in 1985 and has been continuously moderated by him since then. The complete set of RISKS archives is dual-hosted online and specific issues referred to as (R vol no) can be obtained directly in the searchable site in Newcastle UK [7]. The paper style provides direct references to hundreds of events which have occurred over several decades. Computer-related risks in healthcare include data breaches, provider outages interrupting continuity of care via ransomware and denial-of-service attacks, system malfunctions, unauthorized access, data loss, data corruption, insider threats, and supply chain attacks. All of these risks can lead to patient harms ranging from minor inconvenience all the way to patient death. By identifying the events and describing the conditions that have brought us to our current state, broader patterns emerge beyond isolated occurrences, from which we can learn to better understand the present to improve in the future.