Go-to steps from a senior imaging informatics analyst during SIIM 2020 to bolster security efforts.
In an increasingly digital industry, security has become an ever-present concern. Given the volume of imaging data each facility maintains, it is incumbent for providers and practice administrators to take proactive, protective steps, according to industry experts.
During the Society of Imaging Informatics in Medicine 2020 virtual meeting, Tom Kern, CIIP, senior imaging informatics analyst at Children’s Hospital Colorado, shared his insights on the importance of maintaining proper security and how facilities and practices can maximize it for their imaging informatics.
“We have a really long tail on modalities throughout the industry that we’re still actively using for patient care,” he said, highlighting one of the main security problems that radiology faces. “There are a fair number of machines out there that are still running on old operating systems that, except for a random patch here and there, have had no significant upgrades.”
Without a current operating system that allows for proper protection, he cautioned, facilities are left vulnerable to viruses and hacking. Bad actors are frequently aware of these weaknesses and will actively exploit them. And, once they are inside a facility’s network, he said, they have access to anything on that network as long as it can be reached via IP, potentially becoming a persistent threat.
There are several things facilities can do, though, to protect themselves, Kern said.
Responsible party: Identify who is responsible for all maintenance and security patches. In some cases, large vendors will automatically push updates to a system, alleviating the need for any action. But, smaller vendors frequently leave actual update installation to the client.
“Knowing who’s responsible for patching and who’s responsible for the care and feeding of your modalities is important,” he said.
Network segmentation: Keep devices that contain personal health information segmented and separated from a standard desktop PC, iPad, or other similar devices. Kern also advised not having them directly connected to the internet unless it is absolutely necessary.
Info-security team: Partner with an info-security team, as well as network administrators outside of imaging, he said.
“Imaging informatics professionals are really good at a lot of things, but we can’t really be good at everything,” he explained. “Engage those resources outside of imaging to make sure your network is set up properly, make sure that you’re doing patching properly, and have a schedule set up.”
Implement firewalls: Limit the targets that are allowed to communicate with each modality. With these firewalls in place, systems must conduct a security review process for any new target, potentially identifying ones that present risks.
Know the Network
Ultimately, Kern said, it is imperative that facilities know exactly what is on their network. With a solid level of familiarity, it will be easier to catch security threats.
“If you have a CT scanner that’s talking to an IP in Southeast Asia or Western Europe, and you don’t have clients in those locations, it’s worth investigating,” he advised. “Be curious – not only about what you have but what your systems are talking to, as well.”