TH‐A‐12A‐01: Medical Physicist's Role in Digital Information Security: Threats, Vulnerabilities and Best Practices

I. Information Security Background (Speaker = Kevin McDonald) 1. Evolution of Medical Devices 2. Living and Working in a Hostile Environment 3. Attack Motivations 4. Attack Vectors 5. Simple Safety Strategies 6. Medical Device Security in the News 7. Medical Devices and Vendors 8. SummaryII. Keeping Radiation Oncology IT Systems Secure (Speaker = Bruce Curran) 1. Hardware Security a. Double‐lock Requirements b. “Foreign” computer systems c. Portable Device Encryption d. Patient Data Storage e. System Requirements2. Network Configuration a. Isolating Critical Devices b. Isolating Clinical Networks c. Remote Access Considerations3. Software Applications / Configuration a. Passwords / Screen Savers b. Restricted Services / access c. Software Configuration Restriction d. Use of DNS to restrict accesse. Patches / Upgrades4. Awareness a. Intrusion Prevention b. Intrusion Detection c. Threat Risk Analysis5. ConclusionLearning Objectives: 1. Understanding how Hospital IT Requirements affect Radiation Oncology IT Systems. 2. Illustrating sample practices for hardware, network, and software security. 3. Discussing implementation of good IT security practices in radiation oncology. 4. Understand overall risk and threats scenario in a networked environment.