Cybersecurity and Privacy Risk Assessment of Point-of-Care Systems in Healthcare: A Use Case Approach
Abstract
Point-of-care systems are generally used in healthcare to respond rapidly and prevent critical health conditions. Hence, POC systems often handle personal health information; and consequently, their cybersecurity and privacy requirements are of crucial importance. While, assessing these requirements is a significant task. In this work, we propose a use case approach to assess specifications of cybersecurity and privacy requirements of POC systems in a structured and self-contained form. Such an approach is appropriate since use cases are one of the most common means adopted by developers to derive requirements. As a result, we detail a use case approach in the framework of a real-based healthcare IT infrastructure that includes a health information system, integration engines, application servers, web services, medical devices, smartphone apps and medical modalities (all data simulated) together with the interaction with participants. Since our use case also sustains the analysis of cybersecurity and privacy risks in different threat scenarios, it also supports decision making and the analysis of compliance considerations.
Keywords
Cybersecurity; Healthcare; Sensitive medical data; Risk assessment
Bibliographic citation
Jofre M, Navarro-Llobet D, Agulló R, Puig J, Gonzalez-Granadillo G, Mora Zamorano J, Romeu R. Cybersecurity and Privacy Risk Assessment of Point-of-Care Systems in Healthcare: A Use Case Approach. Appl Sci. 2021 Jul 21;11(15):6699.
Audience
Professionals
Use this identifier for quote and/or link this document
https://hdl.handle.net/11351/6471This item appears in following collections
The following license files are associated with this item: