A Risk Assessment Framework Proposal Based on Bow-Tie Analysis for Medical Image Diagnosis Sharing within Telemedicine
The purpose of this paper is to propose a framework for cybersecurity risk management in telemedicine. The framework, which uses a bow-tie approach for medical image diagnosis sharing, allows the identification, analysis, and assessment of risks, considering the ISO/TS 13131:2014 recommendations. Th...
Saved in:
Published in | Sensors (Basel, Switzerland) Vol. 21; no. 7; p. 2426 |
---|---|
Main Authors | , , , , , |
Format | Journal Article |
Language | English |
Published |
Switzerland
MDPI AG
01.04.2021
MDPI |
Subjects | |
Online Access | Get full text |
Cover
Loading…
Summary: | The purpose of this paper is to propose a framework for cybersecurity risk management in telemedicine. The framework, which uses a bow-tie approach for medical image diagnosis sharing, allows the identification, analysis, and assessment of risks, considering the ISO/TS 13131:2014 recommendations. The bow-tie method combines fault tree analysis (FTA) and event tree analysis (ETA). The literature review supported the identification of the main causes and forms of control associated with cybersecurity risks in telemedicine. The main finding of this paper is that it is possible, through a structured model, to manage risks and avoid losses for everyone involved in the process of exchanging medical image information through telemedicine services. Through the framework, those responsible for the telemedicine services can identify potential risks in cybersecurity and act preventively, recognizing the causes even as, in a mitigating way, identifying viable controls and prioritizing investments. Despite the existence of many studies on cybersecurity, the paper provides theoretical contributions to studies on cybersecurity risks and features a new methodological approach, which incorporates both causes and consequences of the incident scenario. |
---|---|
Bibliography: | ObjectType-Article-1 SourceType-Scholarly Journals-1 ObjectType-Feature-2 content type line 23 |
ISSN: | 1424-8220 1424-8220 |
DOI: | 10.3390/s21072426 |