Coucke P A
Service de Radiothérapie, CHU Liège, Belgique.
Rev Med Liege. 2020 Feb;75(2):125-129.
Cybersecurity is a real threat in almost all human activity domains. The health sector is a particular vulnerable target for cybercriminals. The first reason is obviously the financial incentive: the value of the content of a personal electronic health record, sold on the darknet, easily exceeds 1000 US dollars. The second reason is the aging Information Technology (IT) infrastructure we are dealing with, both in the hospital sector as well as in the vast majority of private medical practices. There is also an astonishing lack of environmental consciousness and an absence of a real safety culture in the medical profession. Very often there is neither an institutional basic training, nor a continuous and mandatory education in institutional cybersecurity. There is no single magic bullet to solve the problem, but various mechanisms can be put in place to mitigate the risks and limit the hazards as much as possible.
网络安全在几乎所有人类活动领域都是一个现实威胁。医疗行业是网络犯罪分子特别容易攻击的目标。首要原因显然是经济诱因:在暗网上出售的个人电子健康记录内容价值轻易超过1000美元。第二个原因是我们正在应对的信息技术(IT)基础设施老化,无论是在医院部门还是绝大多数私人医疗诊所。医疗行业还惊人地缺乏环境意识,也没有真正的安全文化。很多时候,既没有机构层面的基础培训,也没有针对机构网络安全的持续且强制性教育。没有单一的神奇解决方案来解决这个问题,但可以采取各种机制来降低风险并尽可能限制危害。
