A Risk Assessment Framework Proposal Based on Bow-Tie Analysis for Medical Image Diagnosis Sharing within Telemedicine

The purpose of this paper is to propose a framework for cybersecurity risk management in telemedicine. The framework, which uses a bow-tie approach for medical image diagnosis sharing, allows the identification, analysis, and assessment of risks, considering the ISO/TS 13131:2014 recommendations. Th...

Descripción completa

Detalles Bibliográficos
Autores principales: Poleto, Thiago, Silva, Maisa Mendonça, Clemente, Thárcylla Rebecca Negreiros, de Gusmão, Ana Paula Henriques, Araújo, Ana Paula de Barros, Costa, Ana Paula Cabral Seixas
Formato: Online Artículo Texto
Lenguaje:English
Publicado: MDPI 2021
Materias:
Article
Acceso en línea:https://www.ncbi.nlm.nih.gov/pmc/articles/PMC8037815/
https://www.ncbi.nlm.nih.gov/pubmed/33915932
http://dx.doi.org/10.3390/s21072426
_version_ 1783677231683338240
author Poleto, Thiago
Silva, Maisa Mendonça
Clemente, Thárcylla Rebecca Negreiros
de Gusmão, Ana Paula Henriques
Araújo, Ana Paula de Barros
Costa, Ana Paula Cabral Seixas
author_facet Poleto, Thiago
Silva, Maisa Mendonça
Clemente, Thárcylla Rebecca Negreiros
de Gusmão, Ana Paula Henriques
Araújo, Ana Paula de Barros
Costa, Ana Paula Cabral Seixas
author_sort Poleto, Thiago
collection PubMed
description The purpose of this paper is to propose a framework for cybersecurity risk management in telemedicine. The framework, which uses a bow-tie approach for medical image diagnosis sharing, allows the identification, analysis, and assessment of risks, considering the ISO/TS 13131:2014 recommendations. The bow-tie method combines fault tree analysis (FTA) and event tree analysis (ETA). The literature review supported the identification of the main causes and forms of control associated with cybersecurity risks in telemedicine. The main finding of this paper is that it is possible, through a structured model, to manage risks and avoid losses for everyone involved in the process of exchanging medical image information through telemedicine services. Through the framework, those responsible for the telemedicine services can identify potential risks in cybersecurity and act preventively, recognizing the causes even as, in a mitigating way, identifying viable controls and prioritizing investments. Despite the existence of many studies on cybersecurity, the paper provides theoretical contributions to studies on cybersecurity risks and features a new methodological approach, which incorporates both causes and consequences of the incident scenario.
format Online
Article
Text
id pubmed-8037815
institution National Center for Biotechnology Information
language English
publishDate 2021
publisher MDPI
record_format MEDLINE/PubMed
spelling pubmed-80378152021-04-12 A Risk Assessment Framework Proposal Based on Bow-Tie Analysis for Medical Image Diagnosis Sharing within Telemedicine Poleto, Thiago Silva, Maisa Mendonça Clemente, Thárcylla Rebecca Negreiros de Gusmão, Ana Paula Henriques Araújo, Ana Paula de Barros Costa, Ana Paula Cabral Seixas Sensors (Basel) Article The purpose of this paper is to propose a framework for cybersecurity risk management in telemedicine. The framework, which uses a bow-tie approach for medical image diagnosis sharing, allows the identification, analysis, and assessment of risks, considering the ISO/TS 13131:2014 recommendations. The bow-tie method combines fault tree analysis (FTA) and event tree analysis (ETA). The literature review supported the identification of the main causes and forms of control associated with cybersecurity risks in telemedicine. The main finding of this paper is that it is possible, through a structured model, to manage risks and avoid losses for everyone involved in the process of exchanging medical image information through telemedicine services. Through the framework, those responsible for the telemedicine services can identify potential risks in cybersecurity and act preventively, recognizing the causes even as, in a mitigating way, identifying viable controls and prioritizing investments. Despite the existence of many studies on cybersecurity, the paper provides theoretical contributions to studies on cybersecurity risks and features a new methodological approach, which incorporates both causes and consequences of the incident scenario. MDPI 2021-04-01 /pmc/articles/PMC8037815/ /pubmed/33915932 http://dx.doi.org/10.3390/s21072426 Text en © 2021 by the authors. https://creativecommons.org/licenses/by/4.0/Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (http://creativecommons.org/licenses/by/4.0/ (https://creativecommons.org/licenses/by/4.0/) ).
spellingShingle Article
Poleto, Thiago
Silva, Maisa Mendonça
Clemente, Thárcylla Rebecca Negreiros
de Gusmão, Ana Paula Henriques
Araújo, Ana Paula de Barros
Costa, Ana Paula Cabral Seixas
A Risk Assessment Framework Proposal Based on Bow-Tie Analysis for Medical Image Diagnosis Sharing within Telemedicine
title A Risk Assessment Framework Proposal Based on Bow-Tie Analysis for Medical Image Diagnosis Sharing within Telemedicine
title_full A Risk Assessment Framework Proposal Based on Bow-Tie Analysis for Medical Image Diagnosis Sharing within Telemedicine
title_fullStr A Risk Assessment Framework Proposal Based on Bow-Tie Analysis for Medical Image Diagnosis Sharing within Telemedicine
title_full_unstemmed A Risk Assessment Framework Proposal Based on Bow-Tie Analysis for Medical Image Diagnosis Sharing within Telemedicine
title_short A Risk Assessment Framework Proposal Based on Bow-Tie Analysis for Medical Image Diagnosis Sharing within Telemedicine
title_sort risk assessment framework proposal based on bow-tie analysis for medical image diagnosis sharing within telemedicine
topic Article
url https://www.ncbi.nlm.nih.gov/pmc/articles/PMC8037815/
https://www.ncbi.nlm.nih.gov/pubmed/33915932
http://dx.doi.org/10.3390/s21072426
work_keys_str_mv AT poletothiago ariskassessmentframeworkproposalbasedonbowtieanalysisformedicalimagediagnosissharingwithintelemedicine
AT silvamaisamendonca ariskassessmentframeworkproposalbasedonbowtieanalysisformedicalimagediagnosissharingwithintelemedicine
AT clementetharcyllarebeccanegreiros ariskassessmentframeworkproposalbasedonbowtieanalysisformedicalimagediagnosissharingwithintelemedicine
AT degusmaoanapaulahenriques ariskassessmentframeworkproposalbasedonbowtieanalysisformedicalimagediagnosissharingwithintelemedicine
AT araujoanapauladebarros ariskassessmentframeworkproposalbasedonbowtieanalysisformedicalimagediagnosissharingwithintelemedicine
AT costaanapaulacabralseixas ariskassessmentframeworkproposalbasedonbowtieanalysisformedicalimagediagnosissharingwithintelemedicine
AT poletothiago riskassessmentframeworkproposalbasedonbowtieanalysisformedicalimagediagnosissharingwithintelemedicine
AT silvamaisamendonca riskassessmentframeworkproposalbasedonbowtieanalysisformedicalimagediagnosissharingwithintelemedicine
AT clementetharcyllarebeccanegreiros riskassessmentframeworkproposalbasedonbowtieanalysisformedicalimagediagnosissharingwithintelemedicine
AT degusmaoanapaulahenriques riskassessmentframeworkproposalbasedonbowtieanalysisformedicalimagediagnosissharingwithintelemedicine
AT araujoanapauladebarros riskassessmentframeworkproposalbasedonbowtieanalysisformedicalimagediagnosissharingwithintelemedicine
AT costaanapaulacabralseixas riskassessmentframeworkproposalbasedonbowtieanalysisformedicalimagediagnosissharingwithintelemedicine

Ejemplares similares