Benjamin Ransford,Daniel B. Kramer,Denis Foo Kune,Chen Yan,Wenyuan Xu,Thomas Crawford,Kevin Fu

DOI: https://doi.org/10.1111/pace.13102

2017-01-01

PACE - Pacing and Clinical Electrophysiology

Abstract:Medical devices increasingly depend on software. While this expands the ability of devices to perform key therapeutic and diagnostic functions, reliance on software inevitably causes exposure to hazards of security vulnerabilities. This article uses a recent high-profile case example to outline a proactive approach to security awareness that incorporates a scientific, risk-based analysis of security concerns that supports ongoing discussions with patients about their medical devices.

Tuomas Granlund,Vlad Stirbu,Tommi Mikkonen,Juha Vedenpaa

DOI: https://doi.org/10.1109/seh52539.2021.00011

2021-06-01

Abstract:The medical device products at the European Union market must be safe and effective. To ensure this, medical device manufacturers must comply to the new regulatory requirements brought by the Medical Device Regulation (MDR) and the In Vitro Diagnostic Medical Device Regulation (IVDR). In general, the new regulations increase regulatory requirements and oversight, especially for medical software, and this is also true for requirements related to cybersecurity, which are now explicitly addressed in the legislation. The significant legislation changes currently underway, combined with increased cybersecurity requirements, create unique challenges for manufacturers to comply with the regulatory framework. In this paper, we review the new cybersecurity requirements in the light of currently available guidance documents, and pinpoint four core concepts around which cybersecurity compliance can be built. We argue that these core concepts form a foundations for cybersecurity compliance in the European Union regulatory framework.

Zhiqiang Wang,Pingchuan Ma,Xiaoxiang Zou,Jianyi Zhang,Tao Yang

DOI: https://doi.org/10.1109/infocomwkshps50562.2020.9162769

2020-07-01

Abstract:Recent years have witnessed a boom of connected medical devices, which brings security issues in the meantime. Medical imaging devices, an essential part of medical cyber-physical systems, play a vital role in modern hospitals and are often life-critical. However, security and privacy issues in these medical cyber-physical systems are sometimes ignored. We perform an empirical study on imaging devices to analyse the security of medical cyber-physical systems. To be precise, we design a threat model and propose prospective attack techniques for medical imaging devices. To tackle potential cyber threats, we introduce protection mechanisms, evaluate the effectiveness and efficiency of protection mechanisms as well as its interplay with attack techniques. To scoring security, we design a hierarchical system that provides actionable suggestions for imaging devices in different scenarios. We investigate 15 devices from 9 manufacturers to demonstrate empirical comprehension and real-world security issues.

Tushar Khinvasara,Stephanie Ness,Nikolaos Tzenios

DOI: https://doi.org/10.9734/jerr/2023/v25i8965

2023-09-07

Journal of Engineering Research and Reports

Abstract:In spite of the fact that risk management has developed into an essential component of the process of developing medical devices, as mandated by both domestic and international regulations and standards, there is still no all-encompassing model that describes how risk management in the development of medical devices ought to be approached, particularly in terms of the types of risks that ought to be addressed. This is due to the fact that risk management has developed into an essential component of the process, which is mandated by both domestic and international regulations and standards. The present focus of risk management in the industry of developing medical devices is on technical risks, such as product, usability, and development process hazards. This is done in compliance with the norms and laws of standards. On the other hand, non-technical risks, such as those associated with businesses and projects, are not given nearly enough consideration. This review focuses on the risk management in medical device industry.

English Else

Cartwright, Anthony James

DOI: https://doi.org/10.1007/s10877-023-01013-5

IF: 1.977

2023-04-24

Journal of Clinical Monitoring and Computing

Abstract:Cybersecurity has seen an increasing frequency and impact of cyberattacks and exposure of Protected Health Information (PHI). The uptake of an Electronic Medical Record (EMR), the exponential adoption of Internet of Things (IoT) devices, and the impact of the COVID-19 pandemic has increased the threat surface presented for cyberattack by the healthcare sector. Within healthcare generally and, more specifically, within anaesthesia and Intensive Care, there has been an explosion in wired and wireless devices used daily in the care of almost every patient—the Internet of Medical Things (IoMT); ventilators, anaesthetic machines, infusion pumps, pacing devices, organ support and a plethora of monitoring modalities. All of these devices, once connected to a hospital network, present another opportunity for a malevolent party to access the hospital systems, either to gain PHI for financial, political or other gain or to attack the systems directly to cause erroneous monitoring, altered settings of any device and even to access the EMR via this IoMT window. This exponential increase in the IoMT and the increasing wireless connectivity of anaesthesia and ICU devices as well as implantable devices presents a real and present danger to patient safety. There has, at the same time, been a chronic underfunding of cybersecurity in healthcare. This lack of cybersecurity investment has left the sector exposed, and with the monetisation of PHI, the introduction of technically unsecure IoT devices for monitoring and direct patient care, the healthcare sector is presenting itself for further devastating cyberattacks or breaches of PHI. Coupled with the immense strain that the COVID-19 pandemic has placed on healthcare and the changes in working patterns of many caregivers, this has further amplified the exposure of the sector to cyberattacks.

anesthesiology

Donovan Guttieres,Shannon Stewart,Jacqueline Wolfrum,Stacy L Springs

DOI: https://doi.org/10.3389/fbioe.2019.00210

2019-09-04

Abstract:Cybersecurity for the production of safe and effective biopharmaceuticals requires the attention of multiple stakeholders, including industry, governments, and healthcare providers. Cyberbiosecurity breaches could directly impact patients, from compromised data privacy to disruptions in production that jeopardize global pandemic response. Maintaining cybersecurity in the modern economy, where advanced manufacturing technologies and digital strategies are becoming the norm, is a significant challenge. Here, we highlight vulnerabilities in present and future biomanufacturing paradigms given the dependence of this industry sector on proprietary intellectual property, cyber-physical systems, and government-regulated production environments, as well as movement toward advanced manufacturing models. Specifically, we (1) present an analysis of digital information flow in a typical biopharmaceutical manufacturing value chain; (2) consider the potential cyberbiosecurity risks that might emerge from advanced manufacturing models such as continuous and distributed systems; and (3) provide recommendations for risk mitigation. While advanced manufacturing models hold the potential for reducing costs and increasing access to more personalized therapies, the evolving landscape of the biopharmaceutical enterprise has led to growing concerns over potential cyber attacks. Gaining better foresight on potential risks is key for implementing proactive defensive principles, framing new developments, and establishing a permanent security culture that adapts to new challenges while maintaining the transparency required for regulated production of safe and effective medicines.

George W. Jackson Jr.,Shawon Rahman

DOI: https://doi.org/10.48550/arXiv.1908.00666

2019-08-02

Abstract:As device interconnectivity and ubiquitous computing continues to proliferate healthcare, the Medical Internet of Things (MIoT), also well known as the, Internet of Medical Things (IoMT) or the Internet of Healthcare Things (IoHT), is certain to play a major role in the health, and well-being of billions of people across the globe. When it comes to issues of cybersecurity risks and threats connected to the IoT in all of its various flavors the emphasis has been on technical challenges and technical solution. However, especially in the area of healthcare there is another substantial and potentially grave challenge. It is the challenge of thoroughly and accurately communicating the nature and extent of cybersecurity risks and threats to patients who are reliant upon these interconnected healthcare technologies to improve and even preserve their lives. This case study was conducted to assess the scope and depth of cybersecurity risk and threat communications delivered to an extremely vulnerable patient population, semi-structured interviews were held with cardiac medical device specialists across the United States. This research contributes scientific data in the field of healthcare cybersecurity and assists scholars and practitioners in advancing education and research in the field of MIoT patient communications.

Computers and Society,Cryptography and Security

Tom Mahler,Yuval Elovici,Yuval Shahar

DOI: https://doi.org/10.48550/arXiv.2002.06938

2020-02-17

Abstract:As technology advances towards more connected and digital environments, medical devices are becoming increasingly connected to hospital networks and to the Internet, which exposes them, and thus the patients using them, to new cybersecurity threats. Currently, there is a lack of a methodology dedicated to information security risk assessment for medical devices. In this study, we present the Threat identification, ontology-based Likelihood, severity Decomposition, and Risk integration (TLDR) methodology for information security risk assessment for medical devices. The TLDR methodology uses the following steps: (1) identifying the potentially vulnerable components of medical devices, in this case, four different medical imaging devices (MIDs); (2) identifying the potential attacks, in this case, 23 potential attacks on MIDs; (3) mapping the discovered attacks into a known attack ontology - in this case, the Common Attack Pattern Enumeration and Classifications (CAPECs); (4) estimating the likelihood of the mapped CAPECs in the medical domain with the assistance of a panel of senior healthcare Information Security Experts (ISEs); (5) computing the CAPEC-based likelihood estimates of each attack; (6) decomposing each attack into several severity aspects and assigning them weights; (7) assessing the magnitude of the impact of each of the severity aspects for each attack with the assistance of a panel of senior Medical Experts (MEs); (8) computing the composite severity assessments for each attack; and finally, (9) integrating the likelihood and severity of each attack into its risk, and thus prioritizing it. The details of steps six to eight are beyond the scope of the current study; in the current study, we had replaced them by a single step that included asking the panel of MEs [in this case, radiologists], to assess the overall severity for each attack and use it as its severity...

Cryptography and Security,Computers and Society

Emmanuel Kwarteng,Mumin Cebe

DOI: https://doi.org/10.1016/j.smhl.2022.100295

2022-09-01

Smart Health

Abstract:Implantable Medical Devices (IMD) is a fast pace growing medical field and continues to grow in the foreseeable future. Advancement in science and technology has led to the IMD devices offering advanced medical treatments. Modern IMDs can automatically monitor and manage different patients’ health conditions without any manual intervention from medical professionals. While IMDs are also becoming more connected to enhance the delivery of care remotely and provide the means for both patients and physicians to adjust therapy at the comfort of their homes, it also increases security-related concerns. Adversaries could take advantage and exploit device vulnerabilities to manipulate device settings remotely from any-where around the world. This manuscript reviews the current threats, security goals, and proposed solutions by comparing them with their strengths and limitations. We also highlight the emerging IMD technologies and innovative ideas for new designs and implementations to improve the security of IMDs. Finally, we conclude the article with future research directions toward securing IMD systems to light the way for researchers.

English Else

Mariam Elgabry

DOI: https://doi.org/10.1186/s40163-023-00181-8

2023-02-19

Crime Science

Abstract:The introduction of the internet and the proliferation of internet-connected devices (IoT) enabled knowledge sharing, connectivity and global communications. At the same time, these technologies generated a crime harvest as security was overlooked. The Internet-of-Medical-Things (IoMT) generates biological information and is transforming healthcare through the introduction of internet-connected medical-grade devices that are integrated with wider-scale health networks to improve patients' health. Many innovative ideas arise from academia; however, there is a lack of support in medical device regulation. The implementation of the current regulatory framework is limited to security risk assessment and guidance. Unfortunately, premarket risk-management requirements of current regulation do not include crime risks and a more predictive approach could help fill this gap. Crime science, or the perspective of crime as an event that can be influenced directly by its immediate environment, may encourage the biotechnology industry to design-in security and crime out. In this article, I provide a point of view of an early career researcher and medical device developer navigating the medical device regulatory pathway for the first time. I narrow the focus of this article to an assessment that is specific to current UK provisions and acknowledge the limited scope. In response to the ongoing changes in the current regulatory framework of the UK, I propose a new secure by design mechanism that can be employed by early career developers earlier in the development process of a product. Such a model can be used to systematically consider security design in devices and to understand and address potential crime risks ahead of their widespread use.

Christopher Scherb,Adrian Hadayah,Luc Bryan Heitz

2023-10-05

Abstract:Connected Medical Devices (CMDs) have a large impact on patients as they allow them to lead a more normal life. Any malfunction could not only remove the health benefits the CMDs provide, they could also cause further harm to the patient. Due to this, there are many safety regulations which must be adhered to prior to a CMD entering the market. However, while many detailed safety regulations exist, there are a fundamental lack of cybersecurity frameworks applicable to CMDs. While there are recent regulations which aim to enforce cybersecurity practices, they are vague and do not contain the concrete steps necessary to implement cybersecurity. This paper aims to fill that gap by describing a framework, CyMed, to be used by vendors and ens-users, which contains concrete measures to improve the resilience of CMDs against cyber attack. The CyMed framework is subsequently evaluated based on practical tests as well as expert interviews.

Cryptography and Security,Computers and Society

Daniel B Kramer,Matthew Baker,Benjamin Ransford,Andres Molina-Markham,Quinn Stewart,Kevin Fu,Matthew R Reynolds

DOI: https://doi.org/10.1371/journal.pone.0040200

IF: 3.7

PLoS ONE

Abstract:Background: Medical devices increasingly depend on computing functions such as wireless communication and Internet connectivity for software-based control of therapies and network-based transmission of patients' stored medical information. These computing capabilities introduce security and privacy risks, yet little is known about the prevalence of such risks within the clinical setting. Methods: We used three comprehensive, publicly available databases maintained by the Food and Drug Administration (FDA) to evaluate recalls and adverse events related to security and privacy risks of medical devices. Results: Review of weekly enforcement reports identified 1,845 recalls; 605 (32.8%) of these included computers, 35 (1.9%) stored patient data, and 31 (1.7%) were capable of wireless communication. Searches of databases specific to recalls and adverse events identified only one event with a specific connection to security or privacy. Software-related recalls were relatively common, and most (81.8%) mentioned the possibility of upgrades, though only half of these provided specific instructions for the update mechanism. Conclusions: Our review of recalls and adverse events from federal government databases reveals sharp inconsistencies with databases at individual providers with respect to security and privacy risks. Recalls related to software may increase security risks because of unprotected update and correction mechanisms. To detect signals of security and privacy problems that adversely affect public health, federal postmarket surveillance strategies should rethink how to effectively and efficiently collect data on security and privacy problems in devices that increasingly depend on computing systems susceptible to malware.

Aeshah Alhammad,Maryati Mohd. Yusof,Dian Indrayani Jambari

DOI: https://doi.org/10.1111/jep.14140

2024-09-21

Journal of Evaluation in Clinical Practice

Abstract:Rationale, Aims, and Objectives Medical device‐integrated electronic medical records (MDI‐EMR) pose significant challenges in ensuring effective usage, data security and patient safety. The complexities of MDI‐EMR necessitate applying various security mechanisms to safeguard against cyber threats. Therefore, we evaluated cyber threats to MDI‐EMR and the effectiveness of applied security controls using a proposed framework from sociotechnical and risk assessment perspectives. Method We conducted a qualitative case study evaluation in a general hospital in Saudi Arabia using interviews, observation, and document analysis from the perspectives of major MDI‐EMR stakeholders, including healthcare providers, IT professionals and cybersecurity specialists. Results The results showed the interplay among physical, technical and administrative security controls that maintained a secure posture of MDI‐EMR. The effectiveness of security controls is highly influenced by the staff's cybersecurity awareness and training. The perceived effectiveness of security controls varied among users, with some expressing satisfaction with the ease of use and reliability, while others highlighting challenges such as password complexity and access procedures. Understanding these diverse perspectives is crucial for tailoring security measures to meet the needs of different stakeholders effectively. Conclusion Collaboration among the key stakeholders is crucial for implementing security controls for MDI‐EMR. Balancing security measures with usability concerns is essential, as highlighted by challenges in implementing technical controls. A comprehensive approach encompassing physical, technical and administrative controls, continuous education and awareness initiatives are significant to empower staff in recognising and mitigating cyber threats effectively to safeguard medical data and ensure the integrity of healthcare systems.

medicine, general & internal,health care sciences & services,medical informatics

Andreas Puder,Jacqueline Henle,Eric Sax

DOI: https://doi.org/10.3390/healthcare11060872

2023-03-17

Health Care

Abstract:Prevailing trends in the automotive and medical device industry, such as life cycle overarching configurability, connectivity, and automation, require an adaption of development processes, especially regarding the security and safety thereof. The changing requirements imply that interfaces are more exposed to the outside world, making them more vulnerable to cyberattacks or data leaks. Consequently, not only do development processes need to be revised but also cybersecurity countermeasures and a focus on safety, as well as privacy, have become vital. While vehicles are especially exposed to cybersecurity and safety risks, the medical devices industry faces similar issues. In the automotive industry, proposals and draft regulations exist for security-related risk assessment processes. The medical device industry, which has less experience in these topics and is more heterogeneous, may benefit from drawing inspiration from these efforts. We examined and compared current standards, processes, and methods in both the automotive and medical industries. Based on the requirements regarding safety and security for risk analysis in the medical device industry, we propose the adoption of methods already established in the automotive industry. Furthermore, we present an example based on an interoperable Operating Room table (OR table).

health care sciences & services,health policy & services

Abasi-amefon Obot Affia,Hilary Finch,Woosub Jung,Issah Abubakari Samori,Lucas Potter,Xavier-Lewis Palmer

DOI: https://doi.org/10.3390/iot4020009

2023-05-25

IoT

Abstract:The concept of the Internet of Things (IoT) spans decades, and the same can be said for its inclusion in healthcare. The IoT is an attractive target in medicine; it offers considerable potential in expanding care. However, the application of the IoT in healthcare is fraught with an array of challenges, and also, through it, numerous vulnerabilities that translate to wider attack surfaces and deeper degrees of damage possible to both consumers and their confidence within health systems, as a result of patient-specific data being available to access. Further, when IoT health devices (IoTHDs) are developed, a diverse range of attacks are possible. To understand the risks in this new landscape, it is important to understand the architecture of IoTHDs, operations, and the social dynamics that may govern their interactions. This paper aims to document and create a map regarding IoTHDs, lay the groundwork for better understanding security risks in emerging IoTHD modalities through a multi-layer approach, and suggest means for improved governance and interaction. We also discuss technological innovations expected to set the stage for novel exploits leading into the middle and latter parts of the 21st century.

Omar Kheir,Alexis Jacoby,Stijn Verwulgen

DOI: https://doi.org/10.2147/MDER.S375977

2022-09-20

Medical Devices: Evidence and Research

Abstract:Omar Kheir, Alexis Jacoby, Stijn Verwulgen Product Development, University of Antwerp, Antwerp, Belgium Correspondence: Omar Kheir, Email Introduction: Whilst risk management has become fundamental in the development of medical devices, enforced by regulations and international standards, there is still no comprehensive model that explains how risk management in medical devices' development should be tackled, especially with regard to the type of risks that should be addressed. Risk management in the medical devices' development field is currently focused on technical risks, comprising product, usability, and development process risks, in alignment with standards' requirements and regulations, without giving enough attention to non-technical risks, which include business and project risks. Start-ups within this heavily regulated domain have a key role in the innovation process, yet they suffer a structural lack of tangible, such as financial capacity, and intangible resources such as development, risk management, and regulations' compliance. Nonetheless, they can still optimize their risk identification coverage beyond the enforced requirements to increase their products' chances of success. Methods: A set of qualitative interviews, serving the adopted grounded theory building research method, with seven start-ups who are involved in the development, commercialization, and quality control of medical devices was accomplished. The purpose was to determine the applied risk management practices and most importantly identify the risk types covered by them. Since every start-up is a project by itself, a sample of project risks, as identified by the project management institute, was utilized to scope the risk coverage and flag missing non-technical risks by the participating start-ups. Results: Un-identified risk types, lack of involvement of the right teams, and other related loopholes were presented. Discussion: A list of requirements was developed and sketched in a user-friendly risk management framework, which is believed to be crucial in helping start-ups attain successful, safe, and regulatory compliant medical devices production, is shared in the discussion and proposed framework section of this paper. Keywords: medical devices, product development, process, risk management, risk identification, risk types, risk framework, start-ups Risk management (RM) has been recently confirmed as a new success factor in the medical devices development (MDD) industry with a growing importance that previous studies on MDD success factors did not emphasize on. 1 The trending digitization of medical devices imposes a new horizon of risks that may have not been thoroughly considered before. Security risks resulting from intentional threats have only recently been confirmed, as medical devices increasingly use newer information and communication technologies (ICT) such as wireless communication and Internet access. 2 Such associated risks necessitate a more thorough RM framework that would ensure wider risk coverage because if they remain unknown, without suitable countermeasures, further data breaches and even malicious attacks may occur threatening the lives of patients, jeopardizing their information in terms of confidentiality, integrity, and availability, and not to mention hindering the success of MDD projects. MDD firms are frequently recalling devices from the market due to product quality failure, impacting almost all the key participants of the medical device supply chain. 3 According to Thirumalai and Sinha, 3 the core reasons behind these failures can be related to manufacturing defects, functional defects, packaging errors, and software glitches, which poses a potential health risk to the patients and personnel using these devices. A recent study by Kamisetti 29 investigates 21 medical devices that were recalled in the United States due to sensible risk which may lead to serious health problems or even death. Therefore, for MDD firms to overcome such potential failures and maximize their projects' success, it is crucial to pinpoint the factors that systematically increase the likelihood of the triggering risks at the early development stages. Therefore, considering the significant impact MDD can reflect on human lives as well as the struggle of MDD start-ups in specific, the scope of RM in MDD among start-ups shall be thoroughly investigated to enhance risk detection and timely mitigation. This paper will tackle this investigation in effort to extend an RM framework that would cater for the gaps that this study will reveal. Start-ups in the domain of MDD seek compliance to regulations, such as the European Union's MDD directives and regulations as well as the FDA requirements i -Abstract Truncated-

Josephine Lamp,Carlos E. Rubio-Medrano,Ziming Zhao,Gail-Joon Ahn

DOI: https://doi.org/10.1145/3278576.3278602

2018-01-01

Abstract:The proliferation of networked medical devices has resulted in the development of innovative Medical Cyber-Physical Systems (MCPS) that promise more coordinated and high quality of care for patients. Unsurprisingly, the cybersecurity of MCPS is of high concern, as they are life-critical systems that, if compromised, may result in dire consequences to the patient. A variety of security requirements have been developed over the past 10 years as a result of governmental acts such as HITECH in order to better secure and protect healthcare environments. However, it is unclear how applicable these requirements may be to MCPS infrastructures. As a result, this case study analyzes current healthcare security requirements and their applicability to MCPS using an approach that leverages ontological representations and automated requirement traversal techniques. Using such a methodology, we find that 70% of applicable requirements/risks for MCPS components are missing from the security documentation, including serious items such as Authentication, Data Encryption, DoS attacks, and Legacy Vulnerabilities. We also validate our results within real-world instances and find that almost half of the relevant requirements are not implemented within existing MCPS architectures.

Olivia McDermott,Ida Foley,Jiju Antony,Michael Sony,Mary Butler

DOI: https://doi.org/10.3390/su142114650

IF: 3.9

2022-11-08

Sustainability

Abstract:The fourth industrial revolution, also referred to as Industry 4.0, has resulted in many changes within the MedTech Industry. The MedTech industry is changing from interconnected manufacturing systems using cyber-physical systems to digital health technologies. The purpose of the study is to establish how Industry 4.0 can understand the impact Industry 4.0 is having on product lifecycle regulatory compliance and determine the effect Industry 4.0 is having on product lifecycle regulatory compliance. A qualitative research approach was utilised to gather data from the MedTech industry by conducting interviews with Medtech industry leaders. This research demonstrates that Industry 4.0 is easing product lifecycle regulatory compliance and that the impact is more positive than negative. Industry 4.0 offers many benefits to the MedTech Industry. This research will support organisations in demonstrating how digital technologies can positively impact product lifecycle regulatory compliance and support the industry in building a business case for future implementation of Industry 4.0 technologies.

environmental sciences,environmental studies,green & sustainable science & technology

Riham Altawy,Amr M. Youssef

DOI: https://doi.org/10.1109/access.2016.2521727

IF: 3.9

2016-01-01

IEEE Access

Abstract:The new culture of networked systems that offer everywhere accessible services has given rise to various types of security tradeoffs. In fact, with the evolution of physical systems that keep getting integrated with cyber frameworks, cyber threats have far more critical effects as they get reflected on the physical environment. As a result, the issue of security of cyber physical systems requires a special holistic treatment. In this paper, we study the tradeoff between security, safety, and availability in such systems and demonstrate these concepts on implantable medical devices as a case study. We discuss the challenges and constraints associated with securing such systems and focus on the tradeoff between security measures required for blocking unauthorized access to the device and the safety of the patient in emergency situations where such measures must be dropped to allow access. We analyze the up to date proposed solutions and discuss their strengths and limitations.

computer science, information systems,telecommunications,engineering, electrical & electronic

Bhakti Patel,Amgad N. Makaryus

DOI: https://doi.org/10.1080/14737167.2024.2361076

2024-05-31

Expert Review of Pharmacoeconomics & Outcomes Research

Abstract:Introduction As digital health expands, reliance on digital endpoints is rapidly increasing to improve diagnostic accuracy and management in the healthcare field. Digital endpoints are beneficial to monitor how patient's clinical information is processed outside of a clinical setting.

pharmacology & pharmacy,health care sciences & services,health policy & services