Vedran Manestar,Anita O'Donovan,Sarah Barrett

DOI: https://doi.org/10.55378/rv.48.1.3

2024-05-17

Abstract:Background: Radiotherapy is a medical procedure with potential high risk to harm patients. In order to reduce that risk and create a workflow safe for patients, prospective analysis tools are used. Failure modes and effect analysis (FMEA) is one such tool, used to evaluate potential risks. As FMEA originated from industry, there is a constant effort to adjust FMEA methodology for use in radiotherapy. This has caused a variety of approaches and inhomogeneous practices. Purpose: To investigate the current practice of FMEA in external beam radiotherapy and to propose a more standardised approach. Materials and Methods: The search was performed in PubMed, Ovid and Embase databases, resulting in 312 articles retrieved. Using PRISMA methodology the number of unique articles meeting inclusion and exclusion criteria was reduced to a total of 35, containing 38 analyses. The data on FMEA methodology implemented, scope of analysis, expert team composition, number of failure modes (FM) detected, relative priority number (RPN) threshold, number of FM exceeding the threshold, minimum, maximum and mean RPN, RPN calculation method and risk mitigation strategies were selected as important properties of FMEA. Results: Data retrieved showed large variation in how FMEA is conducted. There is a considerable underreporting of minimum and mean RPN values. Large variations in RPN threshold value selection were also observed. Two different approaches to RPN calculation procedure were reported, and it is unclear what the best practice is. Expert teams were assembled according to the guidelines, but the optimal number of members is unclear. The vast majority of risk mitigation measures were applied directly, without the use of systematic tools. Conclusion: FMEA is a well-established and widely used tool for prospective risk assessment in radiotherapy. As a result of this analysis, recommendations for more standardized approaches were proposed. Possible additional research goals were proposed in order to provide evidence for best practice in some areas of FMEA.

Usman Tariq,Imdad Ullah,Mohammed Yousuf Uddin,Se Jin Kwon

DOI: https://doi.org/10.3390/s22218516

2022-11-04

Abstract:Remote healthcare systems and applications are being enabled via the Internet of Medical Things (IoMT), which is an automated system that facilitates the critical and emergency healthcare services in urban areas, in addition to, bridges the isolated rural communities for various healthcare services. Researchers and developers are, to date, considering the majority of the technological aspects and critical issues around the IoMT, e.g., security vulnerabilities and other cybercrimes. One of such major challenges IoMT has to face is widespread ransomware attacks; a malicious malware that encrypts the patients' critical data, restricts access to IoMT devices or entirely disable IoMT devices, or uses several combinations to compromise the overall system functionality, mainly for ransom. These ransomware attacks would have several devastating consequences, such as loss of life-threatening data and system functionality, ceasing emergency and life-saving services, wastage of several vital resources etc. This paper presents a ransomware analysis and identification architecture with the objective to detect and validate the ransomware attacks and to evaluate its accuracy using a comprehensive verification process. We first develop a comprehensive experimental environment, to simulate a real-time IoMT network, for experimenting various types of ransomware attacks. Following, we construct a comprehensive set of ransomware attacks and analyze their effects over an IoMT network devices. Furthermore, we develop an effective detection filter for detecting various ransomware attacks (e.g., static and dynamic attacks) and evaluate the degree of damages caused to the IoMT network devices. In addition, we develop a defense system to block the ransomware attacks and notify the backend control system. To evaluate the effectiveness of the proposed framework, we experimented our architecture with 194 various samples of malware and 46 variants, with a duration of sixty minutes for each sample, and thoroughly examined the network traffic data for malicious behaviors. The evaluation results show more than 95% of accuracy of detecting various ransomware attacks.

Amanda E. Swanson,Dominic J. DiCostanzo,Nilendu Gupta,Kathleen Hintenlang,Arnab Chakravarti,Ashley J. Cetnar

DOI: https://doi.org/10.1002/acm2.14261

2024-01-11

Journal of Applied Clinical Medical Physics

Abstract:Purpose To identify high‐priority risks in a clinical trial investigating the use of radiation to alleviate COVID‐19 pneumonia using a multi‐phase failure modes and effects analysis (FMEA). Methods A comprehensive FMEA survey of 133 possible causes of failure was developed for the clinical trial workflow (Phase I). The occurrence, severity, and detection risk of each possible cause of failure was scored by three medical physicists. High‐risk potential failure modes were identified using the risk priority number (RPN) and severity scores, which were re‐scored by 13 participants in radiation oncology (Phase II). Phase II survey scores were evaluated to identify steps requiring possible intervention and examine risk perception patterns. The Phase II participants provided consensus scores as a group. Results Thirty high‐priority failure modes were selected for the Phase II survey. Strong internal consistency was shown in both surveys using Cronbach's alpha (αc ≥ 0.85). The 10 failures with the largest median RPN values concerned SARS‐CoV‐2 transmission (N = 6), wrong treatment (N = 3), and patient injury (N = 1). The median RPN was larger for COVID‐related failures than other failure types, primarily due to the perceived difficulty of failure detection. Group re‐scoring retained 8/10 of the highest‐priority risk steps that were identified in the Phase II process, and discussion revealed interpretation differences of process steps and risk evaluation. Participants who were directly involved with the trial working group had stronger agreement on severity scores than those who were not. Conclusions The high ranking of failures concerning SARS‐CoV‐2 transmission suggest that these steps may require additional quality management intervention when treating critically ill COVID‐19+ patients. The results also suggest that a multi‐phase FMEA survey led by a facilitator may be a useful tool for assessing risks in radiation oncology procedures, supporting future efforts to adapt FMEA to clinical procedures.

radiology, nuclear medicine & medical imaging

Gavin Hull,Henna John,Budi Arief

DOI: https://doi.org/10.1186/s40163-019-0097-9

2019-02-12

Crime Science

Abstract:Ransomware incidents have increased dramatically in the past few years. The number of ransomware variants is also increasing, which means signature and heuristic-based detection techniques are becoming harder to achieve, due to the ever changing pattern of ransomware attack vectors. Therefore, in order to combat ransomware, we need a better understanding on how ransomware is being deployed, its characteristics, as well as how potential victims may react to ransomware incidents. This paper aims to address this challenge by carrying out an investigation on 18 families of ransomware, leading to a model for categorising ransomware behavioural characteristics, which can then be used to improve detection and handling of ransomware incidents. The categorisation was done in respect to the stages of ransomware deployment methods with a predictive model we developed called Randep. The stages are fingerprint, propagate, communicate, map, encrypt, lock, delete and threaten. Analysing the samples gathered for the predictive model provided an insight into the stages and timeline of ransomware execution. Furthermore, we carried out a study on how potential victims (individuals, as well as IT support staff at universities and SMEs) detect that ransomware was being deployed on their machine, what steps they took to investigate the incident, and how they responded to the attack. Both quantitative and qualitative data were collected through questionnaires and in-depth interviews. The results shed an interesting light into the most common attack methods, the most targeted operating systems and the infection symptoms, as well as recommended defence mechanisms. This information can be used in the future to create behavioural patterns for improved ransomware detection and response.

Ali Mehrban,Shirin Karimi Geransayeh

2024-02-04

Abstract:In recent years, there has been a noticeable increase in cyberattacks using ransomware. Attackers use this malicious software to break into networks and harm computer systems. This has caused significant and lasting damage to various organizations, including government, private companies, and regular users. These attacks often lead to the loss or exposure of sensitive information, disruptions in normal operations, and persistent vulnerabilities. This paper focuses on a method for recognizing and identifying ransomware in computer networks. The approach relies on using machine learning algorithms and analyzing the patterns of network traffic. By collecting and studying this traffic, and then applying machine learning models, we can accurately identify and detect ransomware. The results of implementing this method show that machine learning algorithms can effectively pinpoint ransomware based on network traffic, achieving high levels of precision and accuracy.

Cryptography and Security,Machine Learning

Timothy McIntosh,Teo Susnjak,Tong Liu,Dan Xu,Paul Watters,Dongwei Liu,Yaqi Hao,Alex Ng,Malka Halgamuge

DOI: https://doi.org/10.1145/3691340

IF: 16.6

2024-10-09

ACM Computing Surveys

Abstract:Ransomware has grown to be a dominant cybersecurity threat by exfiltrating, encrypting, or destroying valuable user data and causing numerous disruptions to victims. The severity of the ransomware endemic has generated research interest from both the academia and the industry. However, many studies held stereotypical assumptions about ransomware, used unverified, outdated, and limited self-collected ransomware samples, and did not consider government strategies, industry guidelines, or cyber intelligence. We observed that ransomware no longer exists simply as an executable file or limits to encrypting files (data loss); data exfiltration (data breach) is the new norm, espionage is an emerging theme, and the industry is shifting focus from technical advancements to cyber governance and resilience. We created a ransomware innovation adoption curve, critically evaluated 212 academic studies published during 2020 and 2023, and cross-verified them against various government strategies, industry reports, and cyber intelligence on ransomware. We concluded that many studies were becoming irrelevant to the contemporary ransomware reality and called for the redirection of ransomware research to align with the continuous ransomware evolution in the industry. We proposed to address data exfiltration as priority over data encryption, to consider ransomware in a business-practical manner, and recommended research collaboration with the industry.

computer science, theory & methods

Naveed M Islam,Shada J Wadi-Ramahi,Ron Lalonde,Tanvir Baig,Maria diMayorca,David A Clump,M Saiful Huq

DOI: https://doi.org/10.1002/mp.16328

Abstract:Background: Infectious disease outbreaks have always presented challenges to the operation of healthcare systems. In particular, the treatment of cancer patients within Radiation Oncology often cannot be delayed or compromised due to infection control measures. Therefore, there is a need for a strategic approach to simultaneously managing infection control and radiotherapy risks. Purpose: To develop a systematic risk management method that uses mathematical models to design mitigation efforts for control of an infectious disease outbreak, while ensuring safe delivery of radiotherapy. Methods: A two-stage failure mode and effect analysis (FMEA) approach is proposed to modify radiotherapy workflow during an infectious disease outbreak. In stage 1, an Infection Control FMEA (IC-FMEA) is conducted, where risks are evaluated based on environmental parameters, clinical interactions, and modeling of infection risk. occupancy risk index (ORI) is defined as a metric for infection transmission risk level in each room, based on the degree of occupancy. ORI, in combination with ventilation rate per person (Rp ), is used to provide a broad infection risk assessment of workspaces. For detailed IC-FMEA of clinical processes, infection control failure mode (ICFM) is defined to be any instance of disease transmission within the clinic. Infection risk priority number (IRPN) has been formulated as a function of time, distance, and degree of protective measures. Infection control measures are then systematically integrated into the workflow. Since the workflow is perturbed by infection control measures, there is a possibility of introducing new radiotherapy failure modes or increased likelihood of existing failure modes. Therefore, in stage 2, a conventional radiotherapy FMEA (RT-FMEA) should be performed on the adjusted workflow. Results: The COVID-19 pandemic was used to illustrate stage 1 IC-FMEA. ORI and Rp values were calculated for various workspaces within a clinic. A deep inspiration breath hold (DIBH) CT simulation was used as an example to demonstrate detailed IC-FMEA with ICFM identification and IRPN evaluation. A total of 90 ICFMs were identified in the DIBH simulation process. The calculated IRPN values were found to be progressively decreasing for workflows with minimal, moderate, and enhanced levels of protective measures. Conclusion: The framework developed in this work provides tools for radiotherapy clinics to systematically assess risk and adjust workflows during the evolving circumstances of any infectious disease outbreak.

Yiwei Hou,Lihua Guo,Chijin Zhou,Yiwen Xu,Zijing Yin,Shanshan Li,Chengnian Sun,Yu Jiang

DOI: https://doi.org/10.1145/3597503.3639090

2024-01-01

Abstract:The threat of ransomware to the software ecosystem has become increasingly alarming in recent years, raising a demand for large-scale and comprehensive ransomware analysis to help develop more effective countermeasures against unknown attacks. In this paper, we first collect a real-world dataset Maraudermap, consisting of 7,796 active ransomware samples, and analyze their behaviors of disrupting data in victim systems. All samples are executed in iso-lated testbeds to collect all perspectives of six categories of runtime behaviors, such as API calls, I/O accesses, and network traffic. The total logs volume is up to 1.98 TiB. By assessing collected behaviors, we present six critical findings throughout ransomware attacks' data reconnaissance, data tampering, and data exfiltration phases. Based on our findings, we propose three corresponding mitigation strategies to detect ransomware during each phase. Experimental results show that they can enhance the capability of state-of-the-art anti-ransomware tools. We report a preliminary result of a 41%-69% increase in detection rate with no additional false positives, showing that our insights are helpful.

Pranjal Sharma

2024-09-15

Abstract:Day by day, the frequency of ransomware attacks on organizations is experiencing a significant surge. High-profile incidents involving major entities like Las Vegas giants MGM Resorts, Caesar Entertainment, and Boeing underscore the profound impact, posing substantial business barriers. When a sudden cyberattack occurs, organizations often find themselves at a loss, with a looming countdown to pay the ransom, leading to a cascade of impromptu and unfavourable decisions. This paper adopts a novel approach, leveraging Prospect Theory, to elucidate the tactics employed by cyber attackers to entice organizations into paying the ransom. Furthermore, it introduces an algorithm based on Prospect Theory and an Attack Recovery Plan, enabling organizations to make informed decisions on whether to consent to the ransom demands or resist. This algorithm Ransomware Risk Analysis and Decision Support (RADS) uses Prospect Theory to re-instantiate the shifted reference manipulated as perceived gains by attackers and adjusts for the framing effect created due to time urgency. Additionally, leveraging application criticality and incorporating Prospect Theory's insights into under/over weighing probabilities, RADS facilitates informed decision-making that transcends the simplistic framework of "consent" or "resistance," enabling organizations to achieve optimal decisions.

Cryptography and Security

Juan López-Tarjuelo,Ana Bouché-Babiloni,Agustín Santos-Serra,Virginia Morillo-Macías,Felipe A Calvo,Yuri Kubyshin,Carlos Ferrer-Albiach

DOI: https://doi.org/10.1016/j.radonc.2014.11.012

Abstract:Background and purpose: Industrial companies use failure mode and effect analysis (FMEA) to improve quality. Our objective was to describe an FMEA and subsequent interventions for an automated intraoperative electron radiotherapy (IOERT) procedure with computed tomography simulation, pre-planning, and a fixed conventional linear accelerator. Material and methods: A process map, an FMEA, and a fault tree analysis are reported. The equipment considered was the radiance treatment planning system (TPS), the Elekta Precise linac, and TN-502RDM-H metal-oxide-semiconductor-field-effect transistor in vivo dosimeters. Computerized order-entry and treatment-automation were also analyzed. Results: Fifty-seven potential modes and effects were identified and classified into 'treatment cancellation' and 'delivering an unintended dose'. They were graded from 'inconvenience' or 'suboptimal treatment' to 'total cancellation' or 'potentially wrong' or 'very wrong administered dose', although these latter effects were never experienced. Risk priority numbers (RPNs) ranged from 3 to 324 and totaled 4804. After interventions such as double checking, interlocking, automation, and structural changes the final total RPN was reduced to 1320. Conclusions: FMEA is crucial for prioritizing risk-reduction interventions. In a semi-surgical procedure like IOERT double checking has the potential to reduce risk and improve quality. Interlocks and automation should also be implemented to increase the safety of the procedure.

Kelly Cooper Younge,Yizhen Wang,John Thompson,Julia Giovinazzo,Marisa Finlay,Raxa Sankreacha

DOI: https://doi.org/10.1016/j.ijrobp.2014.12.033

2015-04-01

Abstract:Purpose: To improve the safety and efficiency of a new stereotactic radiosurgery program with the application of failure mode and effects analysis (FMEA) performed by a multidisciplinary team of health care professionals. Methods and materials: Representatives included physicists, therapists, dosimetrists, oncologists, and administrators. A detailed process tree was created from an initial high-level process tree to facilitate the identification of possible failure modes. Group members were asked to determine failure modes that they considered to be the highest risk before scoring failure modes. Risk priority numbers (RPNs) were determined by each group member individually and then averaged. Results: A total of 99 failure modes were identified. The 5 failure modes with an RPN above 150 were further analyzed to attempt to reduce these RPNs. Only 1 of the initial items that the group presumed to be high-risk (magnetic resonance imaging laterality reversed) was ranked in these top 5 items. New process controls were put in place to reduce the severity, occurrence, and detectability scores for all of the top 5 failure modes. Conclusions: FMEA is a valuable team activity that can assist in the creation or restructuring of a quality assurance program with the aim of improved safety, quality, and efficiency. Performing the FMEA helped group members to see how they fit into the bigger picture of the program, and it served to reduce biases and preconceived notions about which elements of the program were the riskiest.

Aaron Zimba,Mumbi Chishimba,Sipiwe Chihana

DOI: https://doi.org/10.48550/arXiv.2102.10632

2021-02-22

Abstract:Ransomware has emerged as an infamous malware that has not escaped a lot of myths and inaccuracies from media hype. Victims are not sure whether or not to pay a ransom demand without fully understanding the lurking consequences. In this paper, we present a ransomware classification framework based on file-deletion and file-encryption attack structures that provides a deeper comprehension of potential flaws and inadequacies exhibited in ransomware. We formulate a threat and attack model representative of a typical ransomware attack process from which we derive the ransomware categorization framework based on a proposed classification algorithm. The framework classifies the virulence of a ransomware attack to entail the overall effectiveness of potential ways of recovering the attacked data without paying the ransom demand as well as the technical prowess of the underlying attack structures. Results of the categorization, in increasing severity from CAT1 through to CAT5, show that many ransomwares exhibit flaws in their implementation of encryption and deletion attack structures which make data recovery possible without paying the ransom. The most severe categories CAT4 and CAT5 are better mitigated by exploiting encryption essentials while CAT3 can be effectively mitigated via reverse engineering. CAT1 and CAT2 are not common and are easily mitigated without any decryption essentials.

Cryptography and Security

Claire C McGlave,Sayeh S Nikpay,Carrie Henning-Smith,Katie Rydberg,Hannah T Neprash

DOI: https://doi.org/10.1093/haschl/qxad037

2023-08-28

Abstract:As cybercrime increasingly targets the health care sector, hospitals face the growing threat of ransomware attacks. Ransomware is a type of malicious software that prevents users from accessing their electronic systems-demanding payment to restore access. In response, momentum is gathering to enact policy that will help hospitals strengthen their cybersecurity defenses. However, to design effective policy, it is crucial to understand the characteristics of hospitals associated with the risk of ransomware attack. In this paper, we compare the characteristics of ransomware-attacked and non-attacked short-term acute care hospitals in the United States. Using data from the American Hospital Association's Annual Survey and the Healthcare Cost Report Information System, we found that ransomware-attacked hospitals were larger, had higher net operating revenue, were more likely to be financially profitable, and more likely to provide trauma, emergency, and obstetric care than non-attacked hospitals. Measures of information technology sophistication did not vary between ransomware-attacked and non-attacked hospitals. These results can be used to tailor policy interventions in order to most effectively respond to and prevent cybercrime in health care.

Omer Soner,Gizem Kayisoglu,Pelin Bolat,Kimberly Tam

DOI: https://doi.org/10.1177/1748006x241283093

2024-10-02

Proceedings of the Institution of Mechanical Engineers Part O Journal of Risk and Reliability

Abstract:Proceedings of the Institution of Mechanical Engineers, Part O: Journal of Risk and Reliability, Ahead of Print. Ransomware is a subset of malicious cyberattacks that aim to hold an organization's data or critical infrastructure at ransom, compromising or blocking access. If the attack is public or made public after the initial attack, it can also severely jeopardize an organization's reputation. Given the direct and immediate impact ransomware attacks can have and the lack of in-depth sharing, additional research is needed to analyze ransomware incidents in order to understand the underlying causes of incidents in addition to the detection and prevention methods. In this paper, 22 public ransomware incidents within the marine industry have been investigated to determine their causal factors and commonalities. To investigate causal factors, DEMATEL (Decision Making Trial and Evaluation Laboratory) and a fuzzy set are used in order to enable an organization to better adhere to operational requirements and cyber risk management strategies to increase cyber resilience against ransomware incidents. The study's findings highlight the fact that network layer cyber security mitigations, strategies for securely utilizing RDP (Remote Desktop Protocol) protocols, and investments in operating systems (OS) and software security are essential components of preventing future ransomware incidents. This study concludes by suggesting several suitable control and preventative measures to improve system safety.

engineering, industrial, multidisciplinary,operations research & management science

Amir Atapour-Abarghouei,Stephen Bonner,Andrew Stephen McGough

DOI: https://doi.org/10.48550/arXiv.1911.08364

2019-11-19

Abstract:With the recent growth in the number of malicious activities on the internet, cybersecurity research has seen a boost in the past few years. However, as certain variants of malware can provide highly lucrative opportunities for bad actors, significant resources are dedicated to innovations and improvements by vast criminal organisations. Among these forms of malware, ransomware has experienced a significant recent rise as it offers the perpetrators great financial incentive. Ransomware variants operate by removing system access from the user by either locking the system or encrypting some or all of the data, and subsequently demanding payment or ransom in exchange for returning system access or providing a decryption key to the victim. Due to the ubiquity of sensitive data in many aspects of modern life, many victims of such attacks, be they an individual home user or operators of a business, are forced to pay the ransom to regain access to their data, which in many cases does not happen as renormalisation of system operations is never guaranteed. As the problem of ransomware does not seem to be subsiding, it is very important to investigate the underlying forces driving and facilitating such attacks in order to create preventative measures. As such, in this paper, we discuss and provide further insight into variants of ransomware and their victims in order to understand how and why they have been targeted and what can be done to prevent or mitigate the effects of such attacks.

Cryptography and Security

Tom Mahler,Erez Shalom,Arnon Makori,Yuval Elovici,Yuval Shahar

DOI: https://doi.org/10.1007/s10278-021-00562-y

IF: 4.903

2022-02-17

Journal of Digital Imaging

Abstract:Medical imaging devices (MIDs) are exposed to cyber-security threats. Currently, a comprehensive, efficient methodology dedicated to MID cyber-security risk assessment is lacking. We propose the Threat identification, ontology-based Likelihood, severity Decomposition, and Risk assessment (TLDR) methodology and demonstrate its feasibility and consistency with existing methodologies, while being more efficient, providing details regarding the severity components, and supporting organizational prioritization and customization. Using our methodology, the impact of 23 MIDs attacks (that were previously identified) was decomposed into six severity aspects. Four Radiology Medical Experts (RMEs) were asked to assess these six aspects for each attack. The TLDR methodology’s external consistency was demonstrated by calculating paired T-tests between TLDR severity assessments and those of existing methodologies (and between the respective overall risk assessments, using attack likelihood estimates by four healthcare cyber-security experts); the differences were insignificant, implying externally consistent risk assessment. The TLDR methodology’s internal consistency was evaluated by calculating the pairwise Spearman rank correlations between the severity assessments of different groups of two to four RMEs and each of their individual group members, showing that the correlations between the severity rankings, using the TLDR methodology, were significant (P < 0.05), demonstrating that the severity rankings were internally consistent for all groups of RMEs. Using existing methodologies, however, the internal correlations were insignificant for groups of less than four RMEs. Furthermore, compared to standard risk assessment techniques, the TLDR methodology is also sensitive to local radiologists’ preferences, supports a greater level of flexibility regarding risk prioritization, and produces more transparent risk assessments.

radiology, nuclear medicine & medical imaging

Nandita Pattnaik,Jason R. C. Nurse,Sarah Turner,Gareth Mott,Jamie MacColl,Pia Huesch,James Sullivan

2023-07-06

Abstract:As cyber-attacks continue to increase in frequency and sophistication, organisations must be better prepared to face the reality of an incident. Any organisational plan that intends to be successful at managing security risks must clearly understand the harm (i.e., negative impact) and the various parties affected in the aftermath of an attack. To this end, this article conducts a novel exploration into the multitude of real-world harms that can arise from cyber-attacks, with a particular focus on ransomware incidents given their current prominence. This exploration also leads to the proposal of a new, robust methodology for modelling harms from such incidents. We draw on publicly-available case data on high-profile ransomware incidents to examine the types of harm that emerge at various stages after a ransomware attack and how harms (e.g., an offline enterprise server) may trigger other negative, potentially more substantial impacts for stakeholders (e.g., the inability for a customer to access their social welfare benefits or bank account). Prominent findings from our analysis include the identification of a notable set of social/human harms beyond the business itself (and beyond the financial payment of a ransom) and a complex web of harms that emerge after attacks regardless of the industry sector. We also observed that deciphering the full extent and sequence of harms can be a challenging undertaking because of the lack of complete data available. This paper consequently argues for more transparency on ransomware harms, as it would lead to a better understanding of the realities of these incidents to the benefit of organisations and society more generally.

Cryptography and Security,Computers and Society

Hannah T. Neprash,Claire C. McGlave,Katie Rydberg,Carrie Henning‐Smith

DOI: https://doi.org/10.1111/jrh.12834

2024-03-18

The Journal of Rural Health

Abstract:Purpose Hospitals are increasingly the target of cybersecurity threats, including ransomware attacks. Little is known about how ransomware attacks affect care at rural hospitals. Methods We used data on hospital ransomware attacks from the Tracking Healthcare Ransomware Events and Traits database, linked to American Hospital Association survey data and Medicare fee‐for‐service (FFS) claims data from 2016 to 2021. We measured Medicare FFS volume and revenue in the inpatient, outpatient, and emergency room setting—at the hospital‐week level. We then conducted a stacked event study analysis, comparing hospital volume and revenue at ransomware‐attacked and nonattacked hospitals before and after attacks. Findings Ransomware attacks severely disrupted hospital operations—with comparable effects observed at rural versus urban hospitals. During the first week of the attack, inpatient admissions volume fell by 14.7% at rural hospitals (P = .04) and 16.9% at urban hospitals (P = .01)—recovering to preattack levels within 2‐3 weeks. Outpatient visits fell by 35.3% at rural hospitals (P

public, environmental & occupational health,health care sciences & services,health policy & services

Dominik Kornek,Christoph Bert

DOI: https://doi.org/10.1016/j.zemedi.2024.02.002

IF: 7.215

2024-02-01

Zeitschrift für Medizinische Physik

Abstract:PURPOSE: The first aim of the study was to create a general template for analyzing potential failures in external beam radiotherapy, EBRT, using the process failure mode and effects analysis (PFMEA). The second aim was to modify the action priority (AP), a novel prioritization method originally introduced by the Automotive Industry Action Group (AIAG), to work with different severity, occurrence, and detection rating systems used in radiation oncology.METHODS AND MATERIALS: The AIAG PFMEA approach was employed in combination with an extensive literature survey to develop the EBRT-PFMEA template. Subsets of high-risk failure modes found through the literature survey were added to the template where applicable. Our modified AP for radiation oncology (RO AP) was defined using a weighted sum of severity, occurrence, and detectability. Then, Monte Carlo simulations were conducted to compare the original AIAG AP, the RO AP, and the risk priority number (RPN). The results of the simulations were used to determine the number of additional corrective actions per failure mode and to parametrize the RO AP to our department's rating system.RESULTS: An EBRT-PFMEA template comprising 75 high-risk failure modes could be compiled. The AIAG AP required 1.7 additional corrective actions per failure mode, while the RO AP ranged from 1.3 to 3.5, and the RPN required 3.6. The RO AP could be parametrized so that it suited our rating system and evaluated severity, occurrence, and detection ratings equally to the AIAG AP.CONCLUSIONS: An adjustable EBRT-PFMEA template is provided which can be used as a practical starting point for creating institution-specific templates. Moreover, the RO AP introduces transparent action levels that can be adapted to any rating system.

radiology, nuclear medicine & medical imaging

Nichole M. Maughan,Jacqueline E. Zoberi,Jose Garcia Ramirez,Jeff M. Michalski,Brain C. Baumann,Maxwell Amurao,David Luechtefeld,Areti Marko,Angela Nestel,Hyun Kim

DOI: https://doi.org/10.1016/j.prro.2023.12.014

IF: 3.439

2024-02-14

Practical Radiation Oncology

Abstract:Background Radiopharmaceutical therapy (RPT) is a rapidly growing treatment modality. Though uncommon, patients may experience complications during their RPT treatment, which may trigger a rapid response from the hospital team. However, members of this team are typically not familiar with precautions for radiation safety. During these events, it is important to prioritize the patient's health over all else. However, there are some practices that can help minimize the risk of radiation contamination spread and exposure to staff while tending to the patient. Methods We formed a team to develop a standard protocol for handling patient emergencies during RPT treatment. This team consisted of an authorized user, radiation safety officer, medical physicist, nurse, RPT administration staff, and a quality/safety coordinator. The focus for developing this standardized protocol for RPT patient emergencies was three-fold: (1) stabilize the patient, (2) reduce radiation exposure to staff, and (3) limit the spread of radiation contamination. Results We modified our hospital's existing rapid response protocol to account for the additional staff and tasks needed to accomplish all three of these goals. Each team member was assigned specific responsibilities, which include serving as a gatekeeper to restrict traffic, managing the crash cart, performing chest compressions, timing chest compressions, documenting the situation, and monitoring/managing radiation safety in the area. We developed a small, easy-to-read card for rapid response staff to read while they are en route to the area so they can be aware of and prepare for the unique circumstances that RPT treatments present. Conclusions Though rapid response events with RPT patients are uncommon, it is important to have a standardized protocol for how to handle these situations beforehand rather than improvise in the moment. We have provided an example of how our team adapted our hospital's current rapid response protocol to accommodate RPT patients.

oncology,radiology, nuclear medicine & medical imaging