Cybersecurity considerations for radiology departments involved with artificial intelligence

Abstract

Radiology artificial intelligence (AI) projects involve the integration of integrating numerous medical devices, wireless technologies, data warehouses, and social networks. While cybersecurity threats are not new to healthcare, their prevalence has increased with the rise of AI research for applications in radiology, making them one of the major healthcare risks of 2021. Radiologists have extensive experience with the interpretation of medical imaging data but radiologists may not have the required level of awareness or training related to AI-specific cybersecurity concerns. Healthcare providers and device manufacturers can learn from other industry sector industries that have already taken steps to improve their cybersecurity systems. This review aims to introduce cybersecurity concepts as it relates to medical imaging and to provide background information on general and healthcare-specific cybersecurity challenges. We discuss approaches to enhancing the level and effectiveness of security through detection and prevention techniques, as well as ways that technology can improve security while mitigating risks. We first review general cybersecurity concepts and regulatory issues before examining these topics in the context of radiology AI, with a specific focus on data, training, data, training, implementation, and auditability. Finally, we suggest potential risk mitigation strategies. By reading this review, healthcare providers, researchers, and device developers can gain a better understanding of the potential risks associated with radiology AI projects, as well as strategies to improve cybersecurity and reduce potential associated risks. CLINICAL RELEVANCE STATEMENT: This review can aid radiologists' and related professionals' understanding of the potential cybersecurity risks associated with radiology AI projects, as well as strategies to improve security. KEY POINTS: • Embarking on a radiology artificial intelligence (AI) project is complex and not without risk especially as cybersecurity threats have certainly become more abundant in the healthcare industry. • Fortunately healthcare providers and device manufacturers have the advantage of being able to take inspiration from other industry sectors who are leading the way in the field. • Herein we provide an introduction to cybersecurity as it pertains to radiology, a background to both general and healthcare-specific cybersecurity challenges; we outline general approaches to improving security through both detection and preventative techniques, and instances where technology can increase security while mitigating risks.

Keywords: Artificial intelligence; Cybersecurity; Radiology.

Fig. 1

Number of data breaches reported to the Department of Health and Human Services’ Office for Civil Rights

Fig. 2

Patterns in healthcare industry incidents (n = 798)

Fig. 3

Patterns in healthcare industry breaches (n = 521)

Fig. 4

Type of significant security incident experienced in the past twelve months (n = 168)

Fig. 5

Significant security incidents—impact of incident (n = 168)