Evaluating Cybersecurity Risks in Modern Healthcare: Quantitative Assessment of Biomedical Device Compromises and Electronic Health Records Tampering

Abstract

The adoption of digital technologies in the health sector has provided better operational effectiveness and care to patients while presenting critical cybersecurity vulnerabilities. The work presented here is the analysis of the cyber risks to the electro-medical devices used in the healthcare sector. An investigation has been done into the occurrences, cost implications, and implications on patient safety due to cyber-attacks on biomedical devices and Electronic Health Records (EHR). The significant data set of industry reports, case studies, and hospital breach records were analyzed and investigated using statistical methods. It provided a data-driven understanding of the relative risks imposed by compromising of biomedical devices and EHR tampering. The financial impact and burden imposed by the cyber-attack and EHR tampering have been elaborated. The findings of the work emphasize the differences and similarities between attack vectors, consequences, and mitigation strategies. It also provides evidence-based recommendations towards fortifying healthcare providers’ cyber security measures.