PAGNI is the largest hospital facility in Crete and one of the largest public hospitals in the country, with around 800 beds and more than 2200 employees. Currently, PAGNI is using a Hospital Information System (HIS), named “PANAKIA”. This is an eHealth IT infrastructure that creates links between the hospital medical care, the patient flows and the records. The HIS platform is an effective mean for the smooth operation and easy management of the hospital’s IT system, as PAGNI’s personnel (i.e. doctors, nurses, administrative staff and the IT department) use the specific platform on a daily basis.
The main assets of PANAKIA include (Figure 1):
- Patient health records (i.e. examinations, historic data, drugs dosages etc.)
- Visualization of the treatment actions and patient examination results
- Patient profile and associated medical data
- IT Infrastructure
Figure 1. HIS platform (PANAKIA) workflow in PAGNI
Problem and Objective
Hospitals and healthcare institutions face several cybersecurity challenges due to the sensitive nature of the data they handle and the critical services they provide. Here are some common cybersecurity problems that hospitals may face:
- Data breaches: Hospitals store a vast amount of personally identifiable information (PII) and protected health information (PHI), making them attractive targets for hackers. Data breaches can lead to the exposure of patient records, financial data, or other sensitive information.
- Ransomware attacks: Ransomware is a type of malicious software that encrypts a hospital's files and demands a ransom in exchange for restoring access. These attacks can disrupt hospital operations, compromise patient care, and potentially lead to financial losses.
- Insider threats: Employees or individuals with authorized access to hospital systems can pose a risk to cybersecurity. Insider threats may include intentional data theft, accidental data exposure, or negligence in following security protocols.
- Medical device vulnerabilities: Many medical devices, such as patient monitors and infusion pumps, are now connected to the network, making them potential targets for cyberattacks. Exploiting vulnerabilities in these devices can disrupt patient care or allow unauthorized access to sensitive data.
- Phishing and social engineering: Hospitals may be targeted by phishing emails or social engineering techniques that trick employees into divulging sensitive information or installing malware. This can lead to unauthorized access, data breaches, or further network compromise.
- Lack of security awareness and training: Staff members in hospitals may not always receive adequate cybersecurity training or be aware of the latest threats and best practices. This can increase the risk of falling victim to cyberattacks or inadvertently compromising security.
Addressing these challenges requires implementing robust cybersecurity measures, including regular risk assessments, employee training programs, strong access controls, encryption of sensitive data, network monitoring, and incident response plans. It's crucial for hospitals to prioritize cybersecurity to protect patient privacy, maintain operational continuity, and ensure the delivery of quality healthcare services.
The PAGNI-Use Case:
In this use case three scenarios are implemented (Figure 2):
- Outdated software
Outdated software risks poisoning the systems of the hospital and wreaking havoc on the organization’s security. HEIR security mechanisms are able to detect outdated software on the servers and workstations that belong to the hospital and inform the IT department of the issues and the actions needed.
- Threat detection
For the smooth operation of the hospital IT systems, a threat detection and mitigation system that acts quickly and efficiently is crucial. HEIR security mechanisms are able to detect threats to the servers and workstations that belong to the hospital, neutralize them and inform the IT department of the issues and the actions needed.
- Monitoring and reporting with trained ML model
Retrospective log data (~2.5M anonymized records) are available for the training of machine learning algorithms from the technical partners. A system that provides in real-time log data is available and will be used for the evaluation of the machine learning module and the HEIR components.
Figure 2. HEIR deployment in PAGNI
Conclusion:
In conclusion, PAGNI aims to use the outcomes of HEIR in order to improve the security and privacy of its services against advanced security threats. Finally, through HEIR, PAGNI intends to utilize the results of the project’s findings to strengthen its current products and overall infrastructure and to adopt the ideal and most effective technology framework for cyber security protection.