The rapid growth of remote healthcare delivery has introduced significant security and privacy risks to protected health information (PHI). Analysis of a comprehensive healthcare security breach dataset covering 2009-2023 reveals their significant prevalence and impact. This study investigates the root causes of such security incidents and introduces the Attacker-Centric Approach (ACA), a novel threat model tailored to protect PHI. ACA addresses limitations in existing threat models and regulatory frameworks by adopting a holistic attacker-focused perspective, examining threats from the viewpoint of cyber adversaries, their motivations, tactics, and potential attack vectors. Leveraging established risk management frameworks, ACA provides a multi-layered approach to threat identification, risk assessment, and proactive mitigation strategies. A comprehensive threat library classifies physical, third-party, external, and internal threats. ACA's iterative nature and feedback mechanisms enable continuous adaptation to emerging threats, ensuring sustained effectiveness. ACA allows healthcare providers to proactively identify and mitigate vulnerabilities, fostering trust and supporting the secure adoption of virtual care technologies.
翻译:远程医疗服务的高速发展给受保护健康信息带来了显著的安全与隐私风险。通过对涵盖2009至2023年医疗安全泄露事件的综合数据集进行分析,本研究揭示了此类事件的普遍性及其重大影响。本文深入探究了安全事件的根源,并提出了攻击者中心化方法——一种专为保护受保护健康信息而设计的新型威胁模型。该方法通过采用整体性、以攻击者为核心的视角,从网络攻击者的立场、动机、策略及潜在攻击向量出发审视威胁,从而弥补了现有威胁模型与监管框架的不足。ACA借鉴成熟的风险管理框架,提供了涵盖威胁识别、风险评估及主动缓解策略的多层次方法。一个全面的威胁知识库对物理威胁、第三方威胁、外部威胁及内部威胁进行了系统分类。ACA的迭代特性与反馈机制使其能够持续适应新出现的威胁,确保持续的有效性。该模型使医疗服务提供者能够主动识别并缓解系统脆弱性,从而增强信任,并支持虚拟医疗技术的安全应用。