Creating a Cyberattack Plan for Radiology Operations: A Practical Pediatric Perspective

IF 5.1 3区医学 Q1 RADIOLOGY, NUCLEAR MEDICINE & MEDICAL IMAGING

Journal of the American College of Radiology Pub Date : 2025-10-01 DOI:10.1016/j.jacr.2025.07.017

Susan Sotardi MD, MSEng , Colleen Flowers AS, RT(R)(MR) , Ethan Larsen PhD , Mario Sinti-Ycochea MD , Ann M. Johnson MD , Sudha Anupindi MD

{"title":"Creating a Cyberattack Plan for Radiology Operations: A Practical Pediatric Perspective","authors":"Susan Sotardi MD, MSEng , Colleen Flowers AS, RT(R)(MR) , Ethan Larsen PhD , Mario Sinti-Ycochea MD , Ann M. Johnson MD , Sudha Anupindi MD","doi":"10.1016/j.jacr.2025.07.017","DOIUrl":null,"url":null,"abstract":"<div><h3>Purpose</h3><div>To describe the development of a comprehensive plan for the initial radiology department in response to a cyberattack, aligned with enterprise-wide disaster preparedness in a pediatric hospital setting.</div></div><div><h3>Methods</h3><div>Our department participated in a coordinated, multidisciplinary enterprise effort to build a cyberattack protocol. We created a command center model to maintain radiology operations in the event of a complete network outage, which includes organizing staff, tracking equipment, archiving imaging studies, and communicating within and outside our department. This plan encompasses all imaging modalities and current interdepartmental dependencies.</div></div><div><h3>Results</h3><div>A radiology downtime strategy was created to address cyber-events, including command center setup, modality-based imaging workflows, secure communication, and equipment recovery, with a focus on paper-based tools, encrypted storage, teamwork across departments, streamlined approach to image acquisition and interpretation, and postevent follow-up.</div></div><div><h3>Conclusion</h3><div>This work highlights the need for radiology departments to proactively outline cyberattacks protocols. By sharing our process, we aim to support other institutions in building robust systems to sustain imaging services during network outages. To ensure readiness for potential future cyberattacks, it is important to maintain readiness, aligned with multidepartmental efforts.</div></div>","PeriodicalId":49044,"journal":{"name":"Journal of the American College of Radiology","volume":"22 10","pages":"Pages 1148-1156"},"PeriodicalIF":5.1000,"publicationDate":"2025-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of the American College of Radiology","FirstCategoryId":"3","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1546144025004144","RegionNum":3,"RegionCategory":"医学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"RADIOLOGY, NUCLEAR MEDICINE & MEDICAL IMAGING","Score":null,"Total":0}

引用次数: 0

Abstract

Purpose

To describe the development of a comprehensive plan for the initial radiology department in response to a cyberattack, aligned with enterprise-wide disaster preparedness in a pediatric hospital setting.

Methods

Our department participated in a coordinated, multidisciplinary enterprise effort to build a cyberattack protocol. We created a command center model to maintain radiology operations in the event of a complete network outage, which includes organizing staff, tracking equipment, archiving imaging studies, and communicating within and outside our department. This plan encompasses all imaging modalities and current interdepartmental dependencies.

Results

A radiology downtime strategy was created to address cyber-events, including command center setup, modality-based imaging workflows, secure communication, and equipment recovery, with a focus on paper-based tools, encrypted storage, teamwork across departments, streamlined approach to image acquisition and interpretation, and postevent follow-up.

Conclusion

This work highlights the need for radiology departments to proactively outline cyberattacks protocols. By sharing our process, we aim to support other institutions in building robust systems to sustain imaging services during network outages. To ensure readiness for potential future cyberattacks, it is important to maintain readiness, aligned with multidepartmental efforts.

查看原文本刊更多论文

创建放射学操作的网络攻击计划：一个实用的儿科视角。

目的：描述初步放射科应对网络攻击的综合计划的制定，该计划与儿科医院全企业范围的备灾工作相一致。方法：本部门参与了一项多学科的企业协同工作，以建立一个网络攻击协议。我们创建了一个指挥中心模型，用于在整个网络中断的情况下维持放射学操作，包括组织人员、跟踪设备、存档成像研究以及在我们部门内外进行沟通。该计划包括所有成像模式和当前的部门间依赖关系。结果：创建了一个放射学停机策略来解决网络事件，包括指挥中心设置、基于模式的成像工作流程、安全通信和设备恢复，重点是基于纸张的工具、加密存储、跨部门团队合作、简化的图像采集和解释方法以及事件后的后续工作。结论：这项工作强调了放射科主动概述网络攻击协议的必要性。通过分享我们的流程，我们的目标是支持其他机构建立强大的系统，以便在网络中断期间维持成像服务。为了确保对未来潜在的网络攻击做好准备，重要的是要保持准备，与多部门的努力保持一致。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Journal of the American College of Radiology RADIOLOGY, NUCLEAR MEDICINE & MEDICAL IMAGING-

CiteScore

6.30

自引率

8.90%

发文量

312

审稿时长

34 days

期刊介绍： The official journal of the American College of Radiology, JACR informs its readers of timely, pertinent, and important topics affecting the practice of diagnostic radiologists, interventional radiologists, medical physicists, and radiation oncologists. In so doing, JACR improves their practices and helps optimize their role in the health care system. By providing a forum for informative, well-written articles on health policy, clinical practice, practice management, data science, and education, JACR engages readers in a dialogue that ultimately benefits patient care.