SIIM 2022: 7 ways to be ever-prepared for cyberattack

What role do imaging informaticists play in the planning and recovery phases of cyberattacks? A growing one, according to a virtual session presented at the Society for Imaging Informatics in Medicine’s annual conference. 

Explaining that both cyberattack planning and mitigation measures are very much a collaborative effort between informaticists, IT professionals, vendors, technologists, radiologists and several other departments, Sylvia Devlin, RT(R), MS, Director of Clinical Applications Operations for Radiology Partners and Po Hao Chen, MD, Chief Imaging Informatics Officer for Cleveland Clinic Foundation, both shared their firsthand experiences with continuing operations following a ransomware attack. 

Devlin, a long-time technologist herself, described the immediate aftermath following cyberattacks as “complete gridlock in imaging,” but explained that while some decisions after an attack are inevitably reactive her experience with such helped her to learn how to plan for unplanned downtime in the future. 

Here is some of the advice Devlin and Chen have for facilities/departments that might be preparing their own protocols for outages: 

  1. Listen to/follow the technologists. Learn about their workflows, needs and how they currently adapt when part of the imaging process is interrupted (like when PACS or the EMR is down) to find areas that can be addressed ahead of time. For this, Chen recommends having standardized, organization-wide patient identifiers and pre-printed templates for imaging requisitions and dictations, which should include all the information that would normally be available via PACS or EMR. 

  1. Plan to relax administrative privileges where necessary so that a wider network of designated staff members have access to the patient information they require in a timelier manner. 

  1. Keep hard copies of downtime plans. And not just one copy, the presenters explained. Keep multiple copies, both on and off site, and keep them updated frequently. 

  1. Consider segmented networks. This piece of advice came from the Q&A portion of the presentation. Devlin explained that segmented networks (separate networks for radiology, pharmacy, admin, etc.) could help to temper attacks by limiting their reach. 

  1. Transition to temporary analog and digital workflows. This could come in the form of using CDs to share imaging across departments, DVDs, paper and temporary PACS servers. 

  1. Plan to temporarily save studies on modalities while waiting for the availability of PACS servers. 

  1. Don’t forget the basics. Chen explains that while data recovery and resuming clinical operations are the most pertinent tasks, many often forget about the basics required to do so, such as having plenty of printer ink and paper, offline copies of templates and protocols, and the availability of faxes and/or runners. 

After an attack, organizations could be forced to adapt for days, weeks or even months if they are required to start from the bottom with entirely new servers and networks. This is why it is important to have mitigation measures in place—and to practice and update those measures—in anticipation of the unforeseen. 

For more on SIIM 2022, click here.

Hannah murhphy headshot

In addition to her background in journalism, Hannah also has patient-facing experience in clinical settings, having spent more than 12 years working as a registered rad tech. She joined Innovate Healthcare in 2021 and has since put her unique expertise to use in her editorial role with Health Imaging.

Trimed Popup
Trimed Popup