Exhibit Hall | Forum 6
Purpose: Cyberattacks on healthcare systems have been on the rise over the recent 5 years. Formulation and implementation of a robust post-attack business continuity plan or contingency plan (CP) is essential for minimal disruption to patient care. This study was undertaken to survey and assess cyberattack CP awareness and preparedness within the radiation oncology community.
Methods: A survey instrument comprising 5 questions on awareness and preparedness of cyberattack CPs was e-mailed to 150 radiation oncology departments: 105 larger hospitals (LH) which have 5 or more treatment machines and 45 smaller hospitals (SH) which have 4 or fewer.
Results: Forty-three responses were deemed evaluable for analysis. Forty-two percent (18 respondents) of respondents responded that they are well-aware of the concept of a cyberattack CP. Large discrepancy in awareness exists between LH and SH; 54% vs 24 % (P < 0.05). Fifty-eight percent of respondents considered it “essential” to have such a plan in place, and 28% considered it “desirable” to do so but not practical. Nine percent regarded a cyberattack CP as unnecessary. No significant differences in responses were noted among different types or sizes of institutions on this issue. Sixty-two percent of LH responded that they were either preparing or evaluating a CP solution, compared with only 29% of SH (P =0.03). However, no respondents explicitly replied that they already had a CP in place in their practices.
Conclusion: The importance of cyberattack preparedness and implementation does not seem to be well-recognized in radiation oncology. Both the awareness and the preparedness of SH are substantially less than those of LH. Specific and ongoing education efforts in parallel with development of appropriate programs are needed to counter the increasingly pervasive and complex threat of cyberattacks.
Not Applicable / None Entered.