Evaluation on Cybersecurity and Privacy Risks of Healthcare Point-of-Care Systems

Point-of-care systems are extensively used in healthcare to react quickly and prevent critical health issues. As a result, POC systems frequently process large amounts of personal health information. Therefore, their cybersecurity and privacy requirements are crucial, while evaluating those requirements is an important task. In this work, we aim at designing and reporting the execution of a use case approach to evaluate cybersecurity and privacy requirements and specifications of POC systems. Accordingly, we detail a use case approach as part of a real healthcare IT infrastructure that includes a Health Information System, integration engines, application servers, web services, medical devices, smartphone apps, medical modalities (all data simulated) and interaction with participants. Overall, following the use case approach, the results obtained indicate that all the functional KPI, non-functional KPI and Societal & Roadmap obtained a positive evaluation. Furthermore, the usability experience from the participants was positive and the use case description and the validation step-by-step plan were highly compatible with the different daily experience of the participants.