S1500
Interdisciplinary - Quality assurance and risk management
ESTRO 2026
Proffered Paper 135 ESTRO Framework for Radiation Oncology departments to mitigate against cyberattacks - a project of the ESTRO ROSQ committee Samuel Peters 1 , Anita O’Donovan 2 , Marcello Bellini 3 , Mary Coffey 2 , Ali Dabach 4 , Geoff Delaney 5 , Peter Fischer 6 , Gert Frenken 7 , Brian Liszewski 8 , Philippe Maignon 9 , Eric Messens 4 , Sophie Perryck 10 , Baoshe Zhang 11 , Petra Reijnders-Thijssen 7 1 Departement of Radiaon Oncology, HOCH Health Ostschweiz, St.Gallen, Switzerland. 2 Applied Radiation Therapy Trinity (ARTT), Discipline of Radiation Therapy, School of Medicine,Trinity St. James’s Cancer Institute,Trinity College, Dublin, Ireland. 3 Baloise Switzerland, Baloise Switzerland, Basel, Switzerland. 4 Department of Radiotherapy, Iridium Netwerk, ZAS (Ziekenhuis aan de Stroom), Antwerp, Belgium. 5 South- Western Sydney Medical School, University of New South Wales, Sydney, Australia. 6 School of Computer Science, Information Security & Privacy, 7Lucerne University of Applied Sciences and Arts, Lucerne, Switzerland. 7 Department of Radiation Oncology (Maastro), GROW Research Institute for Oncology and Reproduction, Maastricht University Medical Centre+, Maastricht, Netherlands. 8 Department of Radiation Oncology, University of Toronto, Toronto, Canada. 9 10Radiation Oncology Department, La Pitié Salpêtrière University Hospital, Assistance Publique des Hôpitaux de Paris.Sorbonne University, Paris, France. 10 Department of Radiation Oncology, University Hospital Zürich, Zurich, Switzerland. 11 Department of Radiation Oncology, University of Maryland School of Medicine, Baltimore, USA Purpose/Objective: Healthcare sectors, particularly radiation oncology departments, are facing an increasing threat of cyberattacks that compromise patient data, disrupt clinical workflows, and endanger patient safety. These attacks highlight a critical lack of preparedness and the need for a structured approach to cybersecurity resilience. The aim of this framework is to present practical and comprehensive recommendations for mitigating cyberattacks and minimising their direct impact on patient care in radiation therapy. Material/Methods: Preparing this framework involved three phases: First, a radiation-oncology-specific six-step framework was developed based on existing internationally recognised cybersecurity frameworks. Secondly, a systematic literature search was conducted using keywords related to cyberattacks in healthcare and radiotherapy. Finally, the information obtained from the literature was summarised and assigned to the six steps in the form of concrete measures. Results:
The authors developed a total of 191 measures which are included these 6 steps:Preparation: This proactive phase involves carrying out risk assessments and identifying all systems, tools and processes. The key component is the development of a detailed business continuity plan (BCP), which must include communication procedures, patient prioritisation procedures, and procedures for offline treatment or patient referral. The BCP should also define the roles and responsibilities of an interdisciplinary incident response team.Prevention: This step involves implementing proactive security measures to prevent attacks, including user training, regular system updates, and general protective measures.Detection: This step involves using real-time monitoring tools and processes to identify suspicious activities within systems and networks and enable a prompt response to potential threats.Respond: During the critical phase of an attack, the processes defined in the BCP must be executed. This includes isolating affected systems and implementing continuity of treatment procedures, which may involve using analogue workflows or transferring patients to other hospitals. Recovery: This step involves restoring data and systems from backups, or rebuilding them from scratch, once the attack has been contained. It is important to carefully check the restored and merged data to avoid incorrect documentation or erroneous treatment.Debriefing and continuous improvement: This post-incident step ensures that lessons learned are fed back into the preparation process. It involves a thorough analysis of all steps leading to the adaptation of the BCP.
Made with FlippingBook - Share PDF online