Towards Autonomic Security Management of Healthcare Information Systems

With the fast development of information and communication technologies over the past decade, Healthcare Information Technology (HIT) has been widely implemented for health stakeholders to access, modify, share Electronic Health Records (EHR) with a low cost of the facility, data and application maintenance. Due to the high value of healthcare data and lack of investment in cyber security, vulnerabilities of Healthcare Information Systems (HISs), especially data of EHR systems are exposed to attackers [1], [2]. This paper first introduces the network structure of the HIS and the communication standards for health data transmission among patients, hospitals, pharmacies, and insurance companies. After that, we introduce the Health Level 7 (HL7) standard in details and discuss the current security challenges of HISs. We also illustrate how to simulate attacks that exploit HL7 message vulnerabilities. An Autonomic Security Management (ASM) approach is designed for proactively self-protecting a HIS from internal and external attacks. The performance of a HIS can be monitored in real time, and potential attacks that may disrupt HIS services are predicted by the intrusion estimation module. The functionality and feasibility of intrusion detection systems for detecting known and unknown cyber attacks threatening the confidentiality and integrity of EHRs are presented. The intrusion response system of the ASM approach selects the most appropriate protection mechanisms to recover the compromised HIS back to normal with little or no human intervention.