Information security within healthcare is paramount and telemedicine applications present unique security challenges. Technology is giving rise to new and advanced telemedicine applications and understanding the security threats to these applications is needed to ensure, among other things, the privacy of patient information. This paper presents a high level analysis of a telemedicine application in order to better understand the security threats to this unique and vulnerable environment. This risk analysis is performed using the concept of threat tables. This case study focuses on the capture and representation of salient security threats in telemedicine. To analyze the security threats to an application, we present a threat modeling framework utilizing a table driven approach. Our analysis reveals that even in a highly controlled environment with static locations, the security risks posed by telemedicine applications are significant, and that using a threat table approach provides an easy-to-use and effective method for managing these threats.
WMU ScholarWorks Citation
Pendergrass, John C.; Heart, Karen; Ranganathan, C.; and Venkatakrishnan, V.N., "A Threat Table Based Approach to Telemedicine Security" (2013). Transactions of the International Conference on Health Information Technology Advancement. 38.