Prévention, protection, et gestion des cyberattaques en oncologie radiothérapie : recommandations interprofessionnelles au nom de la Société française de radiothérapie oncologique

Cybersecurity is currently a major issue. Large hospitals are no longer the only main targets of attacks, but all healthcare organizations and establishments, without distinction of size or activities. The information system is defined as all the resources needed to collect images, store and process them with general distribution of multiple information within an organization. Systems are therefore crucial for the functioning of a medical department. Radiation oncology is one of the specialties most dependent on digital resources, for imaging, data transfer, dosimetry, treatment and so on.. Radiation oncology departments are therefore a prime target for ransomware attacks, which have increased significantly in recent years. Cybersecurity can be likened to a viral or bacterial attack. It is based on the two usual pillars of antimicrobial protection : hygiene and prophylaxis. In this article, we will detail by analogy the three classic levels of prevention of a bacillary attack: "primary prevention", which acts upstream of the infection; "secondary prevention", which acts at an early stage of its evolution; and "tertiary prevention", which acts on complications and risks of recurrence. This article is the result of an interprofessional group on behalf of SFRO, the French society of radiation oncology, with the aim of helping all teams to implement safety adapted to the specificities of a radiation oncology department in France.