Table 4 Threats identified for BP2: “Access the medical record of a foreign patient”
ID | Type | Assets | Malicious actors | Description/Example scenario |
|---|---|---|---|---|
T1 | Spoofing | All information assets | Other actors without a clear role in the BP | An external actor could pretend to be legitimate, in order to get the HCP credentials and use them to access information (e.g. patient’s medical record), on behalf of the HCP. |
T2 | Tampering | All information assets | Other actors without a clear role in the BP | A malicious user could (perhaps combined with a spoofing attack) modify the information assets (e.g. the patient’s medical record or the HCP’s credentials) in a malicious way for social, financial or for personal reasons. |
T3 | Repudiation | All information assets | HCPs | Deny accessing medical information to avoid legal consequences upon an HCP (e.g. in a case of a medical error). |
T4 | Information disclosure | All information assets | HCPs and other actors without a clear role in the BP | An HCP could provide access to a patient’s medical record, aiming at patient’s financial or personal harm or for personal financial benefit. |
T5 | Denial of Service | Medical record information | Other actors without a clear role in the BP | Hinders access to the respective services, aiming to cause damage to the patient or the healthcare organization providing the medical services. |
T6 | Privilege Elevation | Medical record information | Other actors without a clear role in the BP | Assign privileges to one or multiple medical records aiming at exploiting or damaging data, or alternatively aiming at patients’ financial or personal harm. |
T7 | Physical stealing | Physical authentication means | Other actors without a clear role in the BP | Stealing the eID card of the HCP could facilitate spoofing, information disclosure and privilege elevation. |