Hospital resilience: AI status report to raise attention to undesirable trends

Contents

Telekom MMS and the University Hospital Bonn (UKB) have developed a prototype AI-supported situational awareness system to ensure the security of care in hospitals even in the event of IT disruptions or targeted cyberattacks. The solution brings together data from previously separate sources to give those responsible a central overview of the system status and use AI to predict potential problems. The aim is to use it productively in the future to strengthen the resilience of hospital operations.

As part of the critical infrastructure, hospitals are increasingly the target of cyberattacks, which can have serious consequences for patient care. The system developed is designed to visualize data from the hospital information system (HIS), asset management, monitoring, and SIEM systems in a central dashboard. “The safety of our patients is our top priority. The situation picture helps us to remain capable of acting even in critical situations,” explains Dieter Padberg, Director of Information Technology at the UKB.

AI as an early warning system

A central component of the system is an AI module that not only analyzes the current situation but is also designed to make predictions about possible undesirable developments. According to the project partners, the aim is to manage an impending “flood of information in a crisis,” filter out the relevant data, and prioritize it. In later expansion stages, the AI will also generate specific recommendations for action and evaluate the effectiveness and possible side effects of countermeasures.

In the event of a disruption, for example, the system should indicate which processes are affected and automatically suggest alternatives. In the event of an IT failure, for example, patient flows could be redirected or staff resources reallocated.

Splunk basis and role-based views

The technical basis for the situation picture is the Splunk platform, which is supplemented by the aforementioned AI module. The system is designed to run independently of the hospital's main systems so that it is available even if they fail. The user interface offers role-based views that are tailored to the respective needs of hospital management, IT staff, or nursing staff.

Although the prototype was developed specifically for use in the healthcare sector, the partners consider the concept to be transferable to other sectors of critical infrastructure, such as energy and water supply or the transport sector. It has not yet been announced when the system will go live at Bonn University Hospital.

IT security service provider Cisco is pursuing a similar approach and has modernized the IT infrastructure at Osnabrück Hospital, for example. Here, network and security products, supplemented by cloud-based “ThousandEyes” technology, are to ensure comprehensive monitoring of network connections and application performance; the aim is to detect problems early and resolve them automatically to safeguard ongoing operations. Axis Intelligence, on the other hand, addresses the issue of infrastructure monitoring with AI-supported, scalable monitoring and security solutions that are specially designed for facility and IoT management in healthcare facilities.

Political pressure on operators is growing

The initiative at Bonn University Hospital comes at a time when politicians are also tightening the requirements for the resilience of critical infrastructures. For example, the Critical Infrastructure Umbrella Act recently passed by the cabinet aims to oblige operators to take stricter measures for physical protection and stipulates resilience plans and a reporting obligation for incidents. However, critics such as the Critical Infrastructures Working Group (AG Kritis) describe the draft as a “toothless tiger” and criticize the fines, which are considered to be too low. The proposed legislation is part of the implementation of the EU's NIS2 Directive, which at the same time transposes stricter cybersecurity requirements into German law and further increases regulatory pressure on operators.

(mack)