Author: Dr Isabel Straw, developed as part of the H-R3P Programme at UC San Diego
Welcome to the CIPHER platform - an open source project developed to improve patient safety during healthcare cyberattacks. Our project website provides the three key resources associated with this project, including the CIPHER models which have additional functionality beyond the demo models on our associated Github page. Please note, the full details of the project, including dataset access, underlying code and each software release can be found at the following links:
GitHub Repository: The CIPHER Project Github provides the datasets that underpin our models and demo code for building your own models or adapting to local context: github.com/cipherproject/cipherproject.github.io
Zenodo Page: Find citation and download details on Zenodo publication page: https://zenodo.org/records/17344644
The aim of CIPHER was to collect the data required to map patient-level harms from healthcare cyberattacks, facilitating the development of models capable of (1) predicting clinical impact on patient care over time and (2) identifying at risk patient groups during diverse cyberattacks. When patients have been harmed during hospital cyberattacks - such as in the case of a patient death in Germany and a baby ransomware death in the USA - clinicians frequently cite lack of institutional preparedness and awareness of at-risk patient groups as contributing factors.
Our models seek to "minimise clinical surprise" during hospital cyberattacks, by modelling the adverse patient safety incidents likely to emerge over time based on evidence collected from previous hospital cyberattacks. In the wake of a cyberattack our models offer a resource to healthcare managers and practitoners, to aid in identifying the vulnerable patient groups at-risk of life-threatening illness and injury and thus implement clinically-grounded response efforts. To develop these models we have built a series of databases and resources describing cyber-induced patient harm, which can be explored below:
The Hospital Attacks Map: Built from a systematic review of global hospital cyberattacks, the interactive map details technical and clinical components of hospital cyberattacks (e.g. ransomware, DDoS attacks), facilitating international comparisons. In our review of 50 case studies of hospital cyberattacks we extracted patient-level harms reported by clinicians and researchers, combining these into one academic dataset, which forms part of the full CIPHER Database.
The Social Media Impacts Dataset: To create a database of patient harms during cyberattacks we also extracted publicly available social media posts, to complement the reports from the academic lierature. The Social Media Impacts Database illustrates our findings from the Reddit data, providing comprehensive reports of harm experienced by patients (and their relatives), that have been posted online. Follow the link below to explore these stories, categorised by clinical domain (e.g. paediatrics).
The CIPHER Cube Models: In this section you will find the main output of our research - the CIPHER Cube Models formed from the full CIPHER Database. The CIPHER Database (available on our Github) contains all the identified cyberattack induced patient harms from the academic data and the social media, with each harm being categorised by the most relevant clinical specialty and the technical domain that was affected. Harms are also mapped over time, from the first hour to the fourth week after the hospital cyberattack onset. Access the models to view over 300 cyberattack-induced harms and use the additional functionality to view speciality-specific planes and build time-series graphs that model evolving clinical impact.