Summary: A study in JMIR XR and Spatial Computing highlights cybersecurity and privacy risks in healthcare XR applications, noting a lack of research, with information disclosure being a major threat, and calls for further studies and robust security measures in clinical settings.

Key Takeaways

  1. There is a significant research gap regarding cybersecurity in healthcare extended reality (XR) applications, with only 3 out of 29 studies addressing healthcare-specific use cases.
  2. Information disclosure, compromising patient confidentiality, is identified as the most critical potential threat in using XR in healthcare.
  3. Most risk mitigation strategies for XR in healthcare have not been tested in real-world settings, prompting calls for further research and stronger security measures.

——————————————————————————————————————————————————————————————

A new study in JMIR XR and Spatial Computing highlights cybersecurity and privacy risks in healthcare extended reality (XR) applications, identifying potential threats and offering strategies for mitigation.

XR Cybersecurity Research Gap in Healthcare 

The scoping review found few studies that specifically addressed cybersecurity in the context of XR use in healthcare. Of the 29 studies examined, only three described healthcare applications or services, underscoring a critical research gap. Information disclosure—where personal and health-related data could be leaked, compromising patient confidentiality—was identified as the most significant potential threat of using XR systems in healthcare.

Although various risk mitigation strategies were identified, most solutions have not been tested in clinical settings, raising concerns about their effectiveness in real-world healthcare applications. The study authors call for further studies to evaluate the safety and suitability of XR systems in medical environments and suggest that healthcare providers assess the risks of each XR application based on the potential benefits and vulnerabilities.

Why Healthcare Needs Robust Security

“The specific cybersecurity and privacy risks presented by XR technology should be considered as a part of system-wide digital risk management frameworks by health organizations, within their proposed context of use, intended purpose, and perceived benefits to healthcare delivery and individuals,” says Nilufar Baghaei, one of the study authors.

While XR use in healthcare continues to grow, this study urges the healthcare sector to prioritize developing and implementing robust security measures as the technology becomes more integrated into clinical practices.