Enhancing cyberattack resiliency through the radiotherapy backup and recovery dashboard tool

Justin Pijanowski; Eric Nguyen; Yasin Abdulkadir; Justin Hink; Yevgeniy Vinogradskiy; James Lamb

doi:10.1002/acm2.70292

. 2025 Oct 22;26(11):e70292. doi: 10.1002/acm2.70292

Enhancing cyberattack resiliency through the radiotherapy backup and recovery dashboard tool

Justin Pijanowski ^1,^✉, Eric Nguyen ¹, Yasin Abdulkadir ¹, Justin Hink ¹, Yevgeniy Vinogradskiy ², James Lamb ¹

PMCID: PMC12544707 PMID: 41126374

Abstract

Purpose

Radiation Oncology departments impacted by recent cyberattacks were unable to access data backups or their Record and Verify (R&V) system and therefore faced challenges to resume patient treatments in a timely manner. We present a novel software tool that backs‐up critical radiotherapy treatment information and displays essential information for on‐treatment patients in an intuitive and accessible dashboard allowing clinics to continue radiotherapy treatments. The purpose of this report is to describe implementation details, challenges, and share open‐source code to facilitate radiation oncology clinics’ efforts to develop tools to improve cyberattack resiliency.

Methods

The Radiotherapy Backup and Recovery Dashboard Tool (RBRDT) performs daily backups of treatment information and relationships between DICOM‐RT objects from the R&V system and treatment planning system (TPS) to a Radiation Therapy Picture Archiving and Communication System (RT‐PACS). If the R&V system is inaccessible, the RBRDT accesses the backed‐up data in the RT‐PACS to create a dashboard containing critical treatment information for patients currently undergoing radiotherapy.

Results

The RBRDT is successfully clinically implemented and generates backups to the RT‐PACS every 10 minutes. Since its implementation in May 2024, the RBRDT backed up over 80,000 RTRECORDS and moved 322 RTPLANS and 142 RTSTRUCTS to the RT‐PACS that were absent from this server caused by human error. The dashboard is generated nightly.

Conclusions

The RBRDT fills a critical gap in existing approaches for radiotherapy treatment data backup and restoration. All relational data is transferred to the RT‐PACS which is accessible during a cyberattack, reducing the reliance on the R&V system. The RBRDT retrieves connected data elements saved in separate locations. In the event of a cyberattack, this data is returned in a dashboard to rapidly resume patient treatments.

Keywords: cyberattack resiliency, radiotherapy backup software, radiotherapy data restoration

1. INTRODUCTION

Radiation oncology is a medical discipline that relies heavily on computerized systems—including treatment planning, delivery, and automated checks to perform nearly all tasks, making departments particularly vulnerable to cyberattacks. Recently, ransomware attacks, a form of cyberattack have targeted Radiation Oncology departments throughout the country. ¹ , ² , ³ , ⁴ , ⁵ , ⁶ , ⁷ , ⁸ These attacks resulted in loss of access to systems critical to patient care, including Electronic Medical Record (EMR) systems, Record and Verify (R&V) systems, and secure communication systems. Consequences include delayed patient treatment, early treatment termination, and higher probability of errors when restarting treatment. Delays in resuming treatment are especially harmful in radiation therapy due to accelerated tumor growth if radiotherapy treatments are missed, ⁹ , ¹⁰ , ¹¹ , ¹² , ¹³ , ¹⁴ , ¹⁵ , ¹⁶ directly translating into worse clinical outcomes. Thus, it is vital to resume treatment safely and quickly following a ransomware attack.

Medical networks and Radiation Oncology departments impacted by ransomware attacks have backup systems for patient and treatment information. However, infrastructure‐level backups, e.g. of entire applications are at risk of themselves being infected with ransomware and may be quarantined per security policy. The University of Vermont Health Network describes ¹ , ² that immediately following the attack, all access to their EMR, R&V system, clinical systems, and secure communication systems were halted, preventing access to their backed‐up R&V server. Patient treatment plans beyond two days following the attack were inaccessible. Health Sciences North ⁴ details the ransomware attack on their network prevented access to their R&V system, forcing them to manually reconstruct each patient record utilizing multiple sources of information. This process involves significant amounts of time, resources, and is prone to human error. Similar manual efforts were taken by other Radiation Oncology departments and healthcare institutions when targeted by ransomware attacks. ⁵ , ⁷ , ⁸

In response, we developed a robust software application called the Radiotherapy Backup and Recovery Dashboard Tool (RBRDT) to mitigate disruptions from potential cyberattacks by providing streamlined backup and retrieval of critical information necessary for continued clinical operations. The RBRDT performs daily backups of treatment records from a Digital Imaging and Communication in Medicine (DICOM)‐compliant ¹⁷ R&V system to a Radiation Therapy Picture Archiving and Communication System (RT‐PACS). The RBRDT accesses the RTPACS nightly to generate a dashboard of critical treatment information for patients currently undergoing radiotherapy, which can be used to rapidly resume treatments if the R&V system is inaccessible. This report describes implementation, challenges, and shares open‐source code to assist other clinics’ bolster their own cyberattack resiliency.

2. METHODS

The RBRDT was implemented for external beam radiation therapy (EBRT) only using the Python software package pynetdicom, ¹⁸ a Python implementation of the DICOM networking protocol. Hosted on a virtual machine, it automatically runs every ten minutes, seven days a week using Windows Task Scheduler. Our R&V system is ARIA (Varian Medical Systems, California, United States) and the RT‐PACS is MIM (MIM Software Inc., Cleveland, OH), however the RBRDT is compatible with any DICOM‐compliant R&V and RT‐PACS system.

2.1. Network Configuration

The ARIA and MIM databases are hosted in separate offsite datacenters. Neither database is cloud‐based. ARIA operates on a virtual server, and MIM is hosted on a physical server, both within our institution's data centers. Our network configuration is displayed in Figure 1. In addition to being in a different datacenter to ARIA, the RT‐PACS is protected using firewall technology. A client connection to the RT‐PACS server through DICOM association requires the client IP address, port number, and Application Entity Title to be known by the server, thus preventing access to the RT‐PACS by any unauthorized clients. Because the two systems operate independently, each with their own servers, firewalls, and access controls, it is unlikely that a cyberattack on ARIA would simultaneously compromise MIM.

Diagram depicting our network architecture and the functions of the RBRDT to back‐up RTRECORDs to the RT‐PACS. 1): Query the R&V system and retrieve RTRECORDs. 2): Compare the returned RTRECORDs to the completed backups. 3): RBRDT initiates a C‐MOVE. 4): Pending backups are transferred from the R&V system to the RT‐PACS. Failed backups are repeated up to seven times. 5: Success or failure status for each backup is returned to the RBRDT. 6): The appropriate logs are updated according to the returned status. 7): Nightly email is generated detailing number of successful and unsuccessful backups.

2.2. RT Record Backup

Figure 1 displays the backup process. After each fraction of EBRT, the linear accelerator (LINAC) sends the treatment details to the R&V system, which can be queried for and retrieved as a DICOM‐RT record (RTRECORD) object. Each morning, the RBRDT initializes a log file that stores the unique identifiers, called SOPInstanceUIDs (UIDs), of the successful RTRECORD back‐ups to the RT‐PACS for that day. The RBRDT sends a C‐FIND request to the R&V to query for all the day's RTRECORDs. This query returns a list of the RTRECORD UIDs that represent the completed treatments. RTRECORDS cannot be queried by treatment time, which would be preferable. Since the average EBRT appointment time is between 15 and 30 minutes, the backup frequency of 10 minutes was chosen to minimize potential loss of unbacked‐up data and avoid excessive strain on system resources from overly frequent backups.

To prevent redundant copying of backed‐up RTRECORDs, the returned RTRECORD UIDs are compared against the UIDs stored in the daily log file. For each unique RTRECORD, the RBRDT sends a C‐MOVE request to the R&V system to transfer this RTRECORD to the RT‐PACS. If the connection to the RT‐PACS from the R&V system fails, or the RTRECORD transfer fails, the RBRDT retries the backup up to seven times. If these attempts fail, the UID of the RTRECORD is added to a failed‐transfer log file. RTRECORD UIDs later backed up successfully will be removed from the failure log file. The RBRDT generates a nightly email to our clinical staff containing the number of successful backups for that day and details of failed backups. Our team manually transfers failed backups from the R&V system to the RT‐PACS. The content of these email notifications allows us to verify the RBRDT system status. A minimal number of backups during clinical operations suggests the RBRDT is non‐operational.

2.3. Hierarchical Search for Referenced Plan Objects

Treatment plan information (RTPLAN, RTSTRUCT, and CT Image) corresponding to each RTRECORD may be needed for patient care during a cyberattack. These objects should exist within the RT‐PACS since our planning workflow pushes plans to the RT‐PACS after plan approval. This manual archiving process is imperfect and therefore the RBRDT checks for existence of these objects and recovers them from the R&V and/or TPS if necessary. Our TPS (Eclipse, Siemens Healthineers, Forcheim, Germany) shares a common database with the R&V (ARIA), but the RBRDT can easily be configured to query a separate TPS. The RTRECORD, RTPLAN, RTSTRUCT, and CT Image are organized as a linked list data structure where each subsequent object is referenced by the one prior. Figure 2 shows how these objects are backed up in the RT‐PACS, which are performed each time the RBRDT runs.

Ensuring Backup of all Related DICOM objects.

Planning objects are referenced by RTRECORDs via their SOPInstanceUIDs. MIM RT‐PACS only supports hierarchical querying, which behaves like tree traversal, where access to a specific node (object) requires providing the UIDs for all levels above it. However, since these higher‐level UIDs (e.g., for Patient, Study, or Series) are not readily available, we implemented a breadth‐first search algorithm to identify the full path to the desired object and all necessary UIDs for the query. Figure 3 shows the DICOM hierarchical tree structure.

Figure detailing the hierarchical query implemented for compatibility with MIM RT‐PACS. Blue rectangles indicate the patient level, green indicates the study level, yellow indicates the series level, and red indicates the instance level. The UID of the previous level must be known to query at the next level.

2.4. Current Patients Dashboard

If a ransomware attack renders the R&V system inaccessible, the RBRDT utilizes the backed‐up data in the RT‐PACS to return critical treatment information in a CSV file for patients currently receiving radiotherapy treatment. This information can be displayed in a human‐readable Excel dashboard. In the situation where Microsoft Office services are offline, the CSV file can be viewed in any text viewer. We define patients currently being treated as those who have not completed all planned fractions and whose most recent fraction was delivered within the past seven days. Our RT‐PACS server only supports hierarchical querying, thus we first query for all records based on the Study Date DICOM tag, indicating when the simulation CT was created. We then filter to obtain the needed RTRECORDs. We select the Study Date to be two months prior to the current date to include patients with long treatments. This query returns a list of UIDs for RTRECORDs within the date span. If multiple RTRECORDs are returned for a single patient, the RBRDT keeps the most recent RTRECORD. These RTRECORDs represent patients undergoing radiotherapy treatment.

Elements of the Excel dashboard, shown in Figure 4, include Patient Name, MRN, DOB, Physician of Record, the number of fractions planned and the current fraction number. In the dashboard, each line will reference one radiotherapy plan and contains the above information. If there are multiple plans per patient, these plans are grouped together, but listed as separate entries on individual lines. In the event where the R&V system is inaccessible, the Excel dashboard will be utilized to swiftly resume patient treatments.

Excel dashboard containing critical information necessary to rapidly resume radiotherapy treatments.

3. RESULTS

The RBRDT is fully implemented in our clinic and performs backups to the RT‐PACS every 10 minutes throughout the day. Numerical results of these backups are shown in Figure 5. To date, the RBRDT has backed‐up over 80,000 RTRECORDS, 322 RTPLANs, and 142 RTSTRUCTS to our RT‐PACS. These RTPLANs and RTSTRUCTS were missing from the RT‐PACS due to human error. The Excel dashboard is generated nightly by the RBRDT and contains the data for the actively treated patients.

Line chart detailing the number of monthly RTRECORD backups since commissioning.

4. DISCUSSION

The RBRDT was designed to aid Radiation Oncology clinics in resuming patient treatments efficiently and accurately following a cyberattack. Challenges overcome included algorithmically determining the patients currently being treated from the DICOM metadata and the implementation of hierarchical querying for DICOM objects from our RT‐PACS.

Zhang et al. ¹⁹ implemented a ransomware‐focused backup system where treatment information was stored on a secure workstation, and a clean R&V system without patient data was installed on a second workstation. If the clinical R&V system was disabled, DICOM objects and EMR files from the secure workstation would be manually transferred to the clean R&V system. The vendor would reconfigure each treatment machine to use this secondary system. This approach is robust but time consuming and vendor dependent. Our methodology supports treatment using the LINAC's file mode with the RTPLAN object. This complementary approach is designed for rapid continuation of treatment until vendor support is obtained.

A limitation of our work is the RBRDT has not been implemented at outside institutions to increase the robustness of the RBRDT. Currently, the RBRDT is compatible with R&V systems and RT‐PACS that support DICOM query and retrieval. For example, radiation oncology clinics using the MOSAIQ R&V system (Elekta, Stockholm, Sweden) must access their relational database using structured query language (SQL) as MOSAIQ is not DICOM compliant for treatment records. The current version of the RBRDT is incompatible with MOSAIQ and other R&V systems that do not have a DICOM query‐retrieve interface.

While ARIA and MIM are not hosted in a cloud environment, a cloud‐based architecture could be implemented. The functionality of the RBRDT would be largely identical if ARIA or MIM were hosted in the cloud. Firewall modifications to allow the RBRDT to associate with cloud‐based servers would not be notably different from our current practices, as our institution adheres to a zero‐trust security framework where network access is tightly controlled, even internally.

Future work includes testing the RBRDT at an institution with an identical R&V system to our own. Secondly, the RBRDT will be modified to backup an R&V system that does not support DICOM query and retrieval, such as MOSAIQ. We are engaged in multi‐institutional cybersecurity simulation exercises designed to prepare radiation oncology clinics for cyberattacks. While a complete description is outside the scope of this manuscript, these comprehensive exercises will implement the functional RBRDT to aid in resuming patient treatments and allow us to improve features of the RBRDT. We plan to further develop the dashboard to include a graphical user interface, increasing user accessibility.

Nelson et al. ²⁰ suggest establishing “siloes” that are exempt from network shutdowns to store relational data. While our current approach demonstrates the concept of the RBRDT, future work involves integrating these suggested siloes into our software to prevent the RBRDT from becoming infected in the event of a cyberattack. Currently, our DICOM data is backed‐up to our RT‐PACS in a datacenter. One implementation of a silo is to deploy a local RT‐PACS workstation in our clinic that allows offline DICOM query and retrieval from this RT‐PACS to eliminate reliance on the hospital network for these tasks. A second approach is shown in Figure 6. An Orthanc ²¹ DICOM server can be deployed on a workstation to serve as a lightweight RT‐PACS. DICOM data can be backed‐up to this Orthanc server and reside locally on the workstation. To reduce time accessing the network, the Orthanc server will remain offline and only activate when the RBRDT is ready to transfer data.

Optional configuration where a Orthanc DICOM server can serve as a siloed RT‐PACS.

5. CONCLUSION

Recent cyberattacks attacks on healthcare institutions demonstrated the vulnerability of networks to this form of attack. The Radiotherapy Backup and Recovery Dashboard Tool (RBRDT) provides Radiation Oncology departments with novel methods to enhance their cyberattack resiliency and swiftly resume patient treatments. The RBRDT source code has been released publicly¹ under the MIT License to aid clinics in their efforts to improve resilience to potential cyberattacks.

AUTHOR CONTRIBUTIONS

Yevgeniy Vinogradskiy and James Lamb developed the concept behind the research. Justin Pijanowski and Eric Nguyen engineered the operational design of the project and wrote the software for this design. Yasin Abdulkadir and Justin Hink supported in developing the software. Justin Pijanowski and Eric Nguyen composed and edited the manuscript under the support and guidance from Yevgeniy Vinogradskiy and James Lamb. Yasin Abdulkadir and Justin Hink provided edits to the manuscript.

CONFLICT OF INTERESTS STATEMENT

The authors have no relevant conflicts of interest to disclose.

ACKNOWLEDGMENTS

Research reported in this publication was supported in part by the Agency for Healthcare Research and Quality under award number 1R18HS030060 and the National Institutes of Health under award number 5T32EB002101‐47.

Pijanowski J, Nguyen E, Abdulkadir Y, Hink J, Vinogradskiy Y, Lamb J. Enhancing cyberattack resiliency through the radiotherapy backup and recovery dashboard tool. J Appl Clin Med Phys. 2025;26:e70292. 10.1002/acm2.70292

Justin Pijanowski and Eric Nguyen contributed equally to this work.

Footnotes

^¹

https://gitlab.com/ucla_rosaml/jpijanowski/rbrdt‐refactored

REFERENCES

1. Ades S, Herrera DA, Lahey T, et al. Cancer care in the wake of a cyberattack: how to prepare and what to expect. JCO Oncology Practice. 2022;18(1):23‐34. doi: 10.1200/OP.21.00116 [DOI] [PMC free article] [PubMed] [Google Scholar]
2. Nelson CJ, Lester‐Coll NH, Li PC, et al. Development of rapid response plan for radiation oncology in response to cyberattack. Adv Radiat Oncol. 2021;6(1):100613. doi: 10.1016/j.adro.2020.11.001 [DOI] [PMC free article] [PubMed] [Google Scholar]
3. Joyce C, Roman FL, Miller B, Jeffries J, Miller RC. Emerging cybersecurity threats in radiation oncology. Adv Radiat Oncol. 2021;6(6):100796. doi: 10.1016/j.adro.2021.100796 [DOI] [PMC free article] [PubMed] [Google Scholar]
4. Oliver M, Pearce A, Stillwaugh L, Leszczynski K. The Impact of a cyberattack at a radiation oncology department: immediate response and future preparedness. Adv Radiat Oncol. 2022;7(5):100896. doi: 10.1016/j.adro.2022.100896 [DOI] [PMC free article] [PubMed] [Google Scholar]
5. Harvey H, Joyce R, Rock K, et al. The impact of a ransomware cyber attack on a breast cancer center. Am Soc Clin Oncol. 2022. [Google Scholar]
6. Nichols EM, Rahman SU, Yi B. The impact of cybersecurity in radiation oncology: logistics and challenges. Appl Radiat Oncol. 2018;4:14‐18. doi: 10.37549/ARO1176 [DOI] [Google Scholar]
7. Flavin A, O'Toole E, Murphy L, et al. A national cyberattack affecting radiation therapy: the Irish experience. Adv Radiat Oncol. 2022;7(5):100914. doi: 10.1016/j.adro.2022.100914 [DOI] [PMC free article] [PubMed] [Google Scholar]
8. Harrison AS, Sullivan P, Kubli A, et al. How to respond to a ransomware attack? one radiation oncology department's response to a cyber‐attack on their record and verify system. Pract Radiat Oncol. 2022;12(2):170‐174. doi: 10.1016/j.prro.2021.09.011 [DOI] [PubMed] [Google Scholar]
9. Shurell E, Olcese C, Patil S, McCormick B, Van Zee KJ, Pilewskie ML. Delay in radiotherapy is associated with an increased risk of disease recurrence in women with ductal carcinoma in situ. Cancer. 2018;124(1):46‐54. doi: 10.1002/cncr.30972 [DOI] [PMC free article] [PubMed] [Google Scholar]
10. Robertson AG, Robertson C, Perone C, et al. Effect of gap length and position on results of treatment of cancer of the larynx in Scotland by radiotherapy: a linear quadratic analysis. Radiot Oncol. 1998;48(2):165‐173. doi: 10.1016/S0167-8140(98)00038-3 [DOI] [PubMed] [Google Scholar]
11. González Ferreira JA, Jaén Olasolo J, Azinovic I, Jeremic B. Effect of radiotherapy delay in overall treatment time on local control and survival in head and neck cancer: review of the literature. Rep Pract Oncol Radiother.. 2015;20(5):328‐339. doi: 10.1016/j.rpor.2015.05.010 [DOI] [PMC free article] [PubMed] [Google Scholar]
12. Hanna TP, King WD, Thibodeau S, et al. Mortality due to cancer treatment delay: systematic review and meta‐analysis. BMJ. 2020;371:m4087. doi: 10.1136/bmj.m4087 [DOI] [PMC free article] [PubMed] [Google Scholar]
13. Haviland JS, Bentzen SM, Bliss JM, Yarnold JR. Prolongation of overall treatment time as a cause of treatment failure in early breast cancer: an analysis of the UK START (Standardisation of Breast Radiotherapy) trials of radiotherapy fractionation. Radiot Oncol. 2016;121(3):420‐423. doi: 10.1016/j.radonc.2016.08.027 [DOI] [PubMed] [Google Scholar]
14. Mohammed N, Kestin LL, Grills IS, et al. Rapid disease progression with delay in treatment of non–small‐cell lung cancer. Int J Radiat Oncol Biol Phys. 2011;79(2):466‐472. doi: 10.1016/j.ijrobp.2009.11.029 [DOI] [PubMed] [Google Scholar]
15. Withers HR, Taylor JMG, Maciejewski B. The hazard of accelerated tumor clonogen repopulation during radiotherapy. Acta Oncologica. 1988;27(2):131‐146. doi: 10.3109/02841868809090333 [DOI] [PubMed] [Google Scholar]
16. Yuan M, Behrami E, Pannullo S, Schwartz TH, Wernicke AG. The relationship between tumor volume and timing of post‐resection stereotactic radiosurgery to maximize local control: a critical review. Cureus. 2019;11(9):e5762. [DOI] [PMC free article] [PubMed] [Google Scholar]
17. NEMA PS3 /ISO 12052. Digital Imaging and Communications in Medicine (DICOM) Standard .
18. Mason DL, et al. pydicom: An open source DICOM library. GitHub. Accessed April 1, 2024. https://github.com/pydicom/pydicom
19. Zhang B, Chen S, Nichols E, D'Souza W, Prado K, Yi B. A practical cyberattack contingency plan for radiation oncology. J Applied Clin Med Phys. 2020;21(7):181‐186. doi: 10.1002/acm2.12886 [DOI] [PMC free article] [PubMed] [Google Scholar]
20. Nelson CJ, Soisson ET, Li PC, et al. Impact of and response to cyberattacks in radiation oncology. Adv Radiat Oncol. 2022;7(5):100897. doi: 10.1016/j.adro.2022.100897 [DOI] [PMC free article] [PubMed] [Google Scholar]
21. Jodogne S. The orthanc ecosystem for medical imaging. J Digit Imaging. 2018;31(3):341‐352. doi: 10.1007/s10278-018-0082-y [DOI] [PMC free article] [PubMed] [Google Scholar]

[acm270292-bib-0001] 1. Ades S, Herrera DA, Lahey T, et al. Cancer care in the wake of a cyberattack: how to prepare and what to expect. JCO Oncology Practice. 2022;18(1):23‐34. doi: 10.1200/OP.21.00116 [DOI] [PMC free article] [PubMed] [Google Scholar]

[acm270292-bib-0002] 2. Nelson CJ, Lester‐Coll NH, Li PC, et al. Development of rapid response plan for radiation oncology in response to cyberattack. Adv Radiat Oncol. 2021;6(1):100613. doi: 10.1016/j.adro.2020.11.001 [DOI] [PMC free article] [PubMed] [Google Scholar]

[acm270292-bib-0003] 3. Joyce C, Roman FL, Miller B, Jeffries J, Miller RC. Emerging cybersecurity threats in radiation oncology. Adv Radiat Oncol. 2021;6(6):100796. doi: 10.1016/j.adro.2021.100796 [DOI] [PMC free article] [PubMed] [Google Scholar]

[acm270292-bib-0004] 4. Oliver M, Pearce A, Stillwaugh L, Leszczynski K. The Impact of a cyberattack at a radiation oncology department: immediate response and future preparedness. Adv Radiat Oncol. 2022;7(5):100896. doi: 10.1016/j.adro.2022.100896 [DOI] [PMC free article] [PubMed] [Google Scholar]

[acm270292-bib-0005] 5. Harvey H, Joyce R, Rock K, et al. The impact of a ransomware cyber attack on a breast cancer center. Am Soc Clin Oncol. 2022. [Google Scholar]

[acm270292-bib-0006] 6. Nichols EM, Rahman SU, Yi B. The impact of cybersecurity in radiation oncology: logistics and challenges. Appl Radiat Oncol. 2018;4:14‐18. doi: 10.37549/ARO1176 [DOI] [Google Scholar]

[acm270292-bib-0007] 7. Flavin A, O'Toole E, Murphy L, et al. A national cyberattack affecting radiation therapy: the Irish experience. Adv Radiat Oncol. 2022;7(5):100914. doi: 10.1016/j.adro.2022.100914 [DOI] [PMC free article] [PubMed] [Google Scholar]

[acm270292-bib-0008] 8. Harrison AS, Sullivan P, Kubli A, et al. How to respond to a ransomware attack? one radiation oncology department's response to a cyber‐attack on their record and verify system. Pract Radiat Oncol. 2022;12(2):170‐174. doi: 10.1016/j.prro.2021.09.011 [DOI] [PubMed] [Google Scholar]

[acm270292-bib-0009] 9. Shurell E, Olcese C, Patil S, McCormick B, Van Zee KJ, Pilewskie ML. Delay in radiotherapy is associated with an increased risk of disease recurrence in women with ductal carcinoma in situ. Cancer. 2018;124(1):46‐54. doi: 10.1002/cncr.30972 [DOI] [PMC free article] [PubMed] [Google Scholar]

[acm270292-bib-0010] 10. Robertson AG, Robertson C, Perone C, et al. Effect of gap length and position on results of treatment of cancer of the larynx in Scotland by radiotherapy: a linear quadratic analysis. Radiot Oncol. 1998;48(2):165‐173. doi: 10.1016/S0167-8140(98)00038-3 [DOI] [PubMed] [Google Scholar]

[acm270292-bib-0011] 11. González Ferreira JA, Jaén Olasolo J, Azinovic I, Jeremic B. Effect of radiotherapy delay in overall treatment time on local control and survival in head and neck cancer: review of the literature. Rep Pract Oncol Radiother.. 2015;20(5):328‐339. doi: 10.1016/j.rpor.2015.05.010 [DOI] [PMC free article] [PubMed] [Google Scholar]

[acm270292-bib-0012] 12. Hanna TP, King WD, Thibodeau S, et al. Mortality due to cancer treatment delay: systematic review and meta‐analysis. BMJ. 2020;371:m4087. doi: 10.1136/bmj.m4087 [DOI] [PMC free article] [PubMed] [Google Scholar]

[acm270292-bib-0013] 13. Haviland JS, Bentzen SM, Bliss JM, Yarnold JR. Prolongation of overall treatment time as a cause of treatment failure in early breast cancer: an analysis of the UK START (Standardisation of Breast Radiotherapy) trials of radiotherapy fractionation. Radiot Oncol. 2016;121(3):420‐423. doi: 10.1016/j.radonc.2016.08.027 [DOI] [PubMed] [Google Scholar]

[acm270292-bib-0014] 14. Mohammed N, Kestin LL, Grills IS, et al. Rapid disease progression with delay in treatment of non–small‐cell lung cancer. Int J Radiat Oncol Biol Phys. 2011;79(2):466‐472. doi: 10.1016/j.ijrobp.2009.11.029 [DOI] [PubMed] [Google Scholar]

[acm270292-bib-0015] 15. Withers HR, Taylor JMG, Maciejewski B. The hazard of accelerated tumor clonogen repopulation during radiotherapy. Acta Oncologica. 1988;27(2):131‐146. doi: 10.3109/02841868809090333 [DOI] [PubMed] [Google Scholar]

[acm270292-bib-0016] 16. Yuan M, Behrami E, Pannullo S, Schwartz TH, Wernicke AG. The relationship between tumor volume and timing of post‐resection stereotactic radiosurgery to maximize local control: a critical review. Cureus. 2019;11(9):e5762. [DOI] [PMC free article] [PubMed] [Google Scholar]

[acm270292-bib-0017] 17. NEMA PS3 /ISO 12052. Digital Imaging and Communications in Medicine (DICOM) Standard .

[acm270292-bib-0018] 18. Mason DL, et al. pydicom: An open source DICOM library. GitHub. Accessed April 1, 2024. https://github.com/pydicom/pydicom

[acm270292-bib-0019] 19. Zhang B, Chen S, Nichols E, D'Souza W, Prado K, Yi B. A practical cyberattack contingency plan for radiation oncology. J Applied Clin Med Phys. 2020;21(7):181‐186. doi: 10.1002/acm2.12886 [DOI] [PMC free article] [PubMed] [Google Scholar]

[acm270292-bib-0020] 20. Nelson CJ, Soisson ET, Li PC, et al. Impact of and response to cyberattacks in radiation oncology. Adv Radiat Oncol. 2022;7(5):100897. doi: 10.1016/j.adro.2022.100897 [DOI] [PMC free article] [PubMed] [Google Scholar]

[acm270292-bib-0021] 21. Jodogne S. The orthanc ecosystem for medical imaging. J Digit Imaging. 2018;31(3):341‐352. doi: 10.1007/s10278-018-0082-y [DOI] [PMC free article] [PubMed] [Google Scholar]

PERMALINK

Enhancing cyberattack resiliency through the radiotherapy backup and recovery dashboard tool

Justin Pijanowski

Eric Nguyen

Yasin Abdulkadir

Justin Hink

Yevgeniy Vinogradskiy

James Lamb