Howtoreadthisbook
Healthcarehasbeenaroundforthousandsofyears,certainlysincelongbeforetheHippocraticOathtodonoharm (figure1.1).Incomparison,digital isverynew,hardlyablinkofaneye.Unsurprisingly,healthcareanddigital technologyhaven’tyethadthetimetoworkouthowtoworkwell together
FixIT:Seeandsolvetheproblemsofdigitalhealthcare isabookabout digitalhealthcareandhowithasanimpactonallofus,bothpatientsand healthcareprofessionals.Theuniquecontributionofthebook FixIT isto show,withlotsofpowerfulstories,howsurprisinglyriskydigitalhealthcare is.Oncewestarttobeshockedbyitsproblems,it’seasytoseehowdigitalhealthcarecanbemade muchsaferforeveryone’sbenefit,forpatients andtheirfamilies,aswellasforstaff.Digitaltechnologiescancertainlybe improvedtomakehealthcaremoreeffective,butso,too,couldhealthcare changetomakeiteasierfordigitaltohelpit.Itshouldbeacollaboration, notaone-waystreet.
FixIT isdividedintothreeparts:
Part1 ⋄ Diagnosis ⋄ Riskierthanyouthink —Iwantyoutoseethe unnoticedrisksofdigitalhealthcare,andtheseriousproblems thatarisewhendigitalismisunderstoodandmisapplied.
Part2 ⋄ Treatment ⋄ Findingsolutions —Iwantyoutoseethat digitalhealthcare’sproblemsarefixable.Therealsolutionsaren’t justaboutgettingnewerormoreexcitingstuff;thesolutionsare aboutthinkingmoreclearlytounderstandwhatweneed,and howtoinnovate,design,andimplementdigitalhealthcaremore reliably.
Part3 ⋄ Prognosis ⋄ Abetterfuture —thereisapossible,much better,safer,andfarmoreeffectivedigitalhealthcareforallofus. Thefinalpartofthebooksketchestherealdigitalpromise.
Figure1.1. Healthcareisasoldashumanity,butthinkingclearlyabouthealthcarecamelater.Someoftheearliest“modern”writingonhealthcarewasbyHippocrates.1 AlthoughHippocrateslivedaround400 BC,thisistheoldestsurviving HippocraticOath,writtenonafragmentofthePapyrusOxyrhynchusdatingfrom around300 AD.Thinkingclearlyaboutdigitalhealthcareisalreadylongoverdue.
Allchaptersin FixIT havestoriesthat’llbeofinteresttopatientsandto healthcareprofessionals.Allthematerialusedinthisbookiseitherinthe publicdomain(andfullycitedinthebook’snotes)orhaspermissionfrom thepeopleinvolved.Thisopenapproachisessentialtotheintegrityof Fix IT,andthereasoningbehindthisopennessisdiscussedlaterinthebook.a Thedigitalindigitalhealthcarecannotbeavoided.Thereare,therefore, afewslightlytechnicalchaptersinthisbook,whichwillbeofspecialinterest toprogrammers,developers,andregulators—thisbookwillbecomeauseful referenceforthem.Thesechaptersarehighlightedwitha1960scomputer chip(amodernonewouldbesmallerandhardertosee),bothinthetableof contentsandinthemarginsofthechaptersthemselves,drawnlikethis:
There’salotofjargonbothinhealthcareandindigitaltechnology,oftenmakingthingshardertounderstand.Sometimesit’shardtoknowwhen whatappearstobeanordinaryeverydayphrasehasaspecialistmeaning.So, whenIintroduceaspecialistterm,it’sbeenhighlightedin bold toavoidany confusion.
a SeeChapter 35:Healthcareopennessandacknowledgments,page 553 →
1Howtoreadthisbook 1
Digitalhealthcareismuchriskierthanwethink,butitcanbe madefarmoreeffectiveandmuchsafer.Thisbooksplitsup theactionintostoriesofproblems,thesolutions,andthenthe betterfuturewecanreach.
PartI Diagnosis ⋄ Riskierthanyouthink
2Wedon’tknowwhatwedon’tknow 15
Forthousandsofyears,healthcarewasheldbackbecausewe couldn’tseeanddidn’tunderstandthegermsmakingusill. Today,healthcareisbeingheldbackbecausewedon’tsee computerbugs,andwedon’tunderstandtheriskscausedby them.
3CatThinking 25
CatThinking explainsourloveofallthingsdigital.Our hormone-drivenloveoftechnologyoverridesobjective thinking.Thinkingthatcomputersarewonderful,wefeelwe don’tneedtoworryaboutlookingforrigorousevidencethat theyaresafeandeffective.
4Dogsdancing 33
Lookcarefullyforthem,andyou’lluncoverlotsofstoriesof digitalhealthcarebugs.Thischapterhaslotsofexamplesof buggydigitalhealth.
5Fataloverdose
DeniseMelansondiedafteracalculationerrorthatledtoa drugoverdose.Whatcanwelearnfromtheincident?
6SwissCheese
SwissCheesefamouslyhasholes,whichcanrepresentthe holesandoversightsthatleadtoharm.The SwissCheese Model hasbecomeapowerfulwaytohelpthinkmoreclearly abouterrorsandharm.
7Victimsandsecondvictims
Whenpatientsareharmed,staffoftengetblamed— especiallywhennobodyrealizeshowdigitalsystemscango wrongandcreatetheproblems.
8Sideeffectsandscandals
WeacceptthatmedicalinterventionslikedrugsandX-rays havesideeffects.Itmakesalotofsensetothinkofdigital healthcareashavingsideeffectstoo,andthereforeitshould beevaluatedandregulatedascarefully.
9Thescaleoftheproblem
Wedon’tknowhowmanypeoplearedyingorbeingharmed fromerrorsinhealthcare,letalonethosecausedbydigital errors.Whatarethefacts,andwhatcanwedoaboutit?
10Medicalappsandbugblocking
Medicalappsareverypopular,buttheyareaspronetobugs asanyotherdigitalsystem.Thischaptergivessometypical examplesandbeginstosuggestsolutions.Likealldigital healthcare,appscouldbedesignedtoblockbugsandavoid theharmsthatfollow.
49
61
69
81
109
121
11Carsaresafer 137
Thecarindustryhasmadecarsmuchsafersincethe1960s. Whatcanwelearnfromcarsafetyandfromwhycarsafety improvedtohelpimprovethesafetyofdigitalhealthcare?
12SafetyTwo 145
Focusingonthebadstuffisthetraditional SafetyOne approach.SafetyOneisunconstructive.Instead, SafetyTwo meansfocusingondoingmoregood.SafetyTwoemphasizes doingmoregoodthingsandthereforesqueezesoutthebad things.
13ComputationalThinking
There’salotmoretodigitalhealththanbeingexcitedabout digitalcomputing.Weneedtolearnhowtothinkcomputationallytotakefulladvantageofdigital. Computational Thinking isthematurewaytothinkaboutcomputing—and digitalhealthcare.
(Don’tforgetthatthecomputerchip meansthatthisisa moretechnicalchapter.)
14Riskycalculations
Drugdosesandotherformsofpatienttreatmentrequire detailedcalculations.Calculationerrorsareoneofthemost commontypesoferrorandtheycouldbereducedinmany ways.Calculatorsthemselvesignoreerrors,andtheyshould befixediftheyaregoingtobeusedinhealthcare.
15Who’saccountable?
Softwarewarrantiesgenerallydenyallliabilityforproblems. Manufacturersanddevelopersshouldberequiredtobemore accountable.Everyoneneedstobeconstantlycuriousabout improvingsystemsandreportingproblems.
151
177
193
16Regulationneedsfixing
Digitalhealthcareneedsmuchbetterregulation—and regulationneedstokeepupwiththeuniqueissuesofdigital healthcare.BetterregulationisaSafetyTwoapproach: regulateforbetterprocessestostopthingsgoingwrong.
17Safeandsecure
Cybersecurityisaseriousproblemforallcomputersand digitalsystems.Inhealthcare,patientsafetyisparamount, butinthewiderworld,securityhasahigherprofilethan safety.Bothhaveproblemscausedbypoorprogrammingand allthedesignanddevelopmentprocessesthatprecedeactual coding.
201
211
18Whoprofits? 225
Whoisprofitingfromourdata?IsArtificialIntelligence(AI) thesolutiontobetterhealthcare?
19Interoperability
Interoperability —or,rather,lackofinteroperability—isa besettingprobleminhealthcare.Weneeddigitaltowork seamlessly—tointeroperate—acrossallspecialties, disciplines,andhealthcareinstitutions(takingdueaccountof privacy,cybersecurity,andsoon).Itrequiresnewthinkingto getthere.
20HumanFactors
Understandinghowhumansmakemistakesinpredictable waysisthefirststeptowardsmakingfewermistakes.This appliestoclinicians,andmostespeciallytoprogrammers— whosemistakesendupasbugsaffectingthousandsofusers.
21ComputerFactors
Understandinghowcomputerscanavoidbugsandmistakesis thefirststeptowardprogrammingsaferandmoredependable systems.Thischapterintroducessomeimportantsoftware engineeringideasthatcanhelpmakesaferdigitalsystems.
245
259
277
22UserCenteredDesign
Howevergoodacomputersystemis,itstillneedstodowhat’s needed—notwhatwethinkisneeded. UserCentered Design findsouthowpeoplereallyusesystems,andhowto improvetheirexperienceandreliability.
23IterativeDesign
UserCenteredDesignmeansfindingouthowsystemsare usedwiththeirrealusersdoingrealtasks.Theinsightsfrom workingwithusersleadstodesigninsightsandwaysto improvethesystems.Theseideasareformalizedinthe importantideaof iterativedesign
24WedgeThinking
Developersandprogrammersneednoqualificationsto developdigitalhealthcaresystems.Weneedtodevelopa qualificationstructurefordigitalhealthcare,anddomuch moreresearchondigitalsafety.Bothwillhaveahugeimpact onfrontlinesafety.
25Attentiontodetail
Whyispoor-qualitysoftwaresowidespread?Simplebugs mightseemtrivial,buttheyareverycommonanddon’thelp patientsafety—theymakeeveryoneinefficientand error-prone,ifnothingelse.Healthwouldimproveifwepaid attentiontodigitaldetails.
26Planesaresafer
Aviationsafetyreliesongettingverycomplexengineering right,andit’sgettingsaferandsafer.Whatcandigital healthcarelearnfromaviationandaviationengineering?
27Storiesfordevelopers
Weshouldprogrambettersothatdigitalhealthcaregets safer,whichisaSafetyTwoapproach. FormalMethods is widelyusedinsafety-criticalindustries,butnotoftenenough inhealthcare.Here’swhyFormalMethodsisneeded,and howitworks.
301
313
325
337
347
367
28Findingbugs 383
Althoughithelpseverythingelse,FormalMethodsisn’t enoughonitsown.Thoroughtestingisessentialtoensure thingsreallyworkwell,especiallywhenthingsaregoingtobe usedincomplexenvironmentslikehealthcare.
29Choosesafety 401
Let’shaveareliablewayofclearlyseeinghowsafesystems are,sothatwecanmakechoicesbasedonevidenceand improvesafety.
PartIII
Prognosis ⋄ Abetterfuture
30Signsoflife 417
We’veemphasizedproblemsandsolutionstoproblems,but ofcoursedigitalcandosomefantasticthingstoo.This chaptercollectssomepositivestoriesaboutdigitalsuccesses andhowdigitalcantransformlives.
31Thepivotalpandemic? 437
ThehorrificCOVID-19pandemichasforcedhealthcare systemstoinnovateindigitalhealth.Somechangeshave beenamazing,liberatingpatients,andprotectinghealthcare staff—butsomehavebeenratherworrying.Whatcanwe learn?
32Livinghappilyeverafter
There’safutureworldwheredigitalhealthcareworks,and workswell.Here’showtogetthere.
33Goodreading
Thisbookisn’ttheendofthestoryaboutdigitalhealthcare, anditsproblemsandsolutions.Thischapteron recommendedreadinggiveslotsofsuggestionstohelptake yourthinkingfurther.
34Notes 497
Supportingthisbookareover500notesandreferencesondigitalhealthcareandpatientsafetyincidents.Thesenotescover mediastories,peer-reviewedcutting-edgeresearch,aswellas nationalandinternationalreports.
Notesin bold areespeciallygoodsourcesforfurtherreading.
35Healthcareopennessandacknowledgments 553
Traditionalhealthcareviewsofconfidentialityarechallenged bydigitalhealthcare.Thischapteralsoincludesheartfelt thankstoallthepatientsandhealthcarestaffandothers who’vetoldtheirstoriesandbroughtthisbooktolife.
HaroldThimbleby 557
Fontsforcancer 559
Index 561
Boxes
Box2.1Malware,Trojans,Bugs,Viruses… 19
Box2.2FixIT—thebigpicture 21
Box3.1Successbias 29
Box4.1Bugsareoftenobviousinmanuals 45
Box5.1Usingacalculator 51
Box6.1Programmingwithbettercheese 64
Box6.2Designerrorscauseuseerrors 65
Box7.1TheBlameGame 75
Box8.1BRAN:Benefits–Risks–Alternatives–doNothing84
Box8.2CalculatingdrugdosageonaGrasebysyringedriver87
Box8.3Designtrade-offs 88
Box8.4SideeffectsandthePrincipleofDualEffect 90
Box8.5Designawardsignoresafety 96
Box9.1Risksofmakingcomputers“easiertouse” 112 Box9.2WHO’sglobalfactsonpatientharm 114
Box10.1Alwayssay“useerror”not“usererror” 123
Box10.2Usingwilddataasaworkaround 134
Box11.1Theproblemsofbuyinglemonsandsellingpeaches141
Box12.1Whatencouragessuccess? 146
Box12.2Theorange-wiretest 148
Box12.3Nevereventsandalwaysconditions 149
Box13.1TheBritishEDSACcomputer 157
Box13.2Reproducibilityisessential 161
Box13.3Medical“algorithms”aren’tdigitalalgorithms 173
Box14.1Handhelddevicesmayhaverealbugs 178
Box14.2Austeritybyspreadsheet 185
Box14.3Solvingahindsightproblem 188
Box16.1Drugregulationandfakedrugs 206
Box17.1Ransomwareandcyberextortion 213
Box18.1Simpson’sParadox 231
Box18.2Problemswithspellingcorrection 237
Box18.3Digitalandpharmaceuticaldevelopmentcosts 241
Box19.1Addingvalueormanagingrisk? 251
Box19.2Interoperabilityisn’tjustadigitalproblem 254
Box20.1Magicmakesdigitalhealthcaresafer 262
Box20.2SimplisticHumanFactorsbackfires 268
Box20.3Risksofinternationalcodeandpoorcodereview 273
Box21.1Theetymologyandentomologyofbugs 278
Box21.2Goodprogramshaveassertions 291
Box21.3NewerComputerFactors 298
Box22.1Howmanyusersisenoughforsafedesign? 304
Box22.2Cloneddocumentation 310
Box22.3ExternalizingUserCenteredDesign 311
Box23.1Howdoyouknowwhennothinghappens? 314
Box23.2DonnaMeyer’spersona 322
Box24.1ParallelswiththeGermanEnigma 329
Box25.1Digitalinternationalization 344
Box26.1ThescandalofAlternativeSummaryReporting 353
Box26.2Anaviationanalogy 355
Box26.3TheDunning-KrugerEffect 358
Box26.4Legoworkshops 359
Box27.1Epic’sdaylightsavingandY2K 373
Box27.2Nevereventsandgoodprogramming 376
Box28.1Don’tusebadprogramminglanguages 385
Box29.1Exampleevaluationcriteria 409
Box30.1Earlycomputerdiagnosis 424
Box31.1The1918SpanishFlu 444
Box31.2Simpleethicalquestions? 450
Box32.1IntroducingtheIEC61508standard 460
Box33.1DigitalchaosnearlyhadadoctorremovedbySecurity493
Forthousandsofyears, healthcarewasheldback becausewecouldn’tseeand didn’tunderstandthegerms makingusill.Today, healthcareisbeingheldback becausewedon’tsee computerbugs,andwedon’t understandtheriskscaused bythem.
Wedon’tknow whatwedon’tknow
WorkinginViennaGeneralHospital,backinthe1840s,IgnazSemmelweis noticedthattwomaternityclinicshadverydifferentdeathrates:onedeath ratewasdoubletheother,andhis,unfortunately,wastheworseone.2 Semmelweisstartedtostudyeverythingtotryandworkoutwhatthereasonswere.Manymothersweredyingofthehorribleandusuallyfatalpuerperalfever.3 Hediscoveredthattherewerelowerdeathratesinthesummer. Thenhenoticedthestudentdoctorswentdowntowninthesummer—but inwintertheypreferredtostayinthewarmhospital.Thenhenoticedthat whenthestudentswereinthehospitaltheyattendedpost-mortems.
Hegraduallycametotheconclusionthatthings,whichhetentatively called“cadaverousparticles,”werebeingcarriedbythestudentdoctorsfrom thepost-mortemsaroundthehospital.Thestudentdoctorsexamineddiseasedbodiesinthemorgueandthenwalkedovertoseepatientsonthe wards.Today,wewouldcallthatprocesscross-infection,butSemmelweis hadnosuchmodernconceptstounderstandwhatwasgoingon.Nevertheless,heinstitutedhandwashingtostoptheparticlesgettingaround (figure 2.1).Thedeathratedulyratewentdown.
Beforehandwashing,thematernaldeathratehadaveragedabout10% (deathsperbirths),andwassometimesover30%inwintermonths.After institutinghandwashing,Semmelweiseventuallygotthedeathratedownto zeroforacoupleofmonths,despitehaving537birthsinthesameperiod.
UnfortunatelySemmelweislosthisjob—hiscolleaguesfoundhimirritating.Thesuccessdidnotcontinue,anddeathratesroseagain.Semmelweisfinallydiedinignominy.Today,however,heisahero,especiallyin midwiferyandstatistics.It’sinterestingthathisveryearlyuseofstatisticsin healthcareuncoveredthecauseofaproblemandhelpedfindasolution,yet withouthiseverunderstandingtheinvisiblemicrobesbehindhisdiscovery.
Riskierthanyouthink
Figure2.1. AromanticizedpictureofIgnazSemmelweisoverseeinghandwashing inhishospitalward,sometimearound1840.
Allcredittohim,Semmelweis’sobstetriciancolleague,BernhardSeyfert, decidedtodoanexperimenttoo.Seyfertfoundthatwhenhegothisstaffto washtheirhands,thefrequencyandseverityofdiseasedidnotimprove.
Why?
Seyfert’sdoctorswereonlygoingthroughthemotions:theywereonly dippingtheirfingersinthewater.But,crucially,theyhadallbeenwashingtheirhandsin thesamewater—andafterafewdaysofuseithadbecomeopaque!WenowunderstandSeyfert’sproblemeasily:asmuchashe mighthavethoughthisdoctorswerewashingtheirhands,theywereactually cross-infectingeveryone.Eventhedoctorswhodidn’tgotopost-mortems werenowgettinginfected,probablythroughhandcontactwiththosewho did“wash”theirhands,orwiththingsthatwerealreadycontaminated.
Today,wetakecleanwater,sinks,taps,andwashinghandsforgranted. Wetakecleaningsurfacesforgranted.ButSeyfertdidn’tevenhaverunning tapwater.Seyfert’soriginalhygienemusthavebeendreadful,seeingashis experimentapparentlydidn’tincreasedeathrates.
Semmelweishadshownthattherewasarigorousinterventionthatsaved lives,basedonevidence.Itwasonlylater,withthedevelopmentofLouis Pasteur’s germtheory,thattherewasagood explanationforwhythein-
terventionworked.Germs,whetherbacteriaorviruses,causediseases,but ifyoudon’tknowaboutbugs,thentheinterventionsdon’tmakesense.
Wearestillmakingprogresswithmorecuresforbugs,andwearestartingtorealizetheproblemsofover-prescribingantibiotics,whichcausebacteriatoevolveandgethardertotreat.Ofcourse,nearlytwohundredyears later,handwashingisoneofthefirstlinesofdefenseagainstspreadingthe COVID-19pandemic.
Inthis,thetwenty-firstcentury,wearestartingtoseethatthereare other invisiblebugsthatalsoaffecthealth.Wedon’tunderstandcomputerbugs, letalonetheircures,andpeoplearebeingharmedandsomearedyingunnecessarily.
AbitlikeSemmelweis’swell-meaningcolleagues,wetendtohangonto ourloveoftheoldwaysratherthanfaceuptothefactthatmaybewecould bedoingbetter.Weneedtorecognizethefactthatdigitalhealthcarehas bugs,andthesedigitalbugsmakehealthcarerisky innewways.Digitalis everywhere;digitalbugsareeverywhere.
Untilwegraspthat,andtakeamorematureapproachtomanaging“digitalhygiene”weareasgoodaswashingourbuggyhandsinthesamewater aseveryoneelseandjustmakingthingsworse.
Somepeoplegetfussyoverwhatacomputerbugis,andsayprogramsare onlybuggywhentheyfailtodowhatwasspecified.Inthislight,bugsare programmingerrors—weknewwhatweweresupposedtodo,butsomehow thingswentawry.InthisbookIwanttotakeabroaderview.Whencomputersdothewrongthings,wecallthosethings bugs.Strictly,thebugsare theerrorsthatmakethecomputerdothewrongthings.Thewrongthings themselvesarethesymptomsofthebugs,butit’sstraightforwardtocallthem bugstoo.
Imagineadigitaldevice,likeyourphoneoradruginfusionpumporyour laptopcomputer,anditjuststopsworkingandbecomesunresponsive.It lookslikeit’scrashed.
Thisisclearlyabug.Oftenifyouswitchiton,oroffandonagain,it’ll resetitselfandyoucancarryon.Resettingitclearsthedevice’smemory, andhopefullyremoveswhateverproblemsthebugcausedorwasconfused about.
Ormaybeit’sstoppedworkingbecauseithasaflatbattery.Isthatabug? Diditwarnyouthebatterywaslowsoyouhadachancetofixtheproblem? Itwasabugifitdidn’twarnyou,especiallyifyouwerelikelytolosework fromtheproblem.
Let’ssayyourechargethebattery,butthedevicehasstilllostyourwork. Yourworkwasprobablystoredinvolatilememory,whichislostwhenthereis nopower.Adifferentengineeringdesignchoicewouldhavehadeverything storedinnon-volatilememory(likeadisk)soitshouldneverdisappear. Ifyoumeettheprogrammers,theysaytheydidexactlywhattheywere
18 | CHAPTER2
toldtodo—theysaytheycorrectlyimplementedthespecification.Soif you’vegotaproblem,it’snotwiththemortheprogrambutwiththespecification,andthat’snottheirfault.They’darguethatsincetheyweresupposed toprogramit,ifitworksastheythoughtitshould,thenitcan’tbeabug!
Soalthoughwecanthinkoflotsofdifferentexplanations,theendresult isabug.Iftheusercan’ttellthedifference,orcan’tworkoutthecause, whetherit’sadesignfaultorasoftwarefault,let’scallitabug.Itshouldnot havehappened,andtheuserisinconvenienced.
Aspecialcaseofbugisnotamistakebutisa deliberatedeception.Like anyotherbug,themanufacturerhopesnobodynotices,butthereissome advantageforthemanufacturer(orforsomeonewhoworksthere).AnexampleofthisisPracticeFusion’ssystem.Theyhavebeenfined$145million becausetheydesignedinfeaturesintotheirsystemsoitincreasedprescriptionsforaddictiveopioiddrugs,eventhoughover-prescriptionsofopioids isawell-knownpublic-healthdisaster.Pop-upsthatsupposedlyprovided objectiveclinicaladviceweredesignedtonudgedoctorsintoprescribingspecificdrugs:theyweredesignedassubliminaladverts,notforgivingprofessionalclinicaladvice.ItisestimatedthatthePracticeFusionsystemdeceptivelyboostedopioidsalesforonedrugcompanyby$11.3million.4
ThePracticeFusionsystemwasusedbytensofthousandsofdoctors. Fromthedoctors’pointofview,thissubtlemanipulationisatotallyunwantedfeature—abug—thattheyhadnoideaaboutwhenthePractice Fusionsystemwasacquired.JamieWeismanhaduseditforfiveyearsbut doesn’trecallnoticingthemanipulativealerts.Shewasreportedassaying:
It’sevil.There’sreallynootherwordforit.Butifyouwantto modelelectronichealthrecordsasafor-profitsystemandnot regulatethemassuchandforcedoctorstobeonthem,it’s almostinevitablethatthey’regoingtobemanipulated.4
Thenthereare malware systems,whicharebuggysystemsdesignedby criminalhackersfordeliberatesabotage,tocausechaos,blackmail,ortosteal information.Thehackersmayworkforthemanufacturer,butmoreoftenthe hackersworkfarawaytotakeadvantageoftheinternettohackthroughinto hospitalsystems—see box2.1.Criminalhackersalmostalwaysgetmalware intoyoursystemsbyexploitingbugs,thoughsometimestheytrickusersinto takingafewstepsforthem,likeusingtheirpassword,whichthenallowsthe malwaretorun.We’lltalkaboutsomeexamples—likeWannaCry,ahuge malwareattackthataffectedmanyhospitalsworldwidea —laterinthebook.
ForthisbookI’mnotgoingtobepedantic.Bugsarethebitsofdigital systemsdoingthewrongthings,andwearen’tgoingtoworrywherethese thingsgowrong,becausewhereverbugshappeninhealthcaretheyneed fixing.Thisisamorerelaxeddefinitionofbugthanmanypeoplemightlike,
a SeeChapter 17:TheWannaCryattack,page 211 →