Medical Second Opinions In The Digital Age: When A Tumor Isn’t A Tumor

By Brian J. Lamoureux

May 17, 2019

Cybersecurity researchers have recently created a computer virus that was able to trick three radiologists into thinking their patients had cancer. The researchers were also able to fool automated screening systems by altering images and scans to place fake “tumors” on them, or by removing real tumors from actual scans which showed advanced disease. These images and scans were vulnerable because they were not digitally signed or encrypted. The researchers also found that while hospitals have done a good job in preventing the spread of confidential patient information outside their facilities, they have not done as well in handling data internally with care. This has left hospitals and other medical facilities vulnerable to intrusions by malware and other viruses that could wreak havoc on patients’ sensitive medical data.

Although it’s too early to tell what impact these vulnerabilities will have on patient care, it should be alarming to all of us on several levels. First, interpreting radiological scans requires a high level of skill and judgment in what is already a complex and nuanced process. If a patient or radiologist cannot trust the integrity of the data underlying a particular scan or image, then certainly any conclusions reached on it will be viewed with some level of skepticism. Second, as more people learn that malware and viruses can make it look like a patient has a tumor or cancer when he or she is perfectly healthy, we should expect a sharp increase in the number of patients seeking a second opinion or additional scans or tests because they do not trust the initial scan or interpretation, perhaps out of an understandable sense of grief or denial. This will cause increasing burdens and costs on an already over-burdened and expensive health care system.

Finally, we should expect to see more and more hospitals threatened by ransomware and cybercriminals who demand payment in exchange for not corrupting the hospital’s radiological system. Given the stakes in play – life, death, and potentially unnecessary treatment – hospitals and other medical providers would be well-advised to plan to prevent and address these new cyberthreats in the medical landscape. For further information, please contact Attorney Brian J. Lamoureux at or 401-824-5155.

Disclaimer: This blog post is for informational purposes only. This blog is not legal advice and you should not use or rely on it as such. By reading this blog or our website, no attorney-client relationship is created. We do not provide legal advice to anyone except clients of the firm who have formally engaged us in writing to do so. This blog post may be considered attorney advertising in certain jurisdictions. The jurisdictions in which we practice license lawyers in the general practice of law, but do not license or certify any lawyer as an expert or specialist in any field of practice.

Recent Posts


It’s never a good idea to buy an asset, like a boat or plane, in your own name or to have multiple parties on the title. First of all, when your name is on the title, you are personally liable for any damage that the asset may cause. For example, you and Joe own a...


Before base jumping into the miasma of risk, the first thing you should do is make sure your estate plan, in its current iteration, meets your needs and has adapted to any challenging or changing family situation. A well-rounded estate plan is literally more of a life...


One never knows what corner the grim reaper lies behind. A final illness can often accelerate quickly and deprive a donor of adequate time to complete gifts for tax purposes that he intended to make. In a recent federal court case, the Third Circuit Court of Appeals...