In an increasingly data-driven world, cyber security is no longer just a concern for experts. The Healthcare Sector is plagued by innumerable cybersecurity-related issues creating new challenges
The healthcare industry is at risk
Why healthcare sector is the prime target for cyberattacks?
In an increasingly data-driven world, cyber security is no longer just a concern for experts. The Healthcare Sector is plagued by innumerable cybersecurity-related issues creating new challenges. Over the last few years, Healthcare consistently ranks as one of the most attacked industries in terms of cybercrime but unlike many other industries, the impact of healthcare cyberattacks go far beyond financial losses as they threaten the safety, efficiency, reputation, and economics of hospital organizations by compromising patient privacy, deluge of data — much of which is sensitive or confidential — clinical outcomes and their financial resources. Characteristically, one of the more recent, large-scale cyber threats was the 2017 WannaCry ransomware attack on the UK’s National Health Service. This resulted in the cancellation of nearly 20,000 appointments, the closure of emergency departments and the re-routing of emergency ambulances to more distant hospitals. While it is difficult to assess the full impact of this particular incident, major disruptions to patient care are evident and an estimated cost of at least £92 million.
Why is Cybersecurity important?
Healthcare organizations are some of the most-trusted entities holding the most sensitive information about patients: name, date and place of birth, medical records, social security details, etc. Having many defects such as low budget, lack of IT organization, excessive use of legacy systems, the healthcare actors have become easy targets for hackers, facing more and more pressure and threats from them.
The environment of the healthcare industry’s mission creates distinctive challenges since cyber-attacks can have consequences further than financial damage and breach of privacy. The General Data Protection Regulation (GDPR) 2016/679 which will be directly applicable in all member states by 25 May 2018 requires organizations in the healthcare sector to reassess their data flows and how they handle and monitor patient data to ensure they are following the regulation.
How SecureHealth project support Data Protection in the Healthcare sector?
The expected massive growth of data protection jobs drives new skills, knowledge, and competencies from healthcare employees. As a result, Healthcare Sector is facing the risk of a rising skills mismatch between data protection officers/employees across European countries with a different occupational profile on skills and competencies and most importantly, different levels of legislation/integration on data protection. With the SecureHealth project, we want to support individuals (DPOs and others) in acquiring and developing skills and key competencies in dealing with Data protection issues in the Healthcare sector.
- WannaCry Cyber-attack on UK NHS, available at National Health Executive WannaCry Cyber Attack .
- Security Threats in HealthCare Systems, March 18, 2019, available at https://consoltech.com/blog/security-threats-healthcare-systems/
- HealthCare Cyber Security, available at https://www.hipaajournal.com/category/healthcare-cybersecurity/
- Cybersecurity of Hospitals: discussing the challenges and working towards mitigating the risks, 3 July 2020, available at Cybersecurity of Hospitals: discussing the challenges and working towards mitigating the risks
- Cyber Attacks: In the Healthcare Sector, available at https://www.cisecurity.org/blog/cyber-attacks-in-the-healthcare-sector/
- General Data Protection Regulation GDPR, available at https://gdpr-info.eu/