Enjoy unlimited access to all forum features for FREE! Optional upgrade available for extra perks.

Cyber security in the healthcare sector – not just viruses

Acorn Newsbot

Junior Member
Joined
Jan 28, 2006
Posts
22,569
Reaction score
67
Healthcare in the UK, and the NHS in particular, has come under intense scrutiny since the disastrous effects of the WannaCry ransomware in May 2017. Since then NHS Digital has launched a new £20m security operations centre to help units understand and prepare for cyber attacks.

A realistic yet disturbing view came from Dan Taylor, a director of security at NHS Digital, presenting at the National Cyber Security Centre’s CYBERUK 2018 conference.

He pointed out that, relatively speaking, the ransomware attack affected the NHS in a small way. He wasn’t trying to decrease the impact of the malware but highlighted the fact that over 25,000 discrete centres weren’t affected – only 40 were. So it could have been far worse, and a subsequent outbreak could still be far worse. He also praised staff and IT partners for their efforts to deal with the crisis.

GDPR has changed the security landscape


But that isn’t the only threat facing UK healthcare sector. The advent of GDPR has raised the need for all organisations – NHS and others – to put robust systems and procedures in place to protect data. As well as making sure that people have correctly and overtly given permission for their information to be used in certain ways, the onus is on organisations to keep data secure and prevent theft.

Another explicit requirement of GDPR is that any personal data breaches should be disclosed to the relevant supervisory authority within 72 hours. Clearly knowing that a breach has taken place is therefore vital.

As soon as GDPR came into force, a case was lodged in France against Google, with the resulting fine, eight months later, coming to €50m. This was for obscure terms and conditions rather than a data breach, but the point is that no organisation can afford to ignore it. Although Google isn’t a healthcare firm, if someone’s prepared to use GDPR against a company that high profile, it won’t be long before it’ll catch up with those operating in other sectors – including healthcare.

Third party danger


While the NHS increasingly outsources services and administration, the risk of succumbing to cyber attacks increases. Every new interface between supplier and customer adds another vector that can be exploited, with lines of responsibility blurred in the minds of the public.

In the USA a breach at AccuDoc Solutions, a payment processing provider, affected two healthcare clients. Atrium Health, which operates nearly a thousand hospitals and other healthcare facilities, had 2.65m clients affect and BaylorScottWhite Medical Center 40,000.

Staying one step ahead


UK healthcare organisations are in a tough situation. Criminal elements can act fast, developing, morphing and combining threats to constantly stay ahead. Public and private bodies alike have to justify the time and budget to put protective measures in place, whether they are improved system care and maintenance or investment in cyber security products and services.

To focus minds on the threat, download this easy-to-digest infographic which details the key facts and figures, quantifying the threat facing the UK Healthcare sector.

Download Infographic

The post Cyber security in the healthcare sector – not just viruses appeared first on Nominet.

Continue reading...
 

The Rule #1

Do not insult any other member. Be polite and do business. Thank you!

Featured Services

Sedo - it.com Premiums

Sponsors

IT.com

Premium Members

AucDom
UKBackorder
Be a Squirrel

Sponsors

Acorn Domains Merch
MariaBuy Marketplace

Shiny Nuts

Perfect
Service
Laskos
URL Shortener
*the exceptional businesses of our esteemed moderators
Top Bottom