Cyber Security in Healthcare

Possessing large IT infrastructures and vast amounts of stored personal data, organisations in the healthcare sector are a common target for cybercriminals. The WannaCry ransomware attack that hit the UK’s National Health Service in mid-2017 highlights the high level of disruption that malicious attacks can have on hospitals, health trusts, GP practices and other healthcare bodies.

Common cyber security challenges in the healthcare sector include

  • •   Protecting large, often antiquated IT estates
  • •   Juggling conflicts between service efficiency and patient confidentiality
  • •   Keeping up with continuous workplace digitisation
  • •   Working with limited public funding and competing IT priorities
  • •   Educating staff about cyber security risks
Key security questions for healthcare providers
  • •   How often are networks and applications tested for vulnerabilities?

  • •   Are suitable controls in place to prevent sophisticated threats?

  • •   Are systems able to identify threats that bypass the perimeter?

  • •   Is there a plan in place to detect, remediate and report breaches?

  • •   How regularly are systems backed up to mitigate ransomware?

  • •   Are staff sufficiently trained about cyber security risks?

  • •   How is the personal data of patients processed and protected?