14 August 2024

Protecting our health

Protecting our health image
Image: Oliver Norman is Regional Vice President for UK & Ireland at Veritas Technologies.

Oliver Norman, Regional Vice President for UK & Ireland at Veritas Technologies, looks at why data protection should be a priority for the modern healthcare organisation.

With the new Labour government promising to build an NHS ‘fit for the future’, healthcare is set to feature heavily on the political agenda in the coming months. Budget concerns and the ever-increasing skills gap will no doubt take centre stage. However, whilst these topics are pressing and need to be addressed, so too does the issue of cybersecurity.

In the modern digital era, cybercriminals pose a threat to all industries. However, the healthcare sector is particularly at risk. This is unsurprising, given that many of the organisations that operate within this space handle vast amounts of sensitive patient data – including personal and medical records – day-in, day-out. If these records are stolen or tampered with, there could be serious, even life-threatening, consequences.

Just last month, over 1,000 planned operations and 3,000 outpatient appointments were postponed, thanks to the Synnovis cyberattack which impacted several London hospitals. According to the founder of the UK’s National Cyber Security Centre (NCSC), events such as this might become more frequent, given the NHS’s outdated infrastructure and security measures.

The impact of a cyberattack

According to research released last year, three in four (76%) healthcare organisations around the world have experienced a successful ransomware attack and two thirds (65%) have experienced data loss from other types of attack. Almost half (43%) of those organisations consider data security as their primary risk. This comes ahead of economic uncertainty (39%) and the adoption of emerging technologies like AI (32%).

When it comes to the NHS, which services the majority of the UK’s population, an attack feels personal. Its impact is not only widespread but potentially devastating. At a base level, cyberattacks can disrupt medical services and cripple hospital operations. This is because, when systems are down, essential patient information is inaccessible. This can delay medical procedures and compromise patient care. It can also increase the risk of medical errors and negatively impact treatment outcomes.

However, that’s not all. Cyberattacks also frequently result in hefty financial costs which the already budget-strapped NHS can ill-afford. Sometimes this is in the form of immediate ransomware payments, however, any prolonged downtime and recovery following an attack could also have an impact. Given the data that hackers usually target is the key to providing sometimes lifesaving treatment, it can be even more tempting to just pay up the ransom. However, paying doesn’t always guarantee that you will get your data back.

Another implication which isn’t always considered is the impact a cyberattack will have in terms of patient trust. A cyberattack in which malicious actors manage to access sensitive data can lead to a loss of confidence in an organisation’s ability to safeguard data and can seriously damage its long-term reputation. Take the 2017 WannaCry attack as an example. The attack disrupted services across numerous NHS hospitals and clinics, causing widespread cancellations of appointments and surgeries. The aftermath saw a decline in public confidence in the NHS’s ability to protect sensitive patient data. It is still often cited as one of the most infamous cyberattacks today.

Safeguarding patient data

In today's digital age, the question is not if a healthcare organisation will face a cyberattack, but when. With that in mind, those in the sector must be ready to mitigate the effects and recover quickly. Here are some ways in which healthcare organisations can protect their data from attackers:

  • Implement a data backup and recovery plan to safeguard essential data and ensure business continuity. Backup processes should capture all critical data and be executed at regular intervals. Coupled with a swift recovery process, data backup and recovery help minimise downtime and ensure business continuity when data is lost due to malicious activities.
  • Invest in cyber awareness training. Develop and implement an ongoing cyber awareness programme to educate the entire organisation on the latest cyber threats and the policies to avoid them. The programme should be continually updated to reflect emerging threats and remain a critical line of defense in identifying and thwarting potential cybercrimes.
  • Deploying advanced security technologies like firewalls, anti-malware tools, and intrusion detection systems that use AI and machine learning for predictive threat analysis and response.
  • Regularly stress test and break systems to identify where the weak points are. Often organisations – especially within the public sector – implement security strategies and then wait until an incident occurs to see whether their framework is effective. With the regularity of attacks in the current landscape, this cannot adequately anticipate the scale at which breaches are attempted.

Effective healthcare delivery depends on data. Without it, nurses and doctors wouldn’t be able to diagnose their patients properly, there would be no personalised treatment plans and we, as a society, would not be able to continue to innovate and develop the life-saving medicines of tomorrow.

Unfortunately, today’s attackers know this, and they are not afraid to exploit it. Whilst facing cyberattacks is inevitable for healthcare organisations, losing access to valuable patient data doesn’t have to be. Implementing robust data protection strategies and cybersecurity tools can significantly strengthen defence mechanisms, enhancing the healthcare sector’s ability to respond swiftly to emerging threats.

This article is sponsored by Veritas Technologies.

The new Centre for Young Lives image

The new Centre for Young Lives

Anne Longfield CBE, the chair of the Commission on Young Lives, discusses the launch of the Centre for Young Lives this month.
SIGN UP
For your free daily news bulletin
Highways jobs

Principal Digital Inclusion Officer

Gloucestershire County Council
£49,498 - £51,515 per annum
The role will provide technical and specialist knowledge to the authority Shire Hall, Block 5, 5th Floor
Recuriter: Gloucestershire County Council

Principal Digital Infrastructure Officer

Gloucestershire County Council
£49,498 - £51,515 per annum
The role will provide technical and specialist knowledge to the authority Shire Hall, Block 5, 5th Floor
Recuriter: Gloucestershire County Council

Road Safety Education Assistant (Casual)

Essex County Council
Up to £12.3800 per hour
Casual Road Safety Education AssistantUttlesford, Chelmsford, Braintree & Thurrock£12.38 per hour PAYEClosing Date
Recuriter: Essex County Council

Income Maximisation Officer

London Borough of Richmond upon Thames and London Borough of Wandsworth
£36,426 - £44,139 per annum
About the role Case Management - You will be responsible for managing a patch of rent accounts to proactively maximise income collection on current and former tenant accounts adhering to the Councils procedure to ensure maximum collection. Knowledge - Putney Bridge Road / Twickenham Civic Centre
Recuriter: London Borough of Richmond upon Thames and London Borough of Wandsworth

Homelessness Prevention Early Intervention Officer

London Borough of Richmond upon Thames and London Borough of Wandsworth
£35,094 - £42,525 per annum
About the Team You will be joining the Richmond Homeless Prevention and Solutions Team, where you will play a key role in preventing homelessness and offering support to those in housing need. Your role will directly support the team’s mission to mi Twickenham
Recuriter: London Borough of Richmond upon Thames and London Borough of Wandsworth
Linkedin Banner

Partner Content

Circular highways is a necessity not an aspiration – and it’s within our grasp

Shell is helping power the journey towards a circular paving industry with Shell Bitumen LT R, a new product for roads that uses plastics destined for landfill as part of the additives to make the bitumen.

Support from Effective Energy Group for Local Authorities to Deliver £430m Sustainable Warmth Funded Energy Efficiency Projects

Effective Energy Group is now offering its support to the 40 Local Authorities who have received a share of the £430m to deliver their projects on the ground by surveying properties and installing measures.

Pay.UK – the next step in Bacs’ evolution

Dougie Belmore explains how one of the main interfaces between you and Bacs is about to change.