14 August 2024

Protecting our health

Protecting our health image
Image: Oliver Norman is Regional Vice President for UK & Ireland at Veritas Technologies.

Oliver Norman, Regional Vice President for UK & Ireland at Veritas Technologies, looks at why data protection should be a priority for the modern healthcare organisation.

With the new Labour government promising to build an NHS ‘fit for the future’, healthcare is set to feature heavily on the political agenda in the coming months. Budget concerns and the ever-increasing skills gap will no doubt take centre stage. However, whilst these topics are pressing and need to be addressed, so too does the issue of cybersecurity.

In the modern digital era, cybercriminals pose a threat to all industries. However, the healthcare sector is particularly at risk. This is unsurprising, given that many of the organisations that operate within this space handle vast amounts of sensitive patient data – including personal and medical records – day-in, day-out. If these records are stolen or tampered with, there could be serious, even life-threatening, consequences.

Just last month, over 1,000 planned operations and 3,000 outpatient appointments were postponed, thanks to the Synnovis cyberattack which impacted several London hospitals. According to the founder of the UK’s National Cyber Security Centre (NCSC), events such as this might become more frequent, given the NHS’s outdated infrastructure and security measures.

The impact of a cyberattack

According to research released last year, three in four (76%) healthcare organisations around the world have experienced a successful ransomware attack and two thirds (65%) have experienced data loss from other types of attack. Almost half (43%) of those organisations consider data security as their primary risk. This comes ahead of economic uncertainty (39%) and the adoption of emerging technologies like AI (32%).

When it comes to the NHS, which services the majority of the UK’s population, an attack feels personal. Its impact is not only widespread but potentially devastating. At a base level, cyberattacks can disrupt medical services and cripple hospital operations. This is because, when systems are down, essential patient information is inaccessible. This can delay medical procedures and compromise patient care. It can also increase the risk of medical errors and negatively impact treatment outcomes.

However, that’s not all. Cyberattacks also frequently result in hefty financial costs which the already budget-strapped NHS can ill-afford. Sometimes this is in the form of immediate ransomware payments, however, any prolonged downtime and recovery following an attack could also have an impact. Given the data that hackers usually target is the key to providing sometimes lifesaving treatment, it can be even more tempting to just pay up the ransom. However, paying doesn’t always guarantee that you will get your data back.

Another implication which isn’t always considered is the impact a cyberattack will have in terms of patient trust. A cyberattack in which malicious actors manage to access sensitive data can lead to a loss of confidence in an organisation’s ability to safeguard data and can seriously damage its long-term reputation. Take the 2017 WannaCry attack as an example. The attack disrupted services across numerous NHS hospitals and clinics, causing widespread cancellations of appointments and surgeries. The aftermath saw a decline in public confidence in the NHS’s ability to protect sensitive patient data. It is still often cited as one of the most infamous cyberattacks today.

Safeguarding patient data

In today's digital age, the question is not if a healthcare organisation will face a cyberattack, but when. With that in mind, those in the sector must be ready to mitigate the effects and recover quickly. Here are some ways in which healthcare organisations can protect their data from attackers:

  • Implement a data backup and recovery plan to safeguard essential data and ensure business continuity. Backup processes should capture all critical data and be executed at regular intervals. Coupled with a swift recovery process, data backup and recovery help minimise downtime and ensure business continuity when data is lost due to malicious activities.
  • Invest in cyber awareness training. Develop and implement an ongoing cyber awareness programme to educate the entire organisation on the latest cyber threats and the policies to avoid them. The programme should be continually updated to reflect emerging threats and remain a critical line of defense in identifying and thwarting potential cybercrimes.
  • Deploying advanced security technologies like firewalls, anti-malware tools, and intrusion detection systems that use AI and machine learning for predictive threat analysis and response.
  • Regularly stress test and break systems to identify where the weak points are. Often organisations – especially within the public sector – implement security strategies and then wait until an incident occurs to see whether their framework is effective. With the regularity of attacks in the current landscape, this cannot adequately anticipate the scale at which breaches are attempted.

Effective healthcare delivery depends on data. Without it, nurses and doctors wouldn’t be able to diagnose their patients properly, there would be no personalised treatment plans and we, as a society, would not be able to continue to innovate and develop the life-saving medicines of tomorrow.

Unfortunately, today’s attackers know this, and they are not afraid to exploit it. Whilst facing cyberattacks is inevitable for healthcare organisations, losing access to valuable patient data doesn’t have to be. Implementing robust data protection strategies and cybersecurity tools can significantly strengthen defence mechanisms, enhancing the healthcare sector’s ability to respond swiftly to emerging threats.

This article is sponsored by Veritas Technologies.

SIGN UP
For your free daily news bulletin
Highways jobs

Head of Major Works

Westminster City Council
Up to £105,000 per annum
Build a Fairer Westminster, One Home at a Time City of Westminster, London (Greater)
Recuriter: Westminster City Council

Chief of Asset Strategy and Major Works

Westminster City Council
Up to £105,000 per annum
Shape the Future of Housing in the Most Iconic City City of Westminster, London (Greater)
Recuriter: Westminster City Council

Finance Assistant - Debt Collection

Essex County Council
Up to £25081.00 per annum + + 26 Days Leave & Local Gov Pension
Finance Assistant - Debt CollectionFixed Term, Full Time£25,081 Per AnnumLocation
Recuriter: Essex County Council

Finance Assistant - Debt Collection

Essex County Council
Up to £25081.00 per annum + + 26 Days Leave & Local Gov Pension
Finance Assistant - Debt CollectionPermanent, Full Time£25,081 Per AnnumLocation
Recuriter: Essex County Council

Front of House Officer

Durham County Council
£24,790 to £25,992 p.a pro rata Grade 4
We have the following permanent opportunities available to join our team at GALA Durham.   X2 posts both at 24 hpw each WHAT IS INVOLVED?   You will Durham
Recuriter: Durham County Council
Linkedin Banner

Partner Content

Circular highways is a necessity not an aspiration – and it’s within our grasp

Shell is helping power the journey towards a circular paving industry with Shell Bitumen LT R, a new product for roads that uses plastics destined for landfill as part of the additives to make the bitumen.

Support from Effective Energy Group for Local Authorities to Deliver £430m Sustainable Warmth Funded Energy Efficiency Projects

Effective Energy Group is now offering its support to the 40 Local Authorities who have received a share of the £430m to deliver their projects on the ground by surveying properties and installing measures.

Pay.UK – the next step in Bacs’ evolution

Dougie Belmore explains how one of the main interfaces between you and Bacs is about to change.