Healthcare has been pinpointed as a susceptible target for data breaches, such as leaking confidential health information.
The breach of valuable health information in Australia is increasing every year. This rise has been attributed to advanced hacking methods and techniques, paired with inadequate cyber security practices among health professionals.
Dr Tafheem Wani, lecturer of digital health at La Trobe’s School of Psychology and Public Health, explained that health information is a sought-after commodity for bad actors as the information can be sold for a high price on the black market.
“Healthcare experiences the highest number of data breaches globally and in Australia, over all other industries. With advancements in healthcare technology and digitisation of health services, cyber security risks have significantly increased, and can grow even further.
“Hackers are especially interested in health records because they can sell the data for high prices on the black market. They can use the information for medical identity theft, to disrupt health services through non-state actors, and for espionage,” Wani said.
Ensuring that medical health professionals have the correct training so they can best protect the valuable is a crucial consideration that the healthcare system must take moving forward. A cyber aware workforce should be applied to every Australian industry, and the healthcare system is no different.
“To effectively mitigate risk and combat today’s complex threats, organisations must employ a strategic combination of leveraging the right security technology, upskilling existing security professionals through training and certifications, and fostering a cyber aware workforce,” John Maddison, chief marketing officer at Fortinet, said.
Compared to other industries, however, healthcare cyber security is often an afterthought, as Wani believes that key stakeholders and governmental agencies often disregard the protection strategies that need to be put in place to protect the health data of Australians.
“Healthcare cyber security is mostly not given the attention it deserves, and I believe it is about time that all stakeholders – government agencies, healthcare organisations, professionals, and patients alike, recognise and understand their rights and responsibilities in securing health data,” he said.
As far as those strategies go, taking a holistic approach is what Wani recommended.
“A significant proportion of data breaches in healthcare are attributed to human or internal errors. We need a holistic and tailored approach in understanding and developing measures for healthcare cyber security,” Wani said.
“Apart from investments in cyber security technology, we also need to invest in initiatives such as developing customised cyber security training and awareness programs for healthcare staff, streamlining enforcement of cyber policies and health data privacy regulations, and establishing a proactive cyber security culture in healthcare organisations.”
Kace O'Neill
Kace O'Neill is a Graduate Journalist for HR Leader. Kace studied Media Communications and Maori studies at the University of Otago, he has a passion for sports and storytelling.