 |
| Assessing the cybersecurity outlook for Australian Healthcare. Photo: Paul Carmona, Sydney. |
Fifteen to twenty years behind other industries like banking and financial services, Australian Healthcare is suffering from a case of 'Too Little, Too Late' in its build-out and investment in robust cyber defences and is now beginning to pay the price.
Well publicised attacks against flagship hospitals such as Royal Melbourne and others have finally alerted the Australian general public and health system leaders alike, to the looming threats facing the healthcare sector. Its not just the big city hospitals either; ransomware and other cyber attacks have been reported right the way across the country and even in small GP practices in remote rural communities.
Theft of lucrative personal information and personal health information, especially as medical records go digital, is a rising threat, as is attack by ransomware and other forms of extortion.
Surveys suggest that presently most Australians are not that worried if their medical records go up for sale on the web, though most have not really considered the possible impact of identity theft. What is more concerning to Australians, is a denial of service attack such as ransomware, that could take critical systems off-line when needed to treat someone or to save a life. Most Aussies simply haven't given that much thought to the security of their medical records or a possible attack on their doctors office or local hospital. Very few people surveyed were even aware of the growing number of network connected medical devices and the threat they pose to patient safety.
These and other cybersecurity concerns have been the subject of discussions this week at executive workshops led by the author in a series of meetings with healthcare leaders stretching from Brisbane through Sydney and Melbourne to Perth. From State healthcare systems through to private providers and payers of health services, the message is pretty much the same. "We have failed to invest in information security in the way we probably should have over the past five to ten years", said one State CIO. "That includes technology infrastructure and the skilled resources to manage our security program."
While government Ministers stress the importance of making improvements to healthcare security, additional capital and operational budgets have not yet been made available to hospitals to make changes claimed the leaders of several hospitals in a workshop in one major city.
In a recent meeting with the leaders of one of Australia's largest private healthcare providers, the CIO willingly acknowledged to me the critical need for improvements to be made to the organisation's security program, adding that security investments would probably have to wait till next year as he already had a heap of even more critical needs in front of it.
 |
| A stormy outlook has caused Australian Healthcare to play catch-up. Photo: Kieren Andrews, Melbourne. |
to periodic new posts so you don't miss them.Original stories and articles may be republished without charge provided that attribution is provided to the source and author. Articles written for, and published first elsewhere, are subject to the republishing terms and conditions of the host site.
