How the Indian healthcare industry can be safeguarded against cyber threats
A year ago, hospital administrators found their systems locked at a trust-run hospital in Mumbai, with an encrypted message from cyber attackers seeking ransom in Bitcoins to unlock it. The hospital lost data relating to bill payments and patient records for 15 days. In an interview with Viveka Roychowdhury, DNIF CEO Shomiron Dasgupta points out that, given this scenario, hospitals in India spend about 5% or even less of their IT security budget, while banks in India spend about 15-20% of their IT security budget. There is an urgent need to safeguard against cyber threats since the COVID-19 pandemic has seen an increased reliance on the transfer of healthcare delivery services to the digital realm, from telemedicine to electronic health records for doctor-patient appointments, etc. He warns that since the EHRs are shared with multiple users through an unstable network, they are vulnerable to cyberattacks. The industry is also susceptible to mud jacking of medical devices such as MRI, ventilators, etc.
Key initiatives and actions that the Indian healthcare sector should implement to counter cyberattacks are described below:
- Integrating protection into medical equipment.
- Cybersecurity knowledge and preparation.
- Daily monitoring and risk evaluation for protection.
- Danger and mitigation information sharing.
Ransomware is one of the prime threats facing today’s healthcare industry. In a recent report on the State of Endpoint Security Today, 76 percent of respondents said that the healthcare industry was most affected by ransomware. Since cybercriminals understand the value of data for everyday hospital operations, it is a daunting task for the healthcare industry to secure large quantities of personal and medical data required for fast access to practitioners in India and globally. Because of the lack of qualified personnel and poorly secured networks, attackers are able to identify the biggest security vulnerabilities in companies and will continue to exploit these flaws before a collective change in attitude can be realized. Organizations should consider their individual obligations in the area of cybersecurity, be mindful of the implications of negligent or malicious acts, and collaborate with other stakeholders to recognize safe and effective ways of operating.
As reported, the problem of healthcare cybersecurity is at a nascent stage in India. To avoid violations of medical records, we need a robust system. India’s healthcare industry is positive about promising steps taken by the Government of India, such as the National Health Security Scheme, the National Rural Health Mission, etc. The complexities of healthcare in India are likely to alter these initiatives. The healthcare sector has benefited from information technology (IT) who acts as an important player to safeguard against cyber threats.
While nascent, awareness of data privacy and cybersecurity in the Indian healthcare industry is increasingly growing, through efficient knowledge, awareness, and means to deal with rising cyber threats and data breaches. As technological advances continue to improve and disrupt the way healthcare is delivered, for their basic well-being and even their lives, more and more people will start relying on the latest technology-driven infrastructure. Under such circumstances, it is necessary to ensure that the process and the equipment are protected and not vulnerable to cyberattacks from abroad.