Regulating Cybersecurity in the Health Care Sector

During the COVID-19 pandemic, awareness about vulnerabilities in the health care sector increased. Experts from governments, civil society, and industry called for more cybersecurity regulation that clarifies responsibilities and expectations. Regulation is one answer, but some issues require other policy solutions, such as further international cooperation, argues Nele Achten in this CSS Analysis.

hospital
Medical personnel attend a patient at the emergency room in a clinic in Germany in May 2021. Kai Pfaffenbach / Reuters

In October 2021, 290,000 medical records were leaked in Israel, including information about patient’s medical test results, procedures, treatments, and appointments. Similar cyber incidents around the world have involved the theft of personal data, and in some cases health related data, such as records of medicine dispenses. Since the beginning of the pandemic, cyber incidents have also disrupted hospitals and medical facilities. As a result, surgery appointments were cancelled and patients had to be directed to nearby facilities.

To the publication

JavaScript has been disabled in your browser