Regulating Cybersecurity in the Health Care Sector
During the COVID-19 pandemic, awareness about vulnerabilities in the health care sector increased. Experts from governments, civil society, and industry called for more cybersecurity regulation that clarifies responsibilities and expectations. Regulation is one answer, but some issues require other policy solutions, such as further international cooperation, argues Nele Achten in this CSS Analysis.
In October 2021, 290,000 medical records were leaked in Israel, including information about patient’s medical test results, procedures, treatments, and appointments. Similar cyber incidents around the world have involved the theft of personal data, and in some cases health related data, such as records of medicine dispenses. Since the beginning of the pandemic, cyber incidents have also disrupted hospitals and medical facilities. As a result, surgery appointments were cancelled and patients had to be directed to nearby facilities.