Healthcare industry is facing diverse range of cyber attacks these days. The prominent among them is ransomware that encrypts the sensitive healthcare information and decrypts the same only once the ransom is paid.
So much is the nuisance these days that the National Institute of Standards and Technology (NIST) has released a guide for IT developers on integrating security measures into the development process, which could influence healthcare cyber security management.
The updated draft of the NIST publication provides IT developers with a framework for incorporating cyber security measures into the design process. The document aims to help inventors consider information security needs in all stages of the product, including how to dispose of the system while still protecting data.
Presently, healthcare cyber security market consists of protection against malware, ddos, advanced persistent threat, spyware, lost and stolen devices, etc. However, the list is just illustrative and the cyber security requirements are as vast as are the options available to the cyber criminals.
Perry4Law Organisation (P4LO) strongly recommends that the healthcare industry must work on three fronts i.e. formulation of techno legal policies, adoption of best cyber security practices and a mechanism to ensure cyber breach disclosure and coordination with the statutory and government authorities. If any of these three stages is missing, then the concerned healthcare organisation is at graver risk of cyber attacks and loss of sensitive healthcare information.
See CECSRDI for more.