IT companies showcase solutions for electronic medical records at the General Hospital in Ninh Thuận Province. — VNA/VNS Photos

HÀ NỘI — As the demand for digital transformation in the healthcare sector intensifies, hospital systems and information technology applications used in disease prevention have increasingly become targets for cyberattacks.

These challenges pose serious threats to information security within the healthcare industry, necessitating heightened vigilance and substantial investment in security protocols.

According to Director of the Athena Cybersecurity Centre, Võ Đỗ Thắng, tens of thousands of patient records have recently been breached and copied from medical facilities.

He said that the threat of cybersecurity in the healthcare sector is critical, as it can affect patients' health by altering medical records, changing treatment plans or even modifying medication dosages, ultimately endangering patients' lives.

Thắng also noted that cyberattacks and security breaches in the healthcare field carry exceptionally high risks.

"Health information is among the most sensitive personal data, making its protection mandatory for the healthcare sector and hospitals. The rise in ransomware attacks can disrupt patient care, delay essential surgeries and throw healthcare networks into chaos," Thắng told the Voice of Việt Nam.

Cybersecurity challenges

In the past two decades, the healthcare system has progressively embraced digital transformation. This shift has brought numerous benefits, enhancing patient care quality, streamlining workflows, facilitating provider communication and simplifying patient access to their health records.

However, as Thắng explained, this digital advancement also makes healthcare systems attractive targets for cybercriminals. The growing number of digital assets creates more opportunities for attacks, with potentially life-threatening consequences during an incident.

Thắng said several key threats facing the healthcare sector, including malware, data theft, supply chain vulnerabilities and insufficient cybersecurity awareness.

Hospitals use a wide range of devices, from CT scanners and traditional laptops to desktops and various (IoT) devices.

"In a typical medical procedure, patients sign and date electronic forms and may be required to scan their palms for biometric verification on specialised devices. This process involves exchanging sensitive data, such as credit card information and someone's medical history," he said.

"This raises crucial questions: Where is the patient data stored post-login and who has access to it? Is the data encrypted, locked or stored in the cloud for retrieval? If it is stored in the cloud, who has access to it?".

According to him, these cybersecurity challenges are increasingly prevalent in the healthcare sector.

As the number of connected medical devices, such as diagnostic cameras and data servers, grows, so do the vulnerabilities and potential risks.

"Hospitals, which handle thousands of patients daily and deal with critical and sensitive information, are particularly susceptible to these risks," he said.

Cybersecurity risks in remote medical care

According to Thắng, one significant issue is that doctors often find logging in and changing passwords for hospital or clinic systems, inconvenient.

As a result, they may use personal laptops to bypass these security protocols.

Such unauthorised devices can compromise patient data if not protected by stringent security measures, leading to potential data breaches.

A cybersecurity drill for safeguarding information and data within healthcare information systems, held last year in Hà Nội, organised by the National Healthcare Information Centre in collaboration with Viettel Group

The risk is even greater when data is accessed externally through cloud services.

Remote diagnostic practices, like teleradiology, illustrate the multiple access points for patient data, often involving referring doctors, radiologists and hospitals.

To address these concerns, Thắng recommended several strategies for safeguarding healthcare data.

He suggested starting by identifying critical assets and determining the best methods of protection.

Patient data, now scattered across various platforms, including laptops, mobile devices, servers and cloud services, requires robust security controls.

The fragmented nature of this data makes it difficult to pinpoint its location and manage access permissions.

“A unified approach to healthcare data is crucial. No matter where the data is stored, technical controls must be implemented based on access needs.

"Furthermore, as data moves between traditional data centres and the cloud, it’s essential to track its location and ensure it has the correct access rights,” Thắng said.

To address these cybersecurity risks, Đỗ Thắng Võ, Director of Athena Cybersecurity Centre, outlined several essential steps that healthcare organisations and hospitals should take.

It is crucial for healthcare organisations to understand the cybersecurity threats and vulnerabilities they face. This involves conducting a comprehensive inventory and classification of all networks and systems, which can be a significant undertaking depending on the size of the operation.

By identifying weaknesses and potential security gaps, hospitals can develop prioritised cybersecurity strategies and address the most pressing issues first.

He suggested the use of Artificial Intelligence (AI) to enhance early risk detection. Given the large-scale and sophisticated nature of cyberattacks on the healthcare sector, AI can play a critical role in monitoring threats and identifying potential issues swiftly.

This allows hospital managers to detect and respond to attacks sooner, thereby reducing potential damage and speeding up recovery efforts. Proactive AI monitoring is considered one of the most effective preventative measures.

With the increasing complexity of hospital networks and IT systems, it is essential to educate medical staff on basic cybersecurity practices.

While this added complexity may be inconvenient, it is necessary for long-term protection.

Hospital managers must not only support cybersecurity initiatives but also ensure that staff are well-trained to recognise and avoid risks such as phishing, spyware, data theft and misinformation on social media.

Thắng emphasised the importance of working closely with cybersecurity centres.

"Cybersecurity in healthcare is inherently complex, with extensive potential attack surfaces. Allowing attacks to occur can have severe consequences, impacting patient safety."

Ensuring robust cybersecurity and protecting patient data must be a top priority, he said.

Hospitals should complement in-house training with collaboration with cybersecurity centres to benefit from expert guidance and resources.

He added that cybersecurity centres, equipped with specialised personnel and technology, can help hospitals establish clear cybersecurity policies, implement early warning systems for future threats and provide high-quality, cost-effective support, without the need for extensive internal training. — VNS