Why health care must prioritise data protection


By Josh Gluck*
Wednesday, 07 October, 2020


Why health care must prioritise data protection

Healthcare providers are facing an unprecedented risk of cyber attacks amid the coronavirus pandemic. In recent weeks, the Australian Cyber Security Centre has raised concerns in regard to healthcare providers — including hospitals and aged-care homes — being increasingly targeted by COVID-19-themed ransomware attacks.

Experts say the risks of a successful attack are higher than usual right now, and ransomware attacks can be devastating to the critical infrastructure within the healthcare sector. This is due in part to the crippling effect ransomware has. It restricts access to important clinical and research data needed by clinicians and researchers that can mean the difference between life and death.

Consequences of these attacks can be dire, requiring payment to the attacker, decryption tools, or the gamble of recovering sensitive data from infrequently tested backups. Putting an organisation’s most valuable asset in a hostage scenario often results in massive payouts to cybercriminals, federal penalties and reputational damage.

Despite billions of dollars spent annually to guard entry points to clinical data, many healthcare providers still underestimate the strategic value of improving data protection. As this pandemic continues, essential services must be able to use their data while storing it securely.

New and evolving ransomware risks challenge healthcare leaders

Healthcare organisations are particularly attractive targets for ransomware attacks. Not only do they have large volumes of critical data and intellectual property, they also face the additional challenge of tailoring security strategies to combat increasingly sophisticated attacks.

To ensure compliance with government regulations such as the Healthcare Identifiers Act, healthcare providers have become intimately familiar with the importance of backups for critical data. However, as these providers face exploding demand and unprecedented volumes of data, the need to restore data quickly has never been greater.

Moreover, the rise of remote work has marked a period of vulnerability for businesses across the country. An abrupt shift from on-premises operations to the cloud is a significant challenge for many, requiring the deployment of reliable, fast and secure virtual desktop infrastructure.

It is crucial for healthcare organisations and businesses to take a unified approach to data security and ensure the protection of valuable information at a time when access is vital. The establishment of these security measures is a tricky balancing act, especially if they’re built on outdated infrastructure.

The Office of the Australian Information Commissioner’s most recent Notifiable Data Breach report revealed the healthcare sector was the most vulnerable industry, making up 22% of all cybersecurity breaches. Despite this, a report from the Australian Digital Health Agency has reported that only a third of Australian healthcare organisations embed cybersecurity awareness training into their organisational policies and procedures.

Why hospitals need data backup and recovery tools

Whether on-premises or in the cloud, data backups are essential for mitigating ransomware attacks. They safeguard critical data against many common scenarios, from disaster recovery to accidental deletions.

Unfortunately, attacks can stress existing data protection infrastructure that may be built on outdated architectures, thus exacerbating business challenges and creating additional downtime and confusion.

Two recovery functions that are key for limiting the effects of ransomware attacks are reliability of backups and rapid restoration of data. Reliable backup technology that can prevent changes or malicious deletions is paramount. If backup systems and data are compromised, a full reinstall and reconfiguration of the system would be required.

The second aspect, the rapid restoration of backups, is also essential for avoiding downtime and ensuring critical data is accessible when needed.

It is equally important to assess the storage infrastructure that underpins these critical systems. Legacy systems that are highly complex and require daily maintenance carry countless vulnerabilities that limit both the reliability of backups and the speed of restoration. Infrastructure that emphasises simplicity is essential for fast, reliable backups that can confront the constant threat of ransomware attacks.

As the strain on healthcare organisations increases, the need for fast, flexible and secure infrastructure has never been greater. Businesses of all sizes need to confront this challenge across all of their operations. This requires that organisations not only focus on effective storage and management for data, but truly become stewards of its protection.

*Josh Gluck is Vice President of Global Healthcare Technology Strategy at Pure Storage.

Josh will be participating in a webinar on Thursday, 8 October on advancing data protection in health care. He’ll be joined on the panel by Anthony Kitzelmann, Chief Information Security Officer, Australian Digital Health Agency; Keith Smith, Director of Project Delivery, South West Alliance of Rural Health (Vic); and Johny Agotnes, Chief Information Officer, Bolton Clarke.

Image credit: ©stock.adobe.com/au/Sikov

Related Articles

Why data access holds the key to better care

An AI-enabled healthcare sector is a potentially idyllic place, where healthy habits are...

Closing cybersecurity loopholes — lessons from the US

Gregory Garcia was once the most senior cybersecurity professional in all of the United States.

Concept to clinical care: what's holding back healthtech?

Australia is globally recognised for its exceptional medical research output. So why isn't...


  • All content Copyright © 2024 Westwick-Farrow Pty Ltd