Complexity of healthcare systems key challenge in securing them
Large variety of medical devices add to complexity of IT networks in the sector
The challenge of securing healthcare technology often lies in the complexity of systems used in the industry, experts say.
For example, although basic IT infrastructure such as laptops and servers may be standardised within an institution, a large variety of medical devices may also be connected to its network.
"These can include drug infusion pumps, imaging devices, and treatment software such as those used to used to manage implantable pacemakers," said managing consultant Olli Jarva.
Mr Jarva, who is from the software integrity group at technologyfirm Synopsys, said that systems in different parts of an organisation may also not "play well" with one another.
"Like any large organisation, a healthcare organisation may have multiple business or operations units," he said.
"Each unit may procure software solutions that best meet their needs, but may not have uniform cyber-security effectiveness."
Last Friday, the authorities disclosed that 1.5 million SingHealth patients had been the victims of Singapore's worst cyber attack to date.
Many had their personal details stolen, while others - including Prime Minister Lee Hsien Loong and several ministers - had their outpatient prescription information snatched as well.
In a move to tighten security, staff at all three of Singapore's public healthcare clusters will have their Internet access temporarily delinked by this week.
The Health Ministry will also "take a pause" on its plans to make the National Electronic Health Record system mandatory.
Mr Tseng Ching-Tse, who is founder of medical IT company Vault Dragon, said cyber attacks are not uncommon.
The company provides electronic medical record services for private sector healthcare organisations.
"We detect multiple cyber attacks on our healthcare providers' databases and servers every day," Mr Tseng said, adding that none of these attacks have been successful to date.
Dr Siaw Tung Yeng, who is the founder of medical IT firm Mobile Health, added that operators of healthcare information systems need to assume that they may come under attack at any time, as "threats are constantly evolving".
"This attack shows that we need to be on our toes at all times," he said.
Get The New Paper on your phone with the free TNP app. Download from the Apple App Store or Google Play Store now
