MOH to test virtual browser for healthcare staff Internet access, Latest Singapore News - The New Paper
Singapore

MOH to test virtual browser for healthcare staff Internet access

This article is more than 12 months old
Kok Yufeng
Jan 16, 2019 06:00 am

As the Ministry of Health (MOH) tests a virtual browser at the National University Health System (NUHS), all other public healthcare staff will remain cut off from the Internet.

If the virtual browser is found to be effective, MOH will look to implement a tiered model of Internet access, Health Minister Gan Kim Yong said in a statement yesterday.

Under this model, Internet surfing separation (ISS) will likely remain for the majority of healthcare staff.

For those who need access to intranet systems and the Internet on the same device, the virtual browser may be the best solution, Mr Gan said.

Temporary ISS was implemented across the public healthcare sector after the attack on SingHealth's patient database last June, as suspicious activity was found even after initial containment actions were taken.

But it has posed challenges in patient care and caused delays to frontline patient management and backend administrative tasks, Mr Gan said.

After he is sworn in, DPM Lawrence Wong (right) will be Singapore’s fourth prime minister, succeeding PM Lee Hsien Loong.
Singapore

Lawrence Wong to take over as Prime Minister on May 15

Related Stories

Former Workers’ Party MP Yaw Shin Leong dies at 47

‘I am ready for my next assignment’: DPM Lawrence Wong at PAP conference

President Halimah bids farewell to Istana staff

A virtual browser, which the ministry had been experimenting with before the SingHealth breach, allows access to the Internet through strictly controlled and monitored client servers, said Mr Gan, who likened it to a decontamination room.

An earlier trial showed it is technically feasible.

For the six-month NUHS pilot, which starts this quarter, it will be deployed in selected job functions at some departments and clinics, such as frontline pharmacists and emergency department clinicians, to assess its effectiveness in meeting operational and security needs.

"Though such a solution does not fully eliminate cyber security risks, it reduces the attack surface significantly," Mr Gan said.

MOH is also reviewing the National Electronic Health Record (NEHR) system.

It will continue to defer the mandatory requirement for all healthcare institutions to contribute patient data to the NEHR until tests are complete.

A decision on NEHR contributions can be expected by year-end.

Other measures that will be put in place include separating the roles of MOH's chief information security officer and Integrated Health Information Systems' (IHiS) director of cyber security governance, which were previously held by the same person.

IHiS will also be conducting realistic, hands-on simulation training and will start bug bounty and vulnerability disclosure programmes.

Get The New Paper on your phone with the free TNP app. Download from the Apple App Store or Google Play Store now

Singapore Politics

Kok Yufeng

yufengk@sph.com.sg
Read articles by Kok Yufeng