Hospitals must notify their patients of any cybersecurity incidents

The European Data Protection Board (EDPB) has ruled that organizations that are victims of ransomware infections should notify users and employees, regardless of whether the attack leads to the theft of confidential information, especially at hospitals. At the moment it is only a proposal, but this could change in the immediate future. The EDPB is a body that collaborates to comply with the European Union General Data Protection Regulation (GPDR).

360 Mobile Vision - North & South Carolina Security products and Systems Installations for Commercial and Residential - $55 Hourly Rate. ACCESS CONTROL, INTRUSION ALARM, ACCESS CONTROLLED GATES, INTERCOMS AND CCTV INSTALL OR REPAIR 360 Mobile Vision - is committed to excellence in every aspect of our business. We uphold a standard of integrity bound by fairness, honesty and personal responsibility. Our distinction is the quality of service we bring to our customers. Accurate knowledge of our trade combined with ability is what makes us true professionals. Above all, we are watchful of our customers interests, and make their concerns the basis of our business.

The EDPB has decided that hospitals will have to notify their patients and staff in the event of ransomware infection or any other cybersecurity incident: “We understand that it is necessary to provide information to those patients and staff in general who may become cyberattack targets.” As you may remember, a ransomware attack consists of infection of an affected device with an encryption malware, blocking access to information until a ransom payment, usually cryptocurrency, is fulfilled.

Hospitals must notify their patients of any cybersecurity incidents

In this way, European data protection authorities seek to force companies to maintain updated information on any security risks. Cybersecurity experts say that while these practices have improved with the enactment of the GDPR, many organizations remain reluctant to submit information security reports to relevant control bodies.

The authorities continue to look for ways to prevent data leaks and improve user service: “Health institution managers should inform their patients of any service failure or delay in medical treatments,” says the EDPB draft.

Patients affected by hospital system flaws

These are not improvised measures. For more than a year the Broad has collected information on a number of cases justifying the possible implementation of these measures; the most serious of these cases occurred in Germany, where the flaws in a hospital’s systems resulting from a ransomware attack led to the death of a female patient that needed a critical surgery.

Laura Prats, a cybersecurity specialist at a Spanish risk management firm, believes that the process of adapting to these standards can be complicated, but that this is a necessary measure: “We will continue to adapt to new cyber threats to minimize harm to users of health services,” she says.

The healthcare sector has become one of the main objectives of cyberattacks, as these organizations store highly sensitive information and their IT systems must be safeguarded at all costs, especially in the context of the pandemic. 

The post Hospitals must notify their patients of any cybersecurity incidents appeared first on Cyber Security News | Exploit One | Hacking News.

By admin