Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

ENISA issues key recommendations on protecting eHealth services and infrastructures

December 2015 by Marc Jacob

The potential impact of an outage in the information systems of a hospital can
be extreme. The loss of service or failure of a medical device due to remote
hacking (e.g. via brute force and DoS attack) can be significant. Such cyber
security incidents have greatly impacted health services delivery risking lives
and limb of patients and exposing institutions and health care systems to
reputation risk. Healthcare is moving up on the policy agenda and it is often
treated by the EU Member
States
[1] as a critical infrastructure. ENISA has engaged more than
fifteen MS and two EFTA countries in a study to identify the measures policy
makers and the private sector should take to improve the security and resilience
of eHealth systems. This study focuses on three broadly used, real cases, namely
Electronic Health Records, national eHealth services (for example ePrescription)
and Cloud Services supporting eHealth systems.

The Executive Director of ENISA, Udo
Helmbrecht
, commented on this report: "The complexity
and interdependencies of eHealth systems have been steadily increasing.
Ensuring the availability, integrity and confidentiality in eHealth is a
challenging task for providers and beneficiaries. ENISA seeks co-operate with
all stakeholders to enhance the security and privacy of all eHealth
infrastructures and services."

The report recommends, inter alia, that:

· National cyber security authorities should identify critical eHealth assets
and carry out risk assessments with a view to mitigate risks
· Policy makers should introduce baseline cyber security guidelines for
eHealth infrastructures and services
· eHealth operators, along with public sector actors, should setup an
information sharing mechanism to exchange good practices and expertise on
threats and vulnerabilities.

These findings were validated by numerous experts from the public and private
sectors in an open
workshop
[2] organised together with the European Commission on 30th
of October 2015.

New technologies, such as cloud computing, smart devices and the Internet of
Things, already provide the innovation drive eHealth needs. As cyber security
challenges grow alongside services in 2016, ENISA will focus on the adoption of
Cloud computing by healthcare providers and carry out an analysis regarding
Smart Hospitals.

For full report


[1] (http://file///G:/Kunden/ENISA/Media%20outreach%20and%20monitoring%20services
/Project%20management/Translations/Originals%20(English)/151211%20eHealth/eHealth
FIN.docx#_ftnref1) https://www.enisa.europa.eu/activities/Resilience-and
 CIIP/critical-infrastructure-and-services/Methodologies-for-identification-of
 ciis

[2] (http://file///G:/Kunden/ENISA/Media%20outreach%20and%20monitoring%20services
/Project%20management/Translations/Originals%20(English)/151211%20eHealth/eHealth
FIN.docx#_ftnref2) https://www.enisa.europa.eu/activities/Resilience-and
 CIIP/workshops-1/2015/ehealth-workshop


See previous articles

    

See next articles


Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts