Case study - a survey of cyber security in ambulances
Cyber security in medical facilities is crucial for the protection of sensitive patient data and the operation of clinics.
We prepared a targeted survey aimed at finding out the state of cyber security in ambulances. It was historically the first and unique survey of this kind. In the survey, we identified serious risks and prepared solutions. Based on the answers of hundreds of respondents, we obtained valuable information for the targeted direction of specific recommendations to improve the state of cyber security in the healthcare sector.
Outpatient healthcare ranks at the bottom of cybersecurity rankings, even though it works with extremely sensitive data. The first nationwide survey among physicians uncovered weak points in everyday practice and identified the most critical risks. It also indicated what could help advance security. Health data are very valuable to attackers—their leakage can lead to extortion as well as public exposure on the black market. Patients would thus lose not only their privacy, but practices would have to deal with remediation and a disruption to the provision of care. The risk therefore concerns not only IT, but directly the availability of treatment. In hospitals, the statutory representative is responsible for security; in practices, it is the physician themself – the operator of the practice. At present, legislation in this segment essentially addresses mainly personal data protection (GDPR), while a broader cybersecurity framework does not yet cover the outpatient sector. There is therefore ample room for improvement, which requires concrete steps.Why healthcare is a target and who bears responsibility
