SINGAPORE: Private hospitals in Singapore have stepped up their cybersecurity measures in light of the recent SingHealth cyberattack. These include delinking Internet access on workstations, similar to measures taken by the public healthcare clusters.
At Mount Alvernia Hospital, cyber monitoring has been stepped up and Internet isolation implemented, said its chief executive Dr Lam Kian Ming on Tuesday (Jul 24). The IT security team is on high alert to monitor and be ready to respond quickly in the event of any potential breach, he added.
AdvertisementThe hospital also issued an internal memo to all staff to reinforce IT data protection education and awareness, after the SingHealth incident came to light.
“Our staff has restricted Internet access currently. Moving forward we will be segregating Internet access and there will be no Internet access for terminals with access to patients’ data,” he added.
The "most serious breach of personal data” in Singapore’s history took place last month, with 1.5 million SingHealth patients’ records accessed and copied while 160,000 of those had their outpatient dispensed medicines’ records taken, the Ministry of Health and Ministry of Communications and Information said on Friday.
[h=3]READ: SingHealth cyberattack: What you need to know[/h] AdvertisementAdvertisementParkway Pantai, which has under its umbrella four private hospitals -Mount Elizabeth, Mouth Elizabeth Novena, Gleneagles and Parkway East- has taken similar steps.
“In the light of the recent events, we have suspended Internet access from our internal network and will be putting in place separate devices that will be physically segregated from our company networks for those who need Internet access for work,” said chief executive of Parkway Pantai’s Singapore Operations Division Phua Tien Beng.
ACCESS TO WEBSITES, EXTERNAL STORAGE DEVICES RESTRICTED
Internet access on computers for medical staff at Thomson Medical Centre is restricted to a "need to use" basis, said its chief executive Mrs Mega Shuen.
[h=3]READ: SingHealth cyberattack: Committee of Inquiry appointed, report due end-2018[/h]“Reviews are conducted before access to websites is granted. We have also invested in new software to monitor irregularities and malicious activity in the network,” she said.
Dr Lam added that the hospital does regular penetration testing and vulnerability assessment on its systems and patches its systems monthly.
“There are no 100% safe IT systems and there is no easy fix to cyber threat, “ she said, adding that being more prepared is key.
"These are our patients’ medical data and it is our responsibility to step up protection to maintain data confidentiality and integrity, and to prevent illegal access," he said.
Mr Chua echoed similar views. Patient data at Parkway Pantai is guarded by network segregation, multi-layer firewalls and continuous security monitoring, he said, adding that as part of ongoing cybersecurity efforts, access to all external storage devices has been removed.
Internet access has been restricted to work-related websites “since some time ago”, he added.
The hospitals said apart from the security measures, it is also important to raise awareness among staff, and educating them on best practices.
“In the light of this attack, a primary task for us now is to continue to educate and reinforce to our patients and doctors the risks that comes with being digital and gaining efficiency,” Dr Lam said.
Channel NewsAsia has reached out to Raffles Medical Group.
Let's block ads! (Why?)
More...