Przegląd naruszeń cyberbezpieczeństwa danych medycznych w polskim sektorze ochrony zdrowia w 2023 roku
A Review of Medical Data Security Breaches in the Polish Healthcare Sector in 2023
Author(s): Mateusz Guziak, Kacper ZiarnikSubject(s): Politics / Political Sciences, Criminal Law, International Law, Human Rights and Humanitarian Law, Civil Society, Governance, Public Administration, Public Law, Government/Political systems, Welfare systems, Criminology, Health and medicine and law, Welfare services, ICT Information and Communications Technologies, Socio-Economic Research, Administrative Law
Published by: Wydawnictwo Naukowe Dolnośląskiej Szkoły Wyższej
Keywords: data protection; cybersecurity; electronical health records; healthcare
Summary/Abstract: Electronic Medical Records (EMR) have become the default method for collecting and storing data in the healthcare sector. However, medical data aggregated in this manner are particularly vulnerable to cyber threats, which have notably intensified in light of the war in Ukraine. This situation poses new challenges for the healthcare sector, necessitating enhanced measures to protect both EMR and the cybersecurity of the entire sector. This article reviews the literature and reports from government and international institutions covering the period from 2013 to 2023. Databases such as PubMed and Google Scholar were searched using terms related to healthcare sector cybersecurity and medical data. The materials were critically analysed. Additionally, a review of media reports describing cybersecurity breaches in the Polish healthcare system in 2023 was conducted using Google Search. The authors present that in 2023, hospital infrastructure remained susceptible to cyber threats. The healthcare sector frequently became the target of cyberattacks, with medical personnel being their primary focus. Polish medical institutions reported 405 incidents of cyber threats, with ransomware being the most common type of attack. The analysis of incidents highlighted a significant diversity of attacks. Among the most noteworthy incidents in 2023 were an attack on the server infrastructure of TW-MED Medical Center and a ransomware attack on ALAB Laboratories. The number of cybersecurity threat incidents in the healthcare sector remains high. In the face of these challenges, effective actions are necessary to ensure the safety of patient data. We emphasise the crucial role of staff education in this regard. Collaboration between medical institutions and cybersecurity experts appears essential for ensuring the effective protection of medical data in an era of increasing cyber threats.
Journal: Rocznik Bezpieczeństwa Międzynarodowego
- Issue Year: 18/2024
- Issue No: 2
- Page Range: 109-123
- Page Count: 15
- Language: Polish
