Ministry result

Department of Health announces $ 75 million to address cybersecurity gap

The Department of Health is spending $ 75.6 million to protect the healthcare system from hackers.

Photo: veterinary / 123RF

He said cyber attacks were on the increase around the world and healthcare was one of the most targeted sectors.

Over the next three years, budget funding will help hospitals and primary and community health organizations improve their cybersecurity by protecting sensitive information and minimizing the risk of disruption from cyber attacks.

Waikato DHB’s computer systems were shut down in May following a ransomeware attack. Patient and staff information was stolen, surgeries had to be postponed, and some procedures moved to other areas.

All clinical services have now been restored at DHB, but some computer systems were still not able to be used, the ministry said.

“Work is underway to examine all cases where a patient’s treatment has had to be postponed.”

Deputy Chief Digital and Data Officer Shayne Hunter said planned improvements nationally and regionally were critical.

“Our health and disability system is a critical national infrastructure that will only become more dependent over time on digital technology and the sharing of information between health networks,” said Hunter.

“While it is not possible to completely eliminate cyber risks, it is essential that we improve the resilience of our health and disability system to minimize the risk of disruption to health services in the event of cyberattack and better protect sensitive health information. “

The 20 District Health Boards (DHBs) were already making progress on cybersecurity, Hunter said, but it was clear more needed to be done.

A “cybersecurity roadmap” has been developed by the ministry and DHBs identifying areas of risk and priorities for improvement.

It details the essential cybersecurity capabilities expected of hospitals, primary care providers and community services, and will lead to national security standards and guidelines.

“The most serious cyber risks will be addressed first before further system-wide cybersecurity enhancements are implemented,” said Hunter.

The roadmap plan includes improving identification and access systems, increasing security personnel in the regions, upgrading systems and software, strengthening assurance and testing , and greater use of cloud security.

“This will reduce the likelihood of another successful cyber attack, while laying a solid foundation for further cybersecurity improvements and the secure implementation of new digital health technologies,” said Hunter.