Health and Care Innovation Expo 2017 returns to Manchester Central on 11th and 12th September 2017.
Wendy Kennedy – CTO - UltraLinq Healthcare Solutions Ltd
In response to the recent WannaCry Ransomware incident the question regarding ways to stay on top of similar risks has been at the forefront.
In brief, I believe that technology companies in the healthcare realm need to continue to follow the guidelines set by the US, UK and the EU for software security. The FDA in the US has recently sent out a list of recommendations on cyber security which we will analyse and integrate into our Quality Management System. Continuous software update protocols should be in place as and when new versions become available to ensure the most up to date security releases. For cloud structure software solutions, each software release needs to go through a risk assessment before starting the design phase. Protocols specific to cyber security threats will require continual review. As a company our first line of defence is to design security in from the start. Participation in Information Sharing and Analysis Centres (ISAC’s) in turn will give valuable information from government and private sector on current or potential threats. When it comes to cyber security there is great value in sharing knowledge from trusted resources.
What could the healthcare industry do to avoid or at least minimise future attacks?
The above tasks my take more resources than anticipated. Planning, budgeting and prioritizing security is key for any organization to handle future cyber security threats.
Looking ahead, Cyber Hygiene is a must. Be proactive, take ownership of potential threats, be watchful and diligent. Remember it is not just traditional computer systems that are vulnerable. Any device connected to a network is susceptible.
Penetration testing, what and why?
Penetration testing is a tool used to test security from outside threats. A third party is normally called in to “hack” a product’s systems. It normally consists of automated scripting against the product along with someone physically trying to find doors into the network. Social techniques may also be employed. Someone will pretend to be a client/patient and try to reset a password and once done will have a way into your system.
Why is this important? You will never really know how good your security protocols are until you have someone try to breach your system. Better to have the good guys do it first.
Dennis Wait – Operational Director (UK/EU) – UltraLinq Healthcare Solutions Ltd
The appeal of SaaS solutions will become increasingly attractive in the healthcare sector. Pure cloud solutions such as UltraLinq allow for regular central software and security updates, avoiding organisation wide delays in implementing security infrastructure. UltraLinq develops innovative solutions for global healthcare with a focus on medical image management, low cost, point of care medical devices, and advanced data analytics, and since cyber-attacks are not localised, we therefor plan our security around this dispersed threat.
The NHS, UK and EU healthcare need to become better informed (at all levels), about the options and solutions available to address current and future challenges. As with most innovative or disruptive technologies this will initially require a top-down approach. Visionary executives are needed to push and drive the digital transformation. The cloud in healthcare brings about significant cost savings, as has already been proven at enterprise level.
Large organisations such as the NHS will reluctantly start using cloud solutions followed by exponential growth, with training for these new technologies of critical importance. Only through a “Critical mass” in cloud fluency rather than “Increasing momentum” could an organisation launch and sustain such a transition to a “Cloud First” approach as proposed by government.
Five points to consider to future proof patient centred image management solutions.
UltraLinq Healthcare Solutions Ltd