Shulou(Shulou.com)06/01 Report--

With the acceleration of digital medical construction in China, patient data usually flows through multiple systems, across multiple units and security fields, in hospital websites, registration systems, electronic medical record systems used by doctors, medical equipment, hospital data management systems, government health information exchange systems and even POS systems. Any of these protective weaknesses are exploited by hackers. Can lead to unpredictable consequences.

Today, the threat environment facing IT teams in the healthcare industry has also changed. First of all, the black market demand for patient data increases, and the price is not cheap, which naturally attracts the attention of hackers. In addition, in the underground black market, hackers have everything they need, and low-cost attack programs (DDoS, etc.) can be easily purchased. They have identified the relatively weak security protection system in the medical and health industry and looked for attack points in multiple systems across the data, which may include users' newly built mobile medical systems, cloud computing platforms, medical equipment, Internet of things technology suppliers, etc., all of which go beyond the scope of traditional data anti-disclosure technology.

Of the 2014 data breaches captured by the identity Theft Resource Center (Identity Theft Resource Center), 42.5 per cent occurred in the healthcare and health care industries, more than any other industry. In China, there are many data leaks in medical institutions in the past two years, and many loopholes are concentrated in the centers for disease control and prevention and health systems in some provinces and cities, resulting in the risk of leakage of medical data of tens of millions of users. These data include sensitive information such as the user's home address, illness and social security card, which not only infringes upon the user's privacy, but may even be used by hackers as a tool for cyber crime, resulting in serious economic losses to patients.

In recent years, although the level of network security protection in the medical and health industry has been greatly improved, it is still not enough to resolve the increasingly sophisticated security threats. Medical institutions have become the "hardest hit area" of cyber crime, so it is time to re-examine the effectiveness of the security protection system, and it is imperative to use the latest database audit system to protect the security of core data. To this end, it is recommended that the IT team take the following five steps to resolve the crisis:

First, solve the problem of confidentiality of user information from the root.

Carry out prevention and control from the database level, thoroughly control the leakage of customer data information from the root, and encrypt and store key data such as personal ID card, social security participation information, finance, salary, housing, etc., to prevent the centralized disclosure of personal privacy information and batch statistical behavior.

Second, carry on the audit monitoring of data access behavior, focusing on strengthening the database audit technology.

Monitor and audit the access behavior of the database, warn and stop the ongoing database theft in real time, and provide effective electronic evidence.

Third, strengthen the audit management of operation and maintenance.

Carry on safe, effective and intuitive operation audit to the management and maintenance of internal database, server and network security equipment, record the policy configuration, system maintenance and internal access in detail, provide fine-grained audit, and support the playback of the whole operation process, and be able to carry out security protection from various angles before, during and after the event.

Fourth, change the mutual restriction into clear powers and responsibilities, and improve the internal control mechanism of IT.

Establish a security authority system independent of the database system, and carry out fine authority control. From the point of view of internal control, the right to use, management and supervision of the system must be separated. Audit system to achieve independent audit, to help supervisors to obtain effective technical means, so as to improve the enterprise IT internal control mechanism, irrelevant personnel can not see personal specific information.

Fifth, meet the requirements of laws and regulations.

The framework of medical regulations is complex, and from a cyber security perspective, there are a variety of frameworks and standards that must be followed, including HIPAA,HITECH and PCI DSS. Domestic users can not only refer to the above laws and regulations, but also use the "information security level protection system" as a starting point to promote the improvement of security management ability.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.