Cyber security in hospitals - funding

Cyber security is currently the most important challenge facing government entities - such as medical facilities, hospitals and clinics. In addition to the problem of the security of patient data processing and storage itself, there is also the question of how health care facilities - which have long been known to face a shortage of financial resources - are to cope with paying for the implementation of security solutions against cyber criminals?

Fortunately, a number of central initiatives have emerged that can provide funding for such projects. The Government Legislation Center in 2020 launched a bill to amend the law in the national cyber security system - the Public Procurement Law. All agreements, public consultations and opinions were completed in January 2021, while in March this year the Standing Committee of the Council of Ministers adopted the findings.

What does the bill to amend the law on the national cyber security system entail?

The project provides funding for broadly defined cyber security in hospitals. It covers entities conducting medical activities (hospital services). These facilities will be able to obtain funds from the National Health Fund to carry out tasks related to the protection of sensitive data. There are still a few conditions unexplained, but we know that:

• The amount of funds for an entity will depend on its contract with the National Health Service for 2021.
• The amount of the subsidy is between 300-900 thousand PLN.
• The funds must be spent by the end of 2022.
• The rules for applying for the funds will be published from an order of the NHF president.
• The funds spent will be reimbursed after the tasks are completed.

Implementation of activities is to be preceded by the signing of an agreement with the provincial branch of the National Health Fund, which will specify the scope of the planned tasks.

The weakest link determines the level of digital security

Cyber security in hospitals is only protection against viruses? Nothing could be further from the truth! Well, nowadays the most common incidents involve ransomware attacks - combined with requests for payment to unlock accounts, computers or access to files. Large corporations (such as banks, insurance companies), have both backup infrastructure, special procedures and skilled and experienced IT staff who can handle this type of attack. The situation is much worse for smaller companies and public sector entities. Consequently, it is these entities that are at risk of data loss and large financial losses. Moreover, once such an attack occurs, such as on a medical facility, it loses its operational capabilities and is exposed to an interruption of operations.

Ensuring cyber security is a guarantee for the continuity of government operations, including hospitals and clinics. At Stovaris, you will find, among other things, solutions for creating secure backups, transferring data on encrypted storage media or analyzing network traffic and detecting any anomalies that may be a symptom of an ongoing attack.

Our suggestions on how to increase (cyber)security

Stovaris can assist partners with activities related to the implementation of the solutions offered, which are dedicated to increasing the level of security and leveling cyber threats. The topic of cyber security in hospitals is divided into activities in many areas. Stovaris engineers, technicians and specialists have tremendous experience in implementing and supporting the operation of ICT systems and devices that provide prevention and detection of cyber security threats. Examples: