Privacy Blog
ENISA ISSUES THE CLOUD SECURITY FOR HEALTHCARE SERVICE REPORTS
25.01.2021
The European Union Agency for Cybersecurity (“ENISA”) published the Cloud Security for Healthcare Services Report, which provides cybersecurity guidelines for healthcare organisations to help further digitalise with cloud services.
The report aims to provide cloud security practices for the healthcare sector and identify security aspects, including relevant data protection aspects, to be taken into account when procuring cloud services for the healthcare industry. Cloud solutions allow for the flexible and rapid deployment of the electronic storage of data and electronic communications such as telemedicine.
However, the complexity of legal systems and new technologies, as well as concerns over the security of sensitive patient data have slowed the healthcare sector in adopting cloud services.
The report addresses these concerns by providing security guidelines for three main areas in which cloud services are used by the healthcare sector, namely for:
- Electronic Health Record (“HER”), i.e. systems focusing on the collection, storage, management and transmission of health data, such as patient information and medical exam results;
- Remote Care, i.e. the subset of telemedicine supporting remote patient-doctor consultation;
- Medical Devices, i.e. cloud services supporting the operation of medical devices such as making medical device data available to different stakeholders or for device monitoring.
For each of these use cases, the report highlights the main factors to be considered when healthcare organisations conduct the relevant risk assessment.
The report also proposes a set of security measures for healthcare organisations to implement when planning their move to cloud services, such as establishing processes for incident management, defining data encryption requirements, and ensuring data portability and interoperability.
You can read the full text of the report here.
Should you have any queries and/or remarks, please do not hesitate to contact us.
Kind regards,
Zumbul Attorneys-at-Law