We recently hosted a Sailpoint and Deloitte Singapore Healthcare Lunch for a group of CISOs and CIOs discussing….
The last two years have seen multiple unparalleled forces driving change in healthcare. The unprecedented requirement for care, coupled with an equal uplift in digital health services, and an ever-increasing cyber threat landscape in response to healthcare reimagined. The corresponding response to this shift would be the continued focus on complying with MOH’s HIM-ISP and various advisories from PDPC & MOH and CSA’s Cybersecurity code of practice for CIIs, that imposes tighter guidelines and increase cyber security requirements. While technology is a healthcare enabler, aiding in better healthcare outcomes, the focus is renewed on facilitating change, without impact.
With evolving healthcare business models, few hospitals and medical practices today operate entirely independently. Most are part of a complex network of joint ventures, partnerships, and community support, each with its own part to play in the continuum of care. The proliferation of different types of devices coupled with diverse platforms, applications, and cloud ecosystems have transformed healthcare organisations into interconnected mobile societies. Examples include pivoting to telehealth, contingent workers arriving at a disaster scene, and staff shifting roles in response to new medical protocols. There’s also the surge of new users that can come onto existing healthcare IT infrastructures when healthcare organisations undergo mergers and acquisitions, pandemics, and large catastrophic events. Without the ability to manage these access requirements in a short and proficient time period, patient safety issues and quality of care are deeply affected.
Our group discussed:
- Cyber Threats and the barriers to healthcare cyber resilience
- Cost, workforce
- Who has access to what? What should they have access to? How are they using their access?
- Enable care coordination
- Drive operational and clinical efficiency
- Legislation and reporting requirements:
- Managing changing regulations and an increasingly diverse user base.
- How do you address operational, clinical security, and compliance risks posed by hybrid IT architectures?
- Secure your sensitive electronically protected data