In early March 2023, the Brest hospital was the victim of a major cyberattack, leaving its information system non-functional. The large number of cyberattacks on hospitals highlights the issue of securing healthcare data, as this information is highly prized by cybercriminals. In 2021, the French Agence du Numérique en Santé (ANS) reported 730 incidents in the healthcare sector, almost double the number reported the previous year, with 369 incidents in 2020. However, solutions do exist to protect sensitive data, such as Parsec, used by the Nègrepelisse hospital and certified by the French National Agency for Information Systems Security (ANSSI).
Hospitals are easy, lucrative prey
The hacking of the Brest hospital is just one in a long list of cyberattacks. The Bourg-en-Bresse hospital was also the victim of a cyber attack on the night of April 10-11, 2023. These highly sensitive entities should be subject to extensive IT security. This raises the question of whether their security is up to the threat. For a long time, hospitals were thought to be sacred places, safe from any malicious attack. Today, however, there is no such thing.
Cyber attacks on hospitals are widespread. Personal health data, which is sensitive information, attracts a great deal of interest and is becoming lucrative on the Dark Web. Blackmail to distribute patients’ personal files, as happened at the Vitry-Le-François and Corbeil-Essonnes hospitals, is a wake-up call. In a globalized digital world, protection is vital.
It’s important to point out that French hospitals lack the resources to combat increasingly sophisticated and devastating cyber-attacks. Given the day-to-day problems faced by public hospitals (understaffing, lack of beds, etc.), cybersecurity issues relating to sensitive data are all too often neglected.
The controversy surrounding the Health Data Hub
The context is even more complicated when it comes to health data sharing. The controversy that followed the creation of the Health Data Hub highlights the limits of government initiatives. The Health Data Hub aggregates data from the National Data System to enable “easy, unified, transparent and secure access to healthcare data to improve the quality of care and support for patients”.
On the other hand, the data is hosted by Microsoft, a company subject to U.S. law and thus to the Cloud Act, which authorizes the U.S. government to seize any data hosted by a company headquartered on U.S. territory. And while there is talk of migrating data to a sovereign solution, whether French or European, this is not expected to happen before 2025…
The innovative Parsec solution for protecting sensitive data: the case of Nègrepelisse hospital
The case of the Turenne hospital in the town of Nègrepelisse, which has been using the Parsec solution since January 2023, demonstrates the benefits of using a tool dedicated to the protection of sensitive data and certified by ANSSI. “ As part of the management of the Groupe Hospitalier’s Common Admissions Commission, we needed an IT tool to coordinate file management across several sites,” says Sonia Perez, social worker at Nègrepelisse hospital.
The use of Parsec, an innovative and collaborative solution for the cybersecurity of sensitive data, meets the needs of the healthcare establishment in every respect, offering a high level of security and ergonomics: “The coordination of actions between commission members has been optimized. We have observed a regularity and fluidity in exchanges. In addition, the software’s ergonomics encourage staff to become satisfactorily involved in the process of managing sensitive documents for the Groupe Hospitalier’s Common Admissions Commission. The software has enabled us to structure our actions more effectively, and to achieve a better match between resources and results. “adds Sonia Perez.
Thanks to Parsec, files from several sites are managed on our secure French platform, guaranteeing data security and sovereignty. French healthcare establishments must progressively adopt sovereign, high-quality solutions to guarantee their confidentiality.
Sources :
https://www.zdnet.fr/actualites/l-hopital-de-bourg-en-bresse-victime-d-une-cyberattaque-39957086.htm
