What is cybersecurity at laboratories?
Cybersecurity aims for the security of electronic systems and networks. In a society that is rapidly digitizing, cybersecurity is an increasingly important topic in the field of health care, as well.
We will hear an interesting lecture on this at Labquality Days 2023, as IT Test Manager Toni Kajantola from HUS Helsinki University Hospital will give a talk titled Cybersecurity at the HUS IT: How HUS IT department supports lab and clinical environments maintaining security and enables continued change.
Kajantola has worked in IT for over 20 years, previously at Nokia and Futurice. Currently, some of his most important tasks at HUS include developing testing processes which include information system security testing and development. HUS is committed to emphasising the role of cybersecurity and its testing within its operating environment.
According to Kajantola, there are similarities between cybersecurity in healthcare and cybersecurity in banking, for example, because the information maintained in their systems can be critical and therefore, the possibilities for damages can be significant. The difference is that in healthcare, information is gathered from everyone in society, from babies all the way to pensioners.
“Healthcare organisations hold a lot of personal data: we handle contact information, health information and even sensitive information, so that can create opportunities for the data to be mishandled”, Kajantola describes.
The diversity of the operating environment brings its own challenges when it comes to cybersecurity: healthcare organisations use a variety of different devices, places of operation and staff.
“There can even be staff who aren’t that interested in cybersecurity. That brings a challenge – how do we train and inform so that the message makes sense to the staff? People and technology are challenges in building the jigsaw”, Kajantola says.
When it comes to cybersecurity in healthcare, it would be beneficial to raise general knowledge and awareness, according to Kajantola. Maintaining knowledge is of course important, too. Customised training that would deepen the participants’ existing knowledge would be useful, Kajantola says. Like HUS, many healthcare organisations offer a wide range of services, which means that the need for staff training varies a lot.
Cybersecurity also reaches healthcare end users and customers. HUS, among many organisations, offers their customers mobile apps and other digital services that allow people to e.g., book appointments and review their patient information using their own devices. These digital solutions are designed to make it easier for customers to attend healthcare services as they can be used regardless of time and place.
Even though cybersecurity can seem like a challenging topic and its risks are real, scaremongering should be avoided, Kajantola reminds us. Instead, people should be encouraged to use these digital services.
“At HUS, we work very hard for cybersecurity so that the end users don’t have to worry about it.”
Laboratory systems work in different information networks at HUS. These systems have their own experts and product managers who design the systems in collaboration with IT management and work in collaboration with system providers. One important aspect of information security is physical access to laboratories.
“Access is monitored, and it is isolated from the network in a certain way. We also aim to log all the components we use in our systems so that we have up-to-date information about what kind of devices we use in our networks and buildings”, Kajantola says.
The operating environment at HUS is diverse from the cybersecurity perspective. There can be hundreds of different types of hardware in use and their management needs to be planned precisely. The organisation needs to be prepared for emergencies so that the business can continue to operate even in the case of an electricity outbreak and loss of networks.
At Labquality Days, Kajantola will be talking about this complex environment. He hopes that his speech will help listeners understand the importance and diversity of information security.
”I hope that system suppliers would also take cybersecurity into account”, Kajantola says.
Hear Toni Kajantola’s lecture Cybersecurity at the HUS IT: How HUS IT department supports lab and clinical environments maintaining security and enables continued change at Labquality Days on 9 February 2023 at 15:15.
In addition to Kajantola’s lecture, the Future of MedTech session includes the following lectures: