Physician Leaders Issue Warning about Cyber Attacks on Health


(24.10.2016) A warning that the spread of electronic medical records and billing systems has made the healthcare sector vulnerable to cyber-attacks has been issued by the World Medical Association. It says the sector is now a prime soft target for cyber criminals.

Hospital information and practice management systems could become gateways for cybercriminals, putting at risk patients' electronic medical and financial records. Also at risk were radiology imaging software, video conferencing systems, surveillance cameras, mobile devices, printers, routers and digital video systems used for online health monitoring and remote procedures.

Delegates at the WMA's annual Assembly in Taiwan warned that this was a real threat to public health. Some hospitals were being regularly hacked and sometimes blackmailed for money. The meeting supported a statement urging governments, policy makers and operators of health systems throughout the world to work with the competent authorities to anticipate and defend against such attacks. 

The statement says that cyber security threats are an unfortunate reality in an age of digital communication and are on the rise. This posed a threat to the health and well-being of the general public. Especially disconcerting was the threat posed to patients' fundamental right to data privacy and safety.

The statement says that current security procedures in the healthcare sector have not kept pace with the volume and magnitude of cyber-attacks. Despite the dangers, many healthcare bodies lack the financial resources, the necessary skills or the will to prevent cyber-attacks. 

Prof. Frank Ulrich Montgomery, Vice Chair of the WMA, said: ‘It is vital to raise awareness about this threat. Healthcare institutions, from the smallest of private practices to the largest of hospitals, are vulnerable to cyber-attacks. Criminals can not only access bank accounts and prescriptions illegally, but they could alter a patient's data or interfere with ongoing medical procedures - both with life threatening consequences. 

‘We would like to see medical institutions urgently put in place comprehensive systems for preventing security breaches, including training staff about data handling practices'.