Here in Australia, we aim to have a healthcare system that takes excellent care of each and every one of us. We’ve highly qualified GPs who treat common medical conditions and hospitals where Australians of all backgrounds and ages expect to receive the best possible treatment.

Of course, there are always opportunities for improvement and World Patient Safety Day on 17 September is a reminder to seek them out. It’s an annual initiative that aims to raise global awareness about patient safety and encourage united action to reduce patient harm.

First held in 2019, it was inspired by a set of alarming statistics: 134 million adverse events [1] occur globally each year due to unsafe care in hospitals; 15 per cent of hospital expenses [2] can be attributed to treating patient safety failures in OECD countries; and 80 per cent [3] of harm to patients in primary and ambulatory settings is avoidable.

Unpacking the Risks To Patients

While it behoves healthcare professionals to reflect on their practice and adopt or adapt processes to better protect the individuals in their care, deficiencies in direct care are not the only dangers faced by patients today.

Their health, wellbeing and lives can also be put at risk by a cyber-attack or significant data breach.

There’s been no shortage of them, successful and otherwise, of late. Back in 2020, the Australian Cyber Security Centre, the federal government’s lead agency for cyber security, warned the health sector was coming under increasing attack from malicious actors, intent on compromising their networks.

Four years on, they’ve yet to let up.

The latest OAIC figures for the first half of 2024, showed that the healthcare secto retained the leading industry spot as the most hit sector with 102 breaches.

Why Hackers Are Hard At It In The Healthcare Sphere

For every headline hitting incident like these, there are hundreds more failed gambits. In August 2024 alone, healthcare organisations globally faced an average of 2640 attacks a week, according to Check Point research.

That sounds like a lot – and it is. Healthcare is a common target of cyber-attacks courtesy of the fact that organisations in this sector are custodians of valuable data; personal information that’s worth money to criminals seeking to commit identity theft and fraud. It’s a hot commodity on the dark web and can serve as leverage in the corporate extortion that is a part and parcel of a ransomware attack.

And the perpetrators aren’t just persistent and ruthless – they’re highly professional and organised too. Some provide access to organisations they’ve previously breached to their ‘colleagues’ while others rent their infrastructure out, or offer ransomware as a service to amateur cyber-crims who lack the technical nous to orchestrate their own attacks.

Protecting Patients From Harm

As healthcare facilities become ever-more-reliant on digital technologies, the risk to patients and healthcare professionals continues to rise apace.

That’s why cyber security is now an essential element in the patient safety equation; one organisations and institutions in this sector can’t afford to ignore.

They have a responsibility to adopt comprehensive measures to improve their security posture, by implementing cyber policies, solutions and staff training programs.

Key steps should include securing all devices that could provide an entry point for hackers, and implementing anti-ransomware software that watches for unusual activity, such as the opening and encryption of large numbers of files. If suspicious behaviour is detected, it can react immediately to prevent massive damage.

Segmentation of the network, so that users only have access to the information they need to do their jobs, can minimise the risk of malicious code spreading uncontrollably throughout the organisation.

And a comprehensive automatic back up program will ensure data is easily and quickly recoverable, should the worst occur.

Together with a rigorous patching program and awareness training that teaches employees to recognise threats, these measures can do much to mitigate the risk.

Safety First

Providing exemplary care to patients is the raison d’etre of the nation’s healthcare system – a system of which all Australians should feel justly proud. Protecting the high tech infrastructure hospitals and healthcare professionals depend on to deliver that care is vital too, on World Patient Safety Day and every day.

Sadiq Iqbal, Cyber Security Advisor, Check Point Software Technologies

[1] https://www.gmanetwork.com/news/topstories/nation/708334/134m-adverse-events-occur-annually-due-to-unsafe-hospital-care-who/story/#goog_rewarded

[2] https://www.who.int/campaigns/world-patient-safety-day/2019

[3] [3] 134M adverse events occur annually due to unsafe hospital care —WHO | GMA News Online (gmanetwork.com)