But what happens if the robot is hacked or the connection interrupted mid-surgery? What happens if a hospital’s lifts are subjected to a cyber-attack when theatre patients are being transferred to critical care wards? Where does the liability lie when the pacemaker malfunctions?
These issues, along with the security of private data, need to be carefully addressed.
Electronic medical records also represent a trove of information that cyber criminals prize. Since the launch of the Notifiable Data Breaches scheme, the health sector has consistently been the most highly represented in terms of notified breaches to the Office of the Australian Information Commissioner (OAIC). Serious security concerns have been raised about the government’s My Health Record system which aims to create a shared digital medical record for every Australian unless they opt-out. The My Health Record system, which currently houses over six million Australian health records, reported six eligible data breaches in 2017. Health information is an attractive target for intruders. They can be used to perpetrate a wide variety of offences, including identity fraud, identity theft, blackmail and extortion1.
The healthcare sector has become increasingly aware of the risks associated with automation. Cyber risk has been identified as a top five risk by the sector according to Aon’s analysis, with no signs of waning in the future. The fast pace of transformation brings with it the risk of blind spots emerging. The risk to healthcare organisations is changing as fast as the automation technology is rolled out. Their risk profile and insurance policies require regular and comprehensive reviews to ensure no gaps develop.
1 https://www.myhealthrecord.gov.au/media-releases/statement-notifiable-data-breaches Print