Vulnerability in health care must be reduced
Recently, almost 30 representatives from the EU project HEIR visited our centre in Tromsø. The goal is to create a robust IT security system for reliable sharing of health data in the EU health sector.
The security of healthcare and the use of electronic medical devices (EMD) must be improved due to the ever-increasing interest in health data globally. In fact, our health data is worth 10-30 percent more than your credit card data - for better or worse!
- High security requires high protection. At the same time, easy access to health data is important for public health. Healthcare professionals can provide better treatment with good data, and researchers gain more knowledge about various diseases with access to anonymised health data, says Célia Nilssen, project manager for HEIR in Norway. On a daily basis, she works at the Norwegian Centre for E-health Research.
The HEIR project addresses overall medical network security across institutional and national levels, and uses innovative methods such as artificial intelligence and advanced computing to ensure access to health data while making hospitals' overall IT security more robust. HEIR analyzes threat images in real time, and restricts access to data when security levels at a ward, hospital or in a country so require.
The Topsy Turvy World
Today, health personnel in Norway in some cases have to write down health data on paper and transfer these manually between several different systems.
The technology of the EU project HEIR seeks to sequre and automate this process and thereby save valuable time for healthcare professionals and reduce the risk of errors.
The Norwegian partners in the project, the Norwegian Centre for E-health Research and the Norwegian Diabetes Register for Adults (NOKLUS), will in a pilot improve the functionality and security associated with the exchange of health data between patients with diabetes, NOKLUS, researchers and therapists.
In Tromsø, the EU project visited the clinic that treats patients with diabetes at The University Hospital of North Norway, and got to see how the hospital's IT systems, medical records systems and the patient's electronic equipment work in a consultation, as well as how health data is currently transmitted manually.
It is important for the project that knowledge about security in the transfer of patient data can be applied in real life, and that this benefits research.
- New sensors and health apps collect more and more health data from patients. Several of these data should be used both during consultation and transferred to health registries. In our pilot for people with diabetes, we demonstrate secure solutions for automatic transfer of data to the National Diabetes Register for Adults (NOKLUS) every fourteenth day, instead of manually as it is today only once a year. This way we will get a much better overview of the disease and knowledge of how it varies e.g. with the seasons and other factors, says Professor Eirik Årsand at the Norwegian Centre for E-health Research and UiT The Arctic University of Norway.
Aim
HEIR wants to strengthen the level of digital network security in health in Europe by establishing good security solutions and practices that apply within the legal framework of European countries.
The project seeks to raise awareness of online security related to medical devices such as insulin pumps and medical apps. Furthermore, they want to simplify cooperation and standardization of risk assessment, as well as develop a knowledge-based system for network security in the health sector.
More information about the project can be obtained by contacting project manager Célia Nilssen at the National Center for e-Health Research.
