Cyber Security for Private Health Clinics

As private health clinics hold a substantial amount of personal and sensitive data, and with cybercrime growing at an alarming rate, it is essential that they ensure that their approach to cyber security is proactive – not reactive.

Unfortunately, a number of private clinics have been targest of serious cybercrime over the last few years:

A Lithuanian plastic surgery clinic faced a malicious attack from a hacking group resulting in over 25,000 explicit client images being leaked. Clients were held to ransom for up to €2000 to prevent their images and sensitive data from being published online.

A Private Hospital in London sent recordings of private IVF consultations to an Indian transcribing company – unencrypted. The company then stored the recordings on an unsecure server, that allowed the confidential recordings to be viewed by anyone on the internet. If GDPR had been active during this time, the fine of £200,000 would have been substantially higher - up to 4% of the organisation’s gross annual income.

In 2017, one of the worst regarded cyber-attacks of the year hit the UK’s NHS hard. The WannaCry ransomware hit many NHS hospitals and clinics, resulting in 19,500 appointments, including operations, being cancelled, as well as 5 hospitals having to turn away ambulances.

An Ohio based private health group suffered a data breach resulting in over 100,000 sensitive documents being exposed online. The breach was allegedly the result of an ‘SQL Injection’ vulnerability within the health groups website; a vulnerability that could have been easily identified by a web application test. 

  • Are you responsible for patients’ confidential data?
  • Are you trusted to store sensitive information?
  • Do you have confidence in your security?
  • Are your staff security aware?
  • Can you afford a data breach?

Our following Cyber Services would be beneficial to private health clinics, to keep them sefe from cybercrime:

      Internal Testing
      Find out how secure your network is once an attacker has made a connection.

      Remote Testing
      Can an attacker breach your system remotely?

      Table Top Exercises
      Scenario-based exercises designed to test how you would cope with a cyber attack.

      Awareness Training
      Ensure your staff are aware of risks faced from cyber and how to protect themselves and your business.

      If you are interested in finding out more about how we can help your business, please get in touch - [email protected]

      Written on 15 February 2018

      Back to Main Blog