Written by : Aishwarya Sarthe
August 10, 2023
To ensure the security of patient data and protect against cyber threats, the Union Health Ministry of India has taken significant steps in collaboration with the Indian Computer Emergency Response Team (CERT-In). The initiative responds to the escalating concerns regarding data and privacy breaches in the healthcare sector.
Addressing the Lok Sabha on Friday, Minister of State for Health, S P Singh Baghel, elaborated on the comprehensive measures implemented to bolster cybersecurity in the healthcare domain.
Minister Baghel highlighted that CERT-In issues advisories to authorised medical care entities and service providers nationwide. These advisories cover various areas, including the latest cyber threats, vulnerabilities, and countermeasures.
Specific guidelines about information security practices tailored to government entities, health services, data and network security, identity and access management, application security, third-party outsourcing, security monitoring, incident management, and security auditing are disseminated through these advisories.
A government agency established by the Government of India in 2004 under the Information Technology Act 2000, CERT-In is the central agency for dealing with cyber threats, including hacking and phishing. The office, a part of the Ministry of Electronics and Information Technology, is pivotal in addressing cyber threats.
These drills are conducted across ministry divisions, fostering preparedness and responsiveness to potential cybersecurity incidents.
Regular training programs conducted with the Centre for Development of Advanced Computing (CDAC) and the National Informatics Centre (NIC) are vital components of the comprehensive approach to tackling cyber threats. These programs are designed to sensitise program divisions on securing IT infrastructure and mitigating cyberattacks.
Notably, the Union Health Ministry's commitment to data security is underscored by its adherence to the security audit guidelines and advisories issued by the NIC. This ensures robust measures are in place to safeguard patient data and privacy at the web application level.
Minister Baghel also emphasised the broader digital health landscape with the launch of the Ayushman Bharat Digital Mission (ABDM). This initiative aims to establish a resilient digital health infrastructure and create a comprehensive Electronic Health Record (EHR) system for citizens. The National Health Authority (NHA) has issued guidelines and notifications governing the operation of digital health applications integrated within the ABDM ecosystem.
In conclusion, the collaboration between the Union Health Ministry and CERT-In stands as a commendable effort to fortify data security and patient privacy in the face of evolving cyber threats. By providing advisories, mock drills, and training programs, India's healthcare sector is taking a proactive stance against cyber threats.