The first scientific research on the preparation and awareness of cyber risk in Italian healthcare has been published. An analysis born from the collaboration between Sham – Relyens group, a mutual company specialized in insurance and risk management for health and social-health sector operators, and the management department of the University of Turin (United). The survey, the results of which are detailed in the white paper Understanding cyber risk: the new horizon in healthcare, collects and analyzes the responses of 68 health professionals operating in structures spread over 14 Italian regions. The professionals interviewed are risk managers, quality managers, data protection officers (Dpo), IT security (Ciso) and clinical engineering managers, as well as representatives of the health and general management. 70% of the structures belong to the public health sector, 30% to the private sector, with dimensions ranging from less than 250 beds to more than 750, representing the composition of the national health system in a homogeneous manner.
“The research has allowed us to identify critical issues and areas for improvement with the ultimate goal of enhancing health risk management actions also in the IT field” add the authors Anna Guerrieri, risk manager of Sham in Italy e Enrico Sorano, adjunct professor of business administration at the management department of the University of Turin.
24% of the structures said they had suffered cyber attacks, of which 11% consisted of ransomware and 33% from abusive access to data. However, the cyber threat in healthcare is not underestimated: 59% of the structures perceive it as a priority that impacts on the services provided and internal organizational models. A further 31% rated the issue as partially a priority. Nonetheless, the measures adopted by the structures to prevent and manage cyber risk are still infrequent: mapping, risk analysis and vulnerability tests are only one third of the total.
.