Our latest round up from the world of cyber security features news that the University of St Andrews in Scotland has received £37.4million funding via an European Union grant to study the security of medical data.
University of St Andrews secures £37.4m funding to study medical data security
The University of St Andrews has secured £37.4million (€43.7m) from the European Union to study security of medical data.
The money, which has come from the Horizon 2020 programme, will go towards delivering the Serums project – which aims to make sure patients are at the centre of the healthcare provision, enhancing their personal care and maximising the quality of treatment that they will receive, while ensuring trust in the security and privacy of their confidential medical data.
The project is being led by Vladimir Janjic, Juliana Bowles and Chris Brown, a team from the School of Computer Science at St Andrews, and brings together nine leading academic and industry partners from the UK and abroad
In a joint statement, the project leaders said: “Healthcare provision of the future will necessarily be multi-site and will need to cross traditional boundaries of hospitals, health centres, home, workplace, and even national borders.
“This, coupled with the increasingly strict regulations on privacy and ownership of the data, creates a huge pressure on healthcare providers to ensure that storage, access, communication and analytics of the medical data is performed in a safe and secure way. Tackling these problems, while still ensuring fast response and high-quality of service for the patients, is the main focus of the Serums project.”
Former Heart of England employee fined for accessing data
A former employee at the Heart of England NHS Foundation Trust (HEFT) has been fined for breaching data protection laws.
Faye Caughey, 32, of Ringswood Road, Solihull was employed at the trust when she unlawfully accessed the personal records of 14 individuals between February 2017 and August 2017.
Birmingham Magistrates’ heard that as part of her job, Caughey was authorised to access records of adults on two separate systems – HEFT’s iCare and CareFirst from Solihull Metropolitan Borough Council.
Caughey pleaded guilty to breaching Section 55 and Section 60 of the Data Protection Act 1998 at the same court on 15 March. She was fined £1,000, with a £50 victim surcharge, and was ordered to pay £590 towards prosecution costs.
Mike Shaw, who heads up the criminal investigations team at the ICO, said: “People expect that their personal information will be treated with respect and privacy.
“Unfortunately, there are those who abuse their position of trust and the ICO will take action against them for breaking data protection laws.”
University Hospitals Birmingham NHS Foundation Trust (UHB) merged by acquisition with Heart of England NHS Foundation Trust on 1 April, 2018.
The trust declined to comment when approached by Digital Health News.
Security poll suggests majority of companies do not feel confident about cyber attack aftermath
A poll by NTT Security has revealed 59% of respondents have said they are not confident their company could resume ‘business as usual’ after the first 24 hours following a cyber security incident.
The poll, which was conducted over social media, also revealed a lack of skills in-house is what worries the majority of companies (59%) when responding to a cybersecurity incident or breach, while 41% worry about lack of budget.
David Gray, senior manager and incident response practice lead at NTT Security, said: “The worry is that even if organisations do have an incident response plan in place they simply do not have the resources to execute it, losing valuable hours or even days identifying the right skills and setting up the necessary SLAs and contracts. This is precious time wasted.
“Even the most mature security teams are forced into a reactive stance when something happens. Those first 24 hours are crucial in minimising the impact and cost of an incident and protecting valuable data, so they need to make them count.”