5 Jan 2018

Estonian medical centers at risk for cybercrime

Cost concerns may be preventing Estonian hospitals and medical centers from protecting themselves against computer hackers, putting patients' sensitive medical records at risk.

Marta Tuul
Marta Tuul Eesti Ekspress, Estonia
Source: Eesti Ekspress
Estonian medical centers at risk for cybercrime - NewsMavens
Nude woman. Wikicommons

Why this story matters:

healthcare,technology,science

Cost concerns may be preventing Estonian hospitals and medical centers from protecting themselves against computer hackers, putting patients' sensitive medical records at risk.

The Estonian Information System Authority (RIA) reported about 35 serious cyberattacks last year, including attacks on doctor centers and hospitals whose information technology systems were infected with ransomware.

This means that Estonians' health records may have fallen into the hands of cyber crooks, without their knowledge. 

Weak security can lead to a situation like one in Lithuania last year. A group of cybercrooks called Tsar Team found a so-called "open door" in a beauty clinic webpage and stole more than 25,000 pictures of patients before and after surgery, as well as their credit card numbers and other personal data. They asked the clinic to pay 344,000 euros as a penalty for having an unsafe IT system. The clinic refused, and the patients' information was published on the dark web. 

The Estonian ministry of social affairs said its medical institutions are responsible for any cyberattacks they may face.

At the same time, the ministry has declined to meet a European Union directive that says every member state should have stringent IT rules and supervision, saying it would put too much pressure on health insurance and therefore on prices of treatment.

This means that Estonia, which is known as a leader in information technology, may have medical institutions that are at risk of attack.

Details from the story:

  • IT levels at Estonian medical centers have been found to be lower than average.   
  • The Estonian ministry of social affairs won't implement an EU directive for cybersecurity, saying the costs could be passed down to the patients.
  • Health care institutions are legally responsible for any harm caused by a cyberattack. 
Only relevant news in your inbox.

Our top picks in your inbox -- the best stories from Europe's front pages, selected by top women editors.

WITH FINANCIAL SUPPORT FROM:
Google DNI
SUPPORTED BY:
Women in news
World Editors Forum
STRATEGIC PARTNERS:
NewsMavens
NewsMavens is a media start-up within Gazeta Wyborcza, Poland's largest liberal broadsheet published by Agora S.A. NewsMavens is currently financed by Gazeta Wyborcza and Google DNI Fund.
Gazeta Wyborcza, Agora SA
Czerska 8/10 00-732, Warsaw Poland
Core team_
Zuzanna Ziomecka
Zuzanna Ziomecka EDITOR IN CHIEF
Lea Berriault-Jauvin
Lea Berriault Managing Editor
The e-mail addresses provided above are not intended for recruitment purposes. Messages concerning recruitment will be deleted immediately. Your personal data provided as part of your correspondence with Zuzanna or Lea will be processed for the purpose of resolving the issue you contacted us about. The data provided in your email is controlled by Agora S.A. with its registered office in Warsaw Czerska 8/10 Street (00-732). You can find more information about the processing and protection of your personal data at https://newsmavens.com/transparency-policy