AP to monitor data security in healthcare

In healthcare, medical data about people is used and stored, among other things. This data is sensitive, and healthcare providers have a great responsibility to protect it. For example, only the practitioner and authorized employees may view a patient's medical file. Healthcare organizations must monitor this. Healthcare organizations must also properly secure data against hackers and data breaches. This is stipulated in theGeneral Data Protection Regulation (GDPR). The AP has observed that not all healthcare providers have their security in order. Things also regularly go wrong when healthcare providers exchange patient data with each other.

Promoting GDPR compliance

Monique Verdier, vice-chair of the AP: "Nothing is as private as your health data. Patients and clients must be able to trust that healthcare providers handle their medical data with the utmost care. If your medical data is stolen or if someone snoops around in your medical file, the impact is huge. With these visits, we want to ensure that healthcare providers take the necessary protective measures, as specified in the GDPR. And where improvement is needed, we help organizations get started."

Many data breaches in healthcare

In2024, the AP receivedthe most data breach reportsfrom organizations in the health and welfare sectors. This involved more than 6,800 reports. The healthcare sector also appears to be a popular target for cybercriminals. These criminals often threaten to sell or publish sensitive information if no ransom is paid. The consequences of such a hack can be significant, as was seen earlier this year at the Clinical Diagnostics laboratory. The AP has launched an investigation into the hack at the laboratory that processed data for population screening.