The Client Rights in Electronic Processing of Data in Health Care Act will contain provisions that will allow requirements to be imposed on information security and privacy. This writes Minister Bruins for Medical Care and Sport in response to Parliamentary questions by VVD member Veldman on the message "Hacking attempt hospital Leeuwarden, NCSC fears attackers in more systems.
Because vulnerabilities in products are constantly coming to light, Bruins believes it is important that healthcare providers continue to pay attention to information security. "Healthcare providers themselves are primarily responsible for their own ICT and information security. They are supported in this by the organization Z-CERT." Also in December, when the Citrix leak surfaced, Z-CERT acted correctly by informing its participants and providing action advice, according to the minister. "The Leeuwarden Medical Center (MCL) informed me that it had not implemented the interim mitigating measures in a timely manner." The MCL's actions are currently under investigation.
The Client Rights in Electronic Data Processing Act also allows ICT products to be certified.
See also: Answers to parliamentary questions MP Veldman (VVD) on the message 'Hacking attempt hospital Leeuwarden, NCSC fears attackers in more systems'
This news item can also be found in the Data Breach, Information Security and Privacy in Healthcare file
