How Comprehensive IT Monitoring in the NHS Can Support the DSP Toolkit

Cyberthreats are a perpetual risk. With ransomware high on the list of concerns for all organisations—particularly in healthcare where patients’ lives are on the line—it’s vital for healthcare organisations to have the necessary measures in place to ensure sensitive patient data is kept secure and can only be accessed by the professionals who have the right to open it.

Healthcare technology infrastructure is unsurprisingly a major target for cybercriminals. A recent study from Obrela Security Industries found 81% of U.K. healthcare organisations had suffered a ransomware attack in the past year. From the infamous WannaCry attack on the NHS in 2017, to the recent attack on the Irish healthcare system in May this year, we’re increasingly seeing these critical organisations being targeted by cybercriminals.

These ongoing and potentially catastrophic problems have increased the emphasis on security compliance and governance in public healthcare systems. For instance, the NHS’s Data Security and Protection (DSP) Toolkit enables relevant healthcare organisations to measure their performance against data security and information governance requirements. It’s a requirement for all organisations with access to NHS patient data and systems to provide the assurance they’re practising good data security and personal information is handled correctly.

The DSP Toolkit enables U.K.-based organisations to compare their practices to the 10 data security standards set out by the National Data Guardian, an appointed individual responsible for advising healthcare organisations how to secure and use NHS patients’ confidential information.

Every organisation with access to NHS patient data and NHS systems must submit their DSP Toolkit assessment annually before the deadline. By submitting the assessment, organisations can demonstrate they’ve handled personal data appropriately and engaged in strong data security practices over the past year.

Keeping IT Networks in Good Health

To demonstrate compliance and show all IT environments are fully monitored, organisations must collect, normalise, and correlate network log data. Ideally, they’ll also be able to automatically respond to threats in real time and alert all relevant stakeholders of suspicious activities. This serves not only to raise awareness of security threats, but also helps comply with the National Data Guardian’s Data Security Standards.

Indeed, effective network monitoring remains a vital strategy for ensuring healthcare organisations can deliver sufficient levels of security. This requirement has become even more crucial as some healthcare workers continue to work more remotely. What’s more, the pace of digital transformation in the sector is accelerating, with innovation ranging from complex IoT solutions to investment in artificial intelligence and machine learning adding to infrastructure complexity.

The use of compliant-ready tools for network monitoring, however, is enabling IT professionals to build greater network visibility and follow a set of best practices, which include:

  • Analysing the flow of data — Using flow protocol analysis, IT can quickly identify suspicious and potentially dangerous increases in unwelcome types of traffic or traffic going to a questionable external destination.
  • Monitoring all digital objects — As healthcare organisations increase their reliance on cloud computing solutions, every virtual instance on the cloud should have its state and performance parameters monitored around the clock for continued compliance.
  • Tracing application traffic — In an environment where any slowdown or disruption could cost lives, application tracing of actual application traffic allows IT teams to carry out rapid root cause identification for network issues.
  • Logging access to resources — An important requirement for any cybersecurity effort, this allows IT pros to easily identify and aggregate traffic and user access patterns for analysis, monitoring access based on user behaviour and identifying anomalies.

Technology and data security best practices are constantly changing and evolving, and therefore these four actions are important to consider. The DSP Toolkit requirements are also similarly reviewed and refreshed regularly to ensure they’re encouraging organisations to meet the latest security standards.

Those healthcare organisations actively striving to improve their data security measures, including restricting access to sensitive data, and monitor their entire IT environment will be far more prepared for any unexpected incidents, not only to prevent them from happening, but also to recover quickly and efficiently should anything slip through the net.

By Sascha Giese, Head Geek at SolarWinds


Join our audience of healthcare industry professionals