MOH SUPPORTS HEALTHCARE PROVIDERS IN SAFEGUARDING PATIENT DATABASES

We refer to Dr Yik Keng Yeong’s letter “Doctors may need help preventing cyber attacks on patient databases” (July 22).

Cyber security is a shared responsibility. 

Government systems such as the National Electronic Health Record (NEHR) are designed with robust cyber and data security measures in place to protect Singaporeans’ health information. These include technical safeguards such as firewalls, security tools to detect and mitigate attacks, and ongoing monitoring and investigation of suspicious activities. 

In turn, systems connected to the NEHR are also required to have appropriate security measures in place. We understand the concern that GPs may have, and have ensured that white-listed clinic management systems meet the requisite cyber-security standards. 

Healthcare providers play an important role in ensuring that they have robust arrangements in place as to how their clinic management systems or electronic medical record systems are managed and used. They should put in place good practices, such as  using strong passwords and two-factor authentication, be vigilant against phishing attempts, use anti-malware and anti-virus solutions, and keep computers/systems updated with security patches.

The Ministry of Health supports healthcare providers through funding, and training and educational materials on cyber and data security practices. There are also the Cyber and Data Security Guidelines and Guidebook which help healthcare providers understand and meet the essential security requirements.

The Ministry of Health is also exploring ways to work with cyber and data security providers to support healthcare providers in strengthening their security posture. 

We strongly encourage all healthcare providers to familiarise themselves with essential cyber and data security practices.

Raymond Chua (Adjunct Professor)
Deputy Director-General of Health (Health Regulation)
Ministry of Health