EU cybersecurity agency publishes report on cloud security for healthcare sector

The European Union Agency for Cybersecurity (ENISA) published the Cloud Security for Healthcare Services report, providing cybersecurity guidelines for healthcare organisations to help further digitalise with cloud services. The report is built upon the ENISA’s procurement guidelines for cybersecurity in hospitals, assessing the cybersecurity risks of cloud services and offering good practices for the secure integration of cloud services into the healthcare sector in Europe. The report notes that cloud solutions enable the flexible and rapid deployment of electronic data storage and communications such as telemedicine; the importance of such digital healthcare services has been underlined during the COVID-19 pandemic. The report addresses three main areas in which cloud services are used by the healthcare sector: electronic health records, remote care, and connected medical devices. The report highlights the main factors to be considered when healthcare organisations conduct risk assessment, for example, in terms of sensitive patient data or availability of a medical service.