The Cybersecurity and Digital Strategy Day of the National Health System was held

Yesterday, March 6, the Conference on Cybersecurity and digital strategy of the National Health System was held in the Bital space in Hospitalet de Llobregat.

SISCAT cyber security model

The Minister of Health, Manel Balcells, opened the event where the cyber security model that is being deployed in the 68 hospitals included in SISCAT was discussed in collaboration with the Cybersecurity Agency of Catalonia and the Department of Health. It is a specific cyber security model adapted to the main threats facing the health environment. This model is focused on increasing the protection of SISCAT hospitals, reducing exposure to threats and increasing resilience to guarantee health care for the citizens of Catalonia in the face of possible cyber threats.

Marc Realp, Secretary of Telecommunications and Digital Transformation, contextualized the project as one of the secretariat’s four most relevant lines of action, which he summarized in four points: moving from the digitization phase to the transformation phase, incorporating innovation into processes, improving digital infrastructures and finally, cyber security. He emphasized that this project will not only have value in the field of health, but will serve as a reference model to be implemented in other areas.

Then, Thomas Roy, director of the Cybersecurity Agency of Catalonia, confessed that the project is complex but highly satisfactory at the same time since it can be deployed in all hospitals, thanks to the collaboration between all the actors involved. This, he said, improves the ability to react to possible incidents because the response will not be individual, but systemic.

Eva Jorquera, Head of Information Security in the Health field of the Cybersecurity Agency of Catalonia, explained that the model focuses on the five main threats of the health sector. He also detailed that it is deployed in four phases: first, an analysis is made of the strength of the architecture and cyber security systems of health centres to make a diagnosis. Then, a security plan is created for each entity to increase the level of resilience and reduce weaknesses. Subsequently, it is integrated with the Agency’s operations under the umbrella of SOC-SALUT, which consists of a continuous alert service of cyberattacks. Finally, the training and education of workers, as well as good practices and follow-up reports, are enhanced.

It is therefore a specific cyber security model adapted to the main threats facing the health environment. Therefore, the Cybersecurity Agency guarantees that it will continue the prevention and security protection tasks of all hospitals, maintaining measures and deploying new ones, many of them transversal, which will serve to combat new emerging threats.

Pol Pérez Sust, General ICT coordinator of the Department of Health, insisted on the need for this common model, highlighting the relevance and need for this model to be deployed jointly at SISCAT, and summarized the positive evolution of the project while thanking the proactivity of the participating centres.

Subsequently, Juan González de Benito, responsible for the Catalonia CERT of the Cybersecurity Agency of Catalonia, spoke specifically about the planned cyberattack drills in hospitals, which consist of a 3-hour guided exercise in groups of up to 8 entities, which allow key critical decisions to be faced and require the entity to evaluate the feasibility of a set of typical actions.

Digital health strategy 2024-2030

Taking advantage of the presence of SISCAT managers, directors, information and security systems managers, the strategic update of the Information Systems Master Plan, in charge of Jordi Piera, manager of the SISCAT Information Systems Master Plan has been publicly presented.

Jordi Piera has defended the strategic update while affirming that the paradigms promulgated in the Master Plan for Information Systems, drawn up in 2017, are still valid, but required an update to make the actions contained therein more actionable to reach the 2030 goals. He also detailed that in the new Digital Health Strategy 2024-2030, there is talk, in general, of how to incorporate these technologies to give better care to citizens and to support professionals in their daily work. And he regretted that the current interoperability model does not facilitate the panorama.

Specifically, on this last point, he highlighted some specific problems of information systems, but which end up impacting the rest of the chain: fragmentation, the limitations of the information exchange model, obsolescence and technological debt, system sustainability and innovation scalability issues. For this reason, the proposal for this strategic update is based on the construction and deployment of the Health History of Catalonia, an information systems model based on the paradigm of open platforms in which the deployment of innovation will take place through the systematic use of health data.

Given that this is a country project in which the participation of professionals who are on the front line is necessary, a governance model of the information systems has been established, in which all actors in the health ecosystem of Catalonia participate, acting as care leaders of the project. This will make it possible to participate in a community that goes beyond Catalonia, because there are other countries around the world that are also working on this paradigm of open platforms.

He then explained that the project is divided into 3 phases; start-up, development and implementation. And regarding the implementation, he has advanced that the solution will first be deployed in the Hospital Clinic and other centres where the clinical station of Argos currently operates, among other entities that the Plan committee decides.

To summarize, he described the Plan as a very strategic and national project, in which the Health History of Catalonia will be the key project, which will bring benefits mainly to citizens and also to professionals and which will lead us to have a model of health information management at the forefront. That is why he has invited all the managers and those in charge of the present systems to join the Plan, given that “other health systems with challenges and problems similar to ours are very much waiting to see how we intend to build these solutions in our country”.

Finally, Pol Perez has entered the digital transformation program, which includes projects to promote the transformation and catalysis of initiatives in their infancy, but already systemically validated within the SISCAT framework through the enhancement of innovation. This program is focused on providing a response to ICT needs that cannot be postponed until 2030, with funding and specific resources to execute projects quickly, and is co-governed with TICSalut Social.

Decalogue of Artificial Intelligence for SISCAT entities

Then, Joan Guanyabens, director of the Tic Health and Social Foundation, spoke about the artificial intelligence program, led by the Tic Health and Social Foundation, with the mission to create an enabling environment for innovation in the field of Health through the development and implementation of AI solutions to improve care for citizens and support for health professionals. In this way, he has invited the managers and those responsible for the information systems present to take care of, protect, and facilitate the data to those who want to use it for the benefit of the whole system, to encourage the professionals who, from this clinical side, develop these services based on data and not to implement any solution that has not been previously evaluated.

[Source: Chronicle prepared by the Information Systems Area of the Catalan Health Service]

  • At the conference, the Director of the TIC Salut Social Foundation, Joan Guanyabens, proposed an Artificial Intelligence Decalogue for SISCAT entities.