Cybersecurity Measures for National Electronic Health Record System

33 Ms Joan Pereira asked the Minister for Health with regard to the mandatory National Electronic Health Record (NEHR) system, whether there are standardised nationwide cybersecurity measures which all healthcare providers have to adopt in order to protect data from being hacked.

Mr Gan Kim Yong: Healthcare providers are required to protect their patient records, including electronic records, and to comply with nationwide cybersecurity standards for the purpose of contributing to and accessing the National Electronic Health Record (NEHR).

These include installing a secure information technology (IT) system, using two-factor authentication and regularly updating the anti-virus security software to enhance the protection against cyberattacks.

The Ministry of Health will continue to work closely with the Cyber Security Agency and healthcare providers to monitor the cybersecurity threat landscape and put in place additional safeguards when new risks emerge. We will also conduct regular exercises to test the resilience of our systems and maintain a high level of cyber-readiness.