Cyber risk management in the Finnish healthcare sector
Hellstén, Hanne (2018)
2018
Kauppatieteiden tutkinto-ohjelma - Degree Programme in Business Studies
This publication is copyrighted. You may download, display and print it for Your own personal use. Commercial use is prohibited.
Hyväksymispäivämäärä
2018-02-13
Julkaisun pysyvä osoite on
http://urn.fi/URN:NBN:fi:uta-201802151237
http://urn.fi/URN:NBN:fi:uta-201802151237
Tiivistelmä
Advances in technology and digitalization have been widely adopted by Finnish healthcare organizations. This development has led to improvements in the efficiency and outcomes of patient care, but has also exposed healthcare providers to new kinds of risks. Cyber risks are becoming an increasingly common occurrence in the healthcare sector, and can lead to serious consequences for patients and organizations alike. The significance of cyber risks within healthcare has been projected to grow, as internet-enabled applications and medical devices become increasingly ubiquitous in the industry.
This thesis attempts to examine cyber risks and cyber risk management in the context of Finnish healthcare, with a focus on the Pirkanmaa Hospital District. The objective of this thesis is to understand the significance of cyber risks, and to investigate how these risks are managed in the healthcare sector. This thesis was carried out with a qualitative research method, utilizing semi-structured interviews. The interviewees of this thesis included information security and risk management professionals affiliated with the healthcare sector.
The results suggest that cyber risks are very significant within healthcare, and that various techniques are employed in their management. Cyber risks are managed as a part of the risk management process. Operating in the healthcare sector was not found to be significant in terms of how cyber risks are managed.
This thesis attempts to examine cyber risks and cyber risk management in the context of Finnish healthcare, with a focus on the Pirkanmaa Hospital District. The objective of this thesis is to understand the significance of cyber risks, and to investigate how these risks are managed in the healthcare sector. This thesis was carried out with a qualitative research method, utilizing semi-structured interviews. The interviewees of this thesis included information security and risk management professionals affiliated with the healthcare sector.
The results suggest that cyber risks are very significant within healthcare, and that various techniques are employed in their management. Cyber risks are managed as a part of the risk management process. Operating in the healthcare sector was not found to be significant in terms of how cyber risks are managed.