Cybersecurity lessons from the Vastaamo psychotherapy data breach for psychiatrists and other mental healthcare providers.
Saved in:
| Title: | Cybersecurity lessons from the Vastaamo psychotherapy data breach for psychiatrists and other mental healthcare providers. |
|---|---|
| Authors: | Looi, Jeffrey CL (AUTHOR), Allison, Stephen (AUTHOR), Bastiampillai, Tarun (AUTHOR), Maguire, Paul A (AUTHOR), Kisely, Steve (AUTHOR), Reutens, Sharon (AUTHOR), Looi, Richard CH (AUTHOR) |
| Source: | Australasian Psychiatry. Feb2025, Vol. 33 Issue 1, p106-110. 5p. |
| Subjects: | Electronic health records, Medical personnel, Data protection, Multi-factor authentication, Data security failures |
| Abstract: | Objective: The Vastaamo psychotherapy data breach in Finland is perhaps the largest cybersecurity incident in mental healthcare to date, resulting in significant patient harm. There are specific lessons for mental healthcare providers from an analysis of the incident. Method: Case study of this specific electronic health record data breach, based on detailed media reporting. Results: The issues raised include: the importance of governance of the cybersecurity of sensitive personal patient data, such as compliance with legislative requirements on privacy and data security; specific security measures such as de-identification of data, data protection via passwords, multi-factor authentication, firewalls and encryption; and timely and effective communication, and support of those who have been affected. Conclusions: The implications for mental healthcare providers, including psychiatrists and trainees, are that, within their capability, providers need to assess the efficacy and robustness of cybersecurity of electronic health record systems they use, and carefully consider the information that is recorded to minimise exposures such as in the Vastaamo breach. [ABSTRACT FROM AUTHOR] |
| Copyright of Australasian Psychiatry is the property of Sage Publications Inc. and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.) | |
| Database: | Psychology and Behavioral Sciences Collection |
|
Full text is not displayed to guests.
Login for full access.
|
|
| FullText | Links: – Type: pdflink Text: Availability: 1 |
|---|---|
| Header | DbId: pbh DbLabel: Psychology and Behavioral Sciences Collection An: 182877019 AccessLevel: 6 PubType: Academic Journal PubTypeId: academicJournal PreciseRelevancyScore: 0 |
| IllustrationInfo | |
| Items | – Name: Title Label: Title Group: Ti Data: Cybersecurity lessons from the Vastaamo psychotherapy data breach for psychiatrists and other mental healthcare providers. – Name: Author Label: Authors Group: Au Data: <searchLink fieldCode="AR" term="%22Looi%2C+Jeffrey+CL%22">Looi, Jeffrey CL</searchLink> (AUTHOR)<br /><searchLink fieldCode="AR" term="%22Allison%2C+Stephen%22">Allison, Stephen</searchLink> (AUTHOR)<br /><searchLink fieldCode="AR" term="%22Bastiampillai%2C+Tarun%22">Bastiampillai, Tarun</searchLink> (AUTHOR)<br /><searchLink fieldCode="AR" term="%22Maguire%2C+Paul+A%22">Maguire, Paul A</searchLink> (AUTHOR)<br /><searchLink fieldCode="AR" term="%22Kisely%2C+Steve%22">Kisely, Steve</searchLink> (AUTHOR)<br /><searchLink fieldCode="AR" term="%22Reutens%2C+Sharon%22">Reutens, Sharon</searchLink> (AUTHOR)<br /><searchLink fieldCode="AR" term="%22Looi%2C+Richard+CH%22">Looi, Richard CH</searchLink> (AUTHOR) – Name: TitleSource Label: Source Group: Src Data: <searchLink fieldCode="JN" term="%22Australasian+Psychiatry%22">Australasian Psychiatry</searchLink>. Feb2025, Vol. 33 Issue 1, p106-110. 5p. – Name: Subject Label: Subjects Group: Su Data: <searchLink fieldCode="DE" term="%22Electronic+health+records%22">Electronic health records</searchLink><br /><searchLink fieldCode="DE" term="%22Medical+personnel%22">Medical personnel</searchLink><br /><searchLink fieldCode="DE" term="%22Data+protection%22">Data protection</searchLink><br /><searchLink fieldCode="DE" term="%22Multi-factor+authentication%22">Multi-factor authentication</searchLink><br /><searchLink fieldCode="DE" term="%22Data+security+failures%22">Data security failures</searchLink> – Name: Abstract Label: Abstract Group: Ab Data: Objective: The Vastaamo psychotherapy data breach in Finland is perhaps the largest cybersecurity incident in mental healthcare to date, resulting in significant patient harm. There are specific lessons for mental healthcare providers from an analysis of the incident. Method: Case study of this specific electronic health record data breach, based on detailed media reporting. Results: The issues raised include: the importance of governance of the cybersecurity of sensitive personal patient data, such as compliance with legislative requirements on privacy and data security; specific security measures such as de-identification of data, data protection via passwords, multi-factor authentication, firewalls and encryption; and timely and effective communication, and support of those who have been affected. Conclusions: The implications for mental healthcare providers, including psychiatrists and trainees, are that, within their capability, providers need to assess the efficacy and robustness of cybersecurity of electronic health record systems they use, and carefully consider the information that is recorded to minimise exposures such as in the Vastaamo breach. [ABSTRACT FROM AUTHOR] – Name: AbstractSuppliedCopyright Label: Group: Ab Data: <i>Copyright of Australasian Psychiatry is the property of Sage Publications Inc. and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract.</i> (Copyright applies to all Abstracts.) |
| PLink | https://search.ebscohost.com/login.aspx?direct=true&site=eds-live&db=pbh&AN=182877019 |
| RecordInfo | BibRecord: BibEntity: Identifiers: – Type: doi Value: 10.1177/10398562241291340 Languages: – Code: eng Text: English PhysicalDescription: Pagination: PageCount: 5 StartPage: 106 Subjects: – SubjectFull: Electronic health records Type: general – SubjectFull: Medical personnel Type: general – SubjectFull: Data protection Type: general – SubjectFull: Multi-factor authentication Type: general – SubjectFull: Data security failures Type: general Titles: – TitleFull: Cybersecurity lessons from the Vastaamo psychotherapy data breach for psychiatrists and other mental healthcare providers. Type: main BibRelationships: HasContributorRelationships: – PersonEntity: Name: NameFull: Looi, Jeffrey CL – PersonEntity: Name: NameFull: Allison, Stephen – PersonEntity: Name: NameFull: Bastiampillai, Tarun – PersonEntity: Name: NameFull: Maguire, Paul A – PersonEntity: Name: NameFull: Kisely, Steve – PersonEntity: Name: NameFull: Reutens, Sharon – PersonEntity: Name: NameFull: Looi, Richard CH IsPartOfRelationships: – BibEntity: Dates: – D: 01 M: 02 Text: Feb2025 Type: published Y: 2025 Identifiers: – Type: issn-print Value: 10398562 Numbering: – Type: volume Value: 33 – Type: issue Value: 1 Titles: – TitleFull: Australasian Psychiatry Type: main |
| ResultId | 1 |