Japan Association for Medical Informatics

[3-D-3] Strategies for Fostering Cyber Security Human Resources in Healthcare

*Takumi Tanikawa1,2, Toshihiro Takeda3, Jun Okamoto4, Akiko Tanaka4, Michihiro Omichi5, Akitoshi Okumura6 (1. Japan Association for Medical Informatics (JAMI), 2. Hokkaido University of Science, 3. Graduate School of Medicine, Osaka University, 4. Ministry of Health, Labour and Welfare, 5. Morinomiya Hospital, 6. Information technology Promotion Agency (IPA))

Cyber security, Medical Information security, Human resource development

In recent years, there have been a lot of reports of cyberattacks on hospitals both in Japan and abroad, with several domestic hospitals falling victim to these attacks. The healthcare sector is considered one of the critical infrastructures designated by the government, and comprehensive measures are essential to ensure that healthcare institutions supporting regional medical services do not experience prolonged interruptions. In April 2023, the Medical Care Act Enforcement Regulations were revised, mandating specific cybersecurity measures for healthcare administrators. Additionally, in May, the Ministry of Health, Labour, and Welfare introduced "Guidelines for the Secure Management of Medical Information Systems version 6.0," encouraging active participation of healthcare management in information security and revising organizational responses. To promote healthcare digital transformation (DX) successfully, it is crucial to establish and maintain cybersecurity measures that assure the confidence of citizens and patients. However, there is a noted shortage of personnel with the capability to address information security in the healthcare field, emphasizing the urgent need for the development of specialists with knowledge, skills, and experience. Particularly in the medical field, human resources are required who understand medical practice workflow and can adapt to the evolving information and communication technology.