Demands that the government intervenes against patient data in the US cloud

– It seems as if Health South-East has not learned from history and its early mistakes, and that correct risk assessments have not been carried out, says Marian Hussein, deputy leader of SV and health policy spokesperson for the party in the Storting. A few years ago, Helse Sør-Öst had a major ICT scandal in which both directors and an entire board had to resign and the healthcare company had to pay large sums in infringement fees. news reported earlier this week that Helse Sør-Öst will soon be accessing an American-owned cloud with patient data. Among other things, the system will make the check-in of patients at the hospitals easier and more efficient. The problem is that the cloud solution is not legal in the first place. – Today, the USA is not considered a safe country to send personal data to, says Director Line Coll of the Norwegian Data Protection Authority. The Norwegian Data Protection Authority has therefore asked Helse Sør-Öst to introduce several measures to protect the data so that they cannot be transferred to other countries. PUBLIC CLOUD: Marian Hussein, deputy leader of SV, wants the government to establish a Norwegian state-owned cloud service for health data. The Confederation of Trade Unions wants the same – Photo: Tom Balgaard/news / news – It is right not to rush yet again, that way they are exposing health data to Norwegians once again. We are worried about that, says Hussein. SV believes that the government must intervene and that Health Minister Ingvild Kjerkol must ask Helse Sør-East to carry out thorough risk assessments and investigate alternatives to uploading patient data to an American-owned cloud service. – Health South-East should stop, says Hussein. The Norwegian Data Protection Authority also believes that Helse Sør-Öst should wait to go to the cloud with patient data until the EU and the US agree on an agreement which means that personal data cannot be disclosed. It may take time before the parties agree. Helse Sør-Öst will use the American-owned cloud to store patient data already in a few weeks. Risking patients’ data security The country’s largest trade union, Fagforbundet, also reacts strongly to the plans to use an American-owned cloud to store Norwegian patient information. The association organizes over 100,000 health workers. – We are very concerned and take this very seriously that Helse Sør-Öst underestimates the IT security of its patients. It is startling that the regional health authority is once again willing to risk the data security of its patients, especially since you have their IT scandal fresh in your mind, says deputy chairman Odd Halgeir Larsen. SECURE: CEO Terje Rootwelt is certain that the cloud solution is both secure and legal. Photo: Knesia Novikova / news Helse Sør – Øst believes that they have learned from their previous misjudgments. – We take IT security seriously. The solution we have now chosen is both legal and safe, says managing director Terje Rootwelt at Helse Sør-Öst. Has asked for an explanation State Secretary Karl Kristian Bekeng in Health – and the Ministry of Care answers for Minister Ingvild Kjerkol, who is travelling. Bekeng disagrees that Kjerkol has not done enough in the case, and points out that the Minister of Health has asked Health South-East for an explanation. – It is important for me to emphasize that the health service generally has great data security, and we recommend that the health service has regular contact with the Norwegian Data Protection Authority when they implement new models, which they have also had in this case, says Bekeng. Demand a national cloud service now Both SV and the Trade Union want the government to stand by its promises in the Hurdal platform and to invest in a national cloud service, – Now the government must establish a national and secure cloud service, which is owned and operated under national and public auspices is the best way to safeguard sensitive data, says Larsen in the Trade Union. MUST BE ON THE TRACK: Both the Trade Union and SV believe that Minister of Health Ingvild Kjerkol must intervene and ask for alternative solutions to Health South-East’s plans for cloud Photo: Kjetil Samuelsen / news – We believe that health data should always be stored nationally in order to have national control over them. It is this kind of data that we should create data centers for and not for mass storage of, for example, TikTok data. The government must stop these data stores for TikTok and look at the possibilities of using the data centers to store health data in Norway and by the public sector, says Marian Hussein in SV. – TikTok out and health data in, she says. Helse Sør-Øst believes that it is not realistic to have a Norwegian cloud solution in the first place. – It would have been nice if it had been possible to quickly put in place a national cloud that had the same capabilities as the national cloud services, but I unfortunately think that it may take some time, says Rootwelt. – The Ministry of Justice has asked the National Security Authority to look into the possibility of a national cloud service, and it is work that is now under quality assurance, says State Secretary Bekeng in the Ministry of Health and Care.



ttn-69