Is cyber awareness a new skill for nurses?
Recent events which have made us think about what being digital means both in our personal lives but also in healthcare in general. That with the recent British Airways power outage and the global cyber attack, highlighted our increasing dependence on digital in our day-to-day lives. It also exposed our vulnerabilities both in resilience around ensuring up to date and access to backed-up systems, as well as how we manage when access to the internet and other digital systems are interrupted and business continuity. What does this mean for the care we as nurses, midwives and the wider healthcare community and is cyber awareness sufficiently understood?
While the cyber attack exposed was cyber awareness, security and continuity from a corporate perspective, always being ‘digitally’ aware starts with all of us as citizens. Many of us will diligently manage how we access and connect to the internet and today’s software makes this as easy as possible. However, many people don’t exercise high levels of security in their personal lives, this means in their professional lives they may be unaware of the risks and this is likely to be a lack of awareness and understanding of the implications. The challenge is, as we rapidly become more “e-savvy”, we need to be thinking cyber awareness, such as, like thinking before clicking, such as opening emails you wouldn’t normally receive, or links within them. While the recent cyber attacks were malicious and not as a result of someone clicking inappropriately, cyber security is everyone’s business.
Being ‘digitally and cyber aware’ starts with each of us as citizens first
As citizens, we have a responsibility to make sure we protect ourselves and others. This logically extends to our professional lives and that means nurses, midwives and healthcare staff have to consider the implications when using or dependent on digital solutions and what that means, both to their clinical practice as well as supporting patients who are equally dependent. Those clinical staff who were affected by the recent events will have felt the direct effects of this to their daily practice. It may have affected their ability to see patients or access key information and potentially impacting on the safe delivery of care.
This doesn’t mean every nurse and midwife needs to be technically skilled, but they do need to be cyber aware to make sure the digital information they use and access is kept safe. That means understanding the potential risks and how they manifest themselves. As we become more dependent and use digital solutions, we should always be thinking of the potential of interruptions and what that means and how that impacts care.
So what have these events taught us?
Our dependence on digital in healthcare has increased beyond recognition.
Whether you work in the community, a hospital or any other care sector, the need for connecting digitally is and will continue to increase beyond recognition; from accessing third-party websites to order clinical equipment, to accessing electronic records, apps and reference material; only when it is unavailable does the dependence become aware. Interruptions then create the challenges and potential risks to safe and effective care delivery.
Things to think about in practice: do you know what your business continuity plans state you should do when there is an extended downtime or interruption to local or internet-dependent systems? Would you know what to do now if the electronic systems that you need to get access to as part of your day-to-day practice went down and what to do next? Who would you get that information from?
Cyber awareness is everyone’s business, not just the techies
The issue of protection of one’s personal computers is not in the domain of the techies. We as citizens, have a responsibility to protect ourselves and use the internet safely. That means ensuring everything is up to date with the proper programs to protect your computer from being hacked. While technology is advancing, suppliers aim to make it as easy as possible. Human behaviour often allows the ‘mystical aspects of tech’ become a barrier to ensuring personal cyber safety.
Things to think about, what vulnerable looks like? Do you check your computer software is up to date and have up to date anti-virus software? Or not sure? Would you know where to get cyber-awareness information? Did you know there was a government sponsored resource which is freely available, with the CyberAware scheme which will direct you through the basics.
A need to support patients and users is part of our role
As nurses, we need to recognise that not everyone is as up to date or understands cyber issues, and that means the recent malware attack will leave patients, users and families are somewhat concerned, even cautious. There is suspicion of technology by many, and cyber attacks heighten this suspicion. In our professional lives, we will need to reassure our patients that the safety of their information is absolute. We can only do that if we have more knowledge and information to enable us to be aware.
Things to think about: Would you know what to say to re-assure patients if there were another cyber issue? If not, what would you need to know to help you do that? Where would you get, or who should be providing that knowledge?
Is cyber awareness a Knowledge-gap or new skill?
Whether you think this is a technical responsibility or not, one thing is for sure, this type of event will occur again. Therefore, what knowledge or skill preparation do nurses, midwives and all clinical staff need to prevent, respond and support themselves in practice as well as assure their patients? To enable that our attitudes to technology need to change, especially in healthcare and that means the education of staff needs to consider cyber-awareness and resilience being core to future nursing and midwifery training.
Professional bodies and royal colleges and the wider healthcare community need to learn and adapt to the wider technological opportunities and changes around us, recognising the potential challenges and associated risks. If the digital agenda is to become mainstream and central, then these associated risks of cyber security means cyber awareness may need to be part of the core or foundation training. So as we rapidly progress to make sure technology and digital becomes central to care delivery. Patients and users will take their lead from us and will need assurance we have confidence in what we do.
Also published on Medium.
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.