Cybersecurity Incident Response Process at Shared Health

We wanted to determine whether Shared Health has a process in place to promptly respond to cybersecurity incidents and minimize the impact to health operations and loss of data. We found more work is needed on the process Shared Health has in place.

Shared Health needs to perform exercises to test its Cybersecurity Incident Response Plan, improve training, and complete its external communications plan.

This report includes 4 recommendations to improve cybersecurity response at Shared Health and better protect Manitoba’s health-care services from cyber threats.