The list of standard industry-specific critical information infrastructure facilities operating in the healthcare sector has been published on the portal for operational interaction of Uniform State Health Information System participants. Industry organizations should be guided by it when categorizing the above-mentioned objects.
The list of standard industry-specific critical information infrastructure (CII) objects operating in the healthcare sector has been published on the portal for operational interaction of Uniform State Health Information System participants. It was approved by the Deputy Director of the FSTEC of Russia Vitaly Lyutikov and approved by the Deputy Minister of Health Pavel Pugachev.
Typical industry-specific KII objects are divided into five groups: GISZ of the constituent entities of the Russian Federation, MIS, IS of a pharmaceutical organization, automation system for medical activities, information and telecommunications infrastructure that ensures the implementation of medical activities. The table indicates the types of activities in accordance with OKVED, for which the facility is used, and describes the critical processes carried out by a typical industrial CII facility.
In May 2022, the President Vladimir Putin ordered the creation of cybersecurity departments at KII facilities, including healthcare institutions, MV previously reported. They should be headed by one of the deputy heads of the organization.
Last year The Ministry of Health has created an industry-specific Center for Information Security and Import Substitution based on the Central Research Institute for Organization and Informatization of Health Care as part of the implementation of the information security concept in the industry.