Operational Direction: Participating in the Provincial Cyber Security Operating Model

Introduction

The health care sector is at risk of evolving cyber threats, which can jeopardize the ability to safeguard provincial digital health assets and provide critical patient care. To address varying levels of cyber maturity and reduce the overall risk of cyberattacks across the health care sector, Ontario Health, in partnership and with funding from the Ministry of Health (MOH), has developed, piloted and evaluated a Provincial Cyber Security Operating Model (CSOM). The model creates a provincial network designed to enhance the protection of health information and strengthen continuity of patient care service delivery in alignment with existing cyber insurance, regulatory and accreditation requirements.

Through the execution of six Regional Security Operation Centre (RSOC) pilots and targeted investments over the previous two years, the model’s provisions have improved financial and operational service efficiencies, increased cyber resiliency and helped health sector entities meet insurability requirements. The pilots have also broadened the scope of resource sharing and boosted the collective delivery of a holistic, risk-informed approach to cyber security that aligns with internationally recognized industry standards.

In the next phase of the Provincial Cyber Security Operating Model, existing Regional Security Operating Centre pilots will transition into Local Delivery Groups and newly designated Local Delivery Groups will form the core of cyber security shared services delivery supporting hospitals to meet their regulatory and legislative accountabilities.

To get the full details, download the PDF.