New Delhi: A joint report by Deloitte India and the Data Security Council of India (DSCI) highlights that Indian hospitals are making steady progress in cybersecurity practices. According to the report, 89 percent of hospitals have implemented third party risk management systems to safeguard patient data and mitigate cybersecurity risks posed by provider networks. However, only 10 percent of hospitals have adopted holistic data privacy programs, underscoring a critical area for improvement.
The report, titled “Cyber Resilience in Hospitals,” describes both the advances and challenges facing the healthcare sector in the era of rapid digital transformation, reported that the Digital Staff Data protection The Law (DPDPA) is expected to drive further progress.
While 90 percent of hospitals have crisis management plans to combat cyberattacks, only 60 percent simulate these processes, leaving many institutions vulnerable to attacks. ransomware attacksdata breaches and insider threats. Additionally, around 80% of hospitals have adopted electronic medical records (EMR), and 40 percent integrate them into hospital management information systems (HMIS). Additionally, 70 percent of hospitals are adopting the zero trust security framework to improve data security.
The report recommends that hospitals allocate 12 to 15 percent of their budgets over the next two years to cybersecurity and digital infrastructure to remain resilient to cyber threats. Currently, 50 percent of hospitals have purchased cyber insurance policies to mitigate financial risks arising from data breaches or cyber attacks.
“In today’s rapidly evolving healthcare landscape, hospitals must navigate digital transformation with a strong focus on cybersecurity. Investing in cloud technologies and addressing skills gaps will be critical to building resilient systems,” said Vikram Venkateswaran, Partner, Deloitte India.
Vinayak Godse, CEO, DSCI, added: “Hospitals are laying the foundation for future-proof digital infrastructure. However, integrating rapid technology adoption with improved cybersecurity measures, resilience preparedness and governance is essential for long-term sustainability.
