The Hospital Network Antwerp (ZNA) is the biggest health organisation in Belgium. In addition to providing care at ten different sites, the ZNA also carries out research. Belnet spoke with Alix Devroye, Network and Security System Administrator, about the challenges which the COVID-19 crisis has brought in terms of ICT and about the increasing importance of security.
March 2020: The beginning of the COVID-19 crisis created a massive increase in hospital admissions in Belgian hospitals. In terms of ICT, the crisis is also causing quite a stir. “Suddenly, all our support services had to work from home and we had 200% more homeworking users than before. In the beginning, we had to work hard to help our employees move quickly, because not everyone had a token yet," explains Alix Devroye from the ICT team.
The ICT service also had to increase the pace at which it rolled out multi-factor authentication. “Every colleague who has access to medical imaging or personal data must log in using double authentication in any case. As such, in addition to our administrative services, we were able to offer doctors and nurses the opportunity to work from home if their position allowed. We spent a lot of time on support since not everyone was familiar with this way of logging in."
In addition, due to the massive amount of homeworking, there was an urgency for a tool that enables remote collaboration. “Our ICT service already used Teams, but we had to roll this out to all services in the space of a few months. Meanwhile Teams became our standard tool for videoconferencing, team meetings and for sharing and collaborating on documents."
“We now had to roll out the changes that were planned in the space of a few months instead of one year.”
Alix Devroye, Network and Security System Administrator, ZNA
Robot
In addition to internal changes, the IT department was also brought in to improve the patient experience. “We ensured that patients who were not allowed visitors could log in more easily via their smartphone or tablet so they could (video)call their family. We also made the necessary changes to our Wi-Fi network to be able to securely connect the devices we received from outside firms."
"Specifically for the COVID-19 ward, we were donated a robot that helped our patients keep in contact with home. A nice gesture, but as an IT service we obviously had to consider the security aspects."
Picture: ZNA
Phishing
Just like other health organisations, the ZNA had to deal with increasing outside security threats during the COVID-19 crisis. "We notice that, about once a month, we still get a very large amount of phishing directed at us. Making our colleagues aware of this was therefore even more important. Through our different communication channels, we gave them extra tips and tricks on how to recognise suspicious emails."
Also sharing information with other hospitals seemed to be a crucial factor in its success. “We've been working together with the GZA hospitals for quite some time and we are communicating really well with one another about similar threats. We also got support from external companies and contacted the Centre for Cyber Security Belgium (CCB) in order to receive automatic notifications. In this way, for example, we are warned when a virus or botnet enters our range or if the password of one of our colleagues has been leaked. This allows us to quickly intervene."
Focus on security
Although vaccinations are running at full speed and the number of hospital admissions is decreasing sharply, it is anything but quieter for the 80 or so ZNA IT workers. There are also a lot of projects in the pipeline. “In order that the nursing staff can fully concentrate on their main tasks, we are carrying out some critical updates. Anything which wasn't urgent or essential was delayed. This was done with the view of maximising the availability of the network. In addition, ZNA is extremely busy with building a new hospital, ZNA Cadix, that is planned to open at the end of 2022.”
“Security is and will continue to be our priority. Raising awareness among our colleagues will therefore be crucial.”
There is therefore no shortage of challenges for the ICT service. “Security is our top priority. We are investing a lot in https, encryption and certificates. We are constantly busy adjusting encryption methods so that these definitely remain sufficiently secure. On top of this, we must also look at our internal security. We will soon, for example, be rolling out dot1x on our wired networks."
Alix Devroye observes that raising awareness can still be improved. “Staff are still not always aware of the importance of security. So we must continue to insist that they cannot just plug an external device into our network but must first go through ICT."
As a hospital, ZNA obviously processes a large amount of sensitive personal details. “We are working closely together with our DPO. Indeed, medical data is far more centralised than in the past. We were one of the first hospitals that ensured that GPs could log into their patient files with us internally. This used to be pioneering, now it has become the norm. It is our job to protect these confidential details and our patients as well as possible, in accordance with GDPR, in order to always be able to provide an insight into the data that we store about them."
Upgrade
In terms of the network, ZNA has done an upgrade. “We noticed that we were slowly reaching the limits of our bandwidth. Everyone is now constantly using the internet for almost everything. Recently, there has also been a lot to do in terms of the live streaming of operations to other centres in Europe and worldwide. This evolution should not be underestimated. In that respect, a powerful network is extremely important and we are very satisfied with the performance and stability of the Belnet network."
“Interruptions are, in any case, noticed within minutes by our colleagues, which is a big difference compared to before when the network was less vital for our internal working. Just to give an example of the importance of our network, ZNA has some twenty interpreters who work remotely and need a high-performing connection in order to be able to support patients who do not have a good command of Dutch or English."
Belnet as a long-term partner
In addition to redundant connectivity, ZNA uses Belnet's Digital Certificates Service. "For all our certificates in different domains, we use DCS. Even on our websites, where there is no sensitive information, we hang a certificate so that everything is encrypted. We are very satisfied with the Belnet DCS service. It took some searching when transitioning to the new supplier Sectigo, but one phone call or email to Belnet's Service Desk was enough to be helped."
ZNA is also looking to Belnet for future projects. “We want to use new technologies in the future, particularly in terms of the rolling out of IPv6. For that, too, we would be happy to call on Belnet's expertise."
ZNA also sees that Belnet has a role as a facilitator for the community. “Take, for example, a work group where we can meet in a closed circle of IT colleagues from other hospitals and share knowledge and experiences regarding concrete questions and problems."
“There is good communication between Belnet and our Account Manager. We always get a quick response to our questions.”