Manitoba’s auditor general is calling for better cybersecurity at the province’s main health care planning body, and better financial reporting from the provincial government.
In the first of two reports released Thursday, Tyson Shtykalo said Manitoba Shared Health has a process to respond to cyberattacks but has not been running tests for scenarios such as ransomware or data theft.
“Since no tests were performed, the effectiveness of the (process) cannot be evaluated to ensure that Shared Health is prepared to promptly respond to a major cybersecurity event,” the report said.
The report recommends annual testing and more training for cybersecurity incident response team members.
“Without formally communicating existing plans and procedures to the … team and providing members with necessary training on their roles and responsibilities, there could be delays in responding to cybersecurity incidents at Shared Health,” the report stated.
Story continues below advertisement
Shared Health said it is working on the recommendations and plans to …