Cyberattacks on healthcare infrastructure: legal aspect

Cyberattacks on healthcare infrastructure: legal aspect

18 February

Register Close

In April-May 2020, during the first wave of the COVID-19 pandemic, cyber-attacks have hit healthcare facilities in the Czech Republic, France, Spain, Thailand and the US, pharmaceutical companies, and international organisations as the World Health Organisation, as well as other medical infrastructure around the world.

The academia has responded immediately with The Oxford Statement on the International Law Protections Against Cyber Operations Targeting the Health Care Sector, which condemned the cyberattacks and explained why they are a blatant violation of international law. As of today, 136 international leaders and lawyers have signed the statement, among them Peter Maurer, the President of the ICRC, who issued an additional statement on the matter.

Today, as the second wave of the pandemic has hit the world, the situation with cybersecurity is worsening, despite the massive deployment of vaccines. Check Point had reported a rising wave of ransomware attacks against hospitals and healthcare organisations worldwide in the third quarter of 2020 and a further 45% increase in attacks since the end of November 2020.

While much effort is put to counter these attacks on the IT security level, it is also crucial to understand how international law regulates this field to formulate response policies and coordinate the international effort.

Ukrainian Bar Association's International Law Committee is pleased to invite everyone to a discussion, which will take place online on 18 February 2021 at 13:00-15:00 (Kyiv time).


Nick Yurlov, Project Management Consultant, Ukraine Reforms Architecture Project, European Bank for Reconstruction and Development.


Andrey Kozik, ICRC Regional Legal Coordinator for Eastern Europe and Central Asia. PhD, Associate Professor.

Irina Karlsson, lawyer, founder of Law & Confidence Sweden AB, Stockholm.

1. Information security to protect society and its prosperity.

- The Legislators challenges: Direktive (EU) 2016/1148 of July 2016, General Data Protection Regulation, GDPR 2016/679, corresponding amendments to Swedish legislation

2. Processing of special categories of personal data, GDPR article 9.

- Processing is necessary for reasons of public interest in public health, art.9.1 i)

3. Apps supporting the fight against COVID 19 pandemic in relation to data protection.

- Contribution of apps to the fight against COVID 19

- National health authorities as data controller

- Ensuring the security of the data

4. Questions.

For more information about the event, please contact the UBA Secretariat at: +380 (44) 492-88-48, e-mail: Contact person – Viktoriia Motia.