Renji Hospital and Its Digital Transformation
Renji Hospital is a general hospital in Shanghai, China, with the highest “Grade 3, Class A” ranking. The hospital was founded in 1844 and is a university hospital affiliated to the Shanghai Jiao Tong University School of Medicine.
Renji Hospital has been at the forefront of addressing healthcare challenges. To improve patient care, the hospital has developed a range of digital healthcare services. For instance, queuing typically takes up most of a patient’s hospital visit. This not only affects the patient experience but also complicates hospital management. Renji Hospital responded by introducing the ‘One-stop Medical Payment’ platform, allowing patients to pay via self-service kiosks or online through their mobile phones. This small step in digitalization made a great improvement in healthcare services. In recent years, the hospital has reorganized its processes and upgraded its functionalities. This has resulted in valuable and well-received smart healthcare services that bring much convenience to patients.
Renji Hospital’s commitment to making medical services more accessible drives its digitalization efforts. As the first Western medicine hospital in Shanghai, Renji Hospital is renowned for its medical expertise and innovative approach to digital healthcare transformation. In recent years, the hospital has rapidly progressed in its digitalization journey. It maintains over 150 information systems and has successfully moved to the second phase of digital transformation in various scenarios. Its innovative services, such as ‘One-stop Medical Payment’ and ‘Precise Appointment Scheduling,’ have won several industry awards.
Given the unique demands of the healthcare industry, hospitals like Renji Hospital adopt a zero-tolerance approach to IT system and medical device failures. This stringent policy is vital because any risk, including cybersecurity threats, can disrupt the smooth operation of medical services and, more critically, endanger patient health and life.
As a result, Renji Hospital has placed cybersecurity at the forefront of its digitalization initiatives. It has been contemplating how to ensure the security and reliability of its digital healthcare services, including the protection of patient data.
Pain Point: Limited Resources for Continuous Security Operations
Since 2019, Renji Hospital has complied with national security assessments and critical infrastructure protection requirements. This compliance is achieved by deploying a comprehensive suite of security equipment, including firewalls, intrusion prevention systems (IPS), antivirus software, and network detection and response (NDR). The hospital also conducts multiple penetration tests and vulnerability scans on its application systems and server equipment per year. Detected issues are promptly addressed, demonstrating the hospital’s strong commitment to maintaining a high level of security.
But is having a full suite of security equipment enough?
The Information Center at Renji Hospital asserts that the essence of cybersecurity is certainty. They understand that there is no middle ground when it comes to risk: systems are either secure or not. Therefore, security effectiveness isn’t just measured by the number of security devices. Neither does current security guarantee future safety. Effective security involves integrating process indicators with ongoing operations. Only through 24/7 continuous security operations can the hospital achieve real risk reduction and comprehensive protection.
However, establishing continuous security monitoring and risk management was a challenge due to unpredictable cyber threats and limited personnel. Faced with a complex external environment and a growing number of business systems, the hospital needed not just top security talent but a complete security operations team.
In this context, bringing in external professional expertise was the wiser choice and better aligns with the hospital’s security goals. Consequently, Renji Hospital adopted the Sangfor Cyber Guardian Managed Detection and Response (MDR) service, equipping it with 24/7 automated monitoring and real-time threat analysis capabilities.
Solution Value: From Passive Defense to Proactive Protection
With Sangfor Cyber Guardian MDR, the most notable change in Renji Hospital’s security operations was the shift from relying exclusively on ‘security equipment’ to a combination of ‘security equipment and services.’ They were able to move from passive defense to proactive monitoring and real-time response.
An Jianfu, Deputy Director of the Information Center at Renji Hospital, highlights the impact of Sangfor’s ‘human-machine intelligent’ healthcare security operations platform. This platform equips the hospital with 24/7 real-time security analysis capabilities, enabling rapid identification and resolution of security issues. It also facilitates quick access to analysis results and actionable remediation recommendations, thus significantly shortening the cycle for resolving security issues.
Sangfor provides the hospital with monthly and quarterly comprehensive security operation analysis reports. These reports offer a holistic view of the hospital’s security posture, encompassing assets, vulnerabilities, threats, and incidents, and support informed decision-making in security operations and strategy.
As a result, Renji Hospital has established a full lifecycle security operations system and greatly simplified previously complex and labor-intensive security operations and maintenance tasks.
Moreover, Renji Hospital maintains regular communication with Sangfor and various cybersecurity departments. This ongoing dialogue keeps the hospital abreast of the latest cybersecurity trends and vulnerabilities while continuously enhancing its incident response capabilities. The hospital diligently works on all aspects of daily security operations to strengthen its cybersecurity defenses.
A simple and pragmatic approach prevails at Renji Hospital: let data do the work to spare patients any trouble. This philosophy embodies the relentless efforts of the digitalization team, working tirelessly day and night. The hospital’s digitalization efforts are often described as an ‘invisible treatment,’ where healthcare professionals use digital technology to robustly protect patient health and life.
Sangfor, serving as the Cyber Guardian, is committed to safeguarding the hospital’s digitalization process from cyber disruptions, ensuring the effectiveness and reliability of digital healthcare solutions. After all, in the realm of life-saving medical treatments, certainty is paramount.