Threatsys protects 1.2Crore BSKY Card Holders Data under Biju Swasthya Kalyan Yojana

Biju Swasthya Kalyan Yojana (BSKY) is a health insurance scheme that the Government of Odisha launched in India in 2018. The scheme aims to provide affordable and accessible healthcare to the people of Odisha, especially to those who are economically disadvantaged or belong to vulnerable sections of society. Under the BSKY scheme, eligible beneficiaries can avail of cashless treatment at empanelled hospitals for various medical conditions, including hospitalisation, surgery, and pre and post-hospitalisation expenses. The scheme also covers the cost of diagnostic tests, medicines, and other medical supplies.

BSKY provides health insurance coverage for medical expenses (up to Rs. 5 lakhs for families and up to Rs. 10 lakhs for women) incurred for treatment in hospitals and health centres across the state of Odisha. Around 4,036 medical treatments and 255 surgical procedures are covered under this scheme.

Insights of BSKY Project under Department of Health and Family Welfare, Goverenment of Odisha. Beneficiary 4.79 Cr. Total Households 119.5 Lakhs, Card Holders 3.34 Cr., Households Covered 96.42 Lakhs (81%), Hospitals 9,324, where as Govt. 8,530 Private 794 No. of Treatments Done 1.19 Cr., Govt 1.17 Cr., Private 2,76,240. 2023 Reimbursement (Pvt) 628.02 Cr.

Biju Swasthya Kalyan Yojana Projects consists of several Modules like BSKY Portal, Hospital Empanelment Portal, BSKY Citizen Dashboard, Grievance Portal, BSKYTMS Portal, BSKY Mitra Assistance AI Platform, BSKY Mobile Application and more.

BSKY Healthcare data is highly sensitive, and there is a significant risk of data breaches, which can lead to identity theft and other serious consequences of each Biju Swashthya Kalyan Card Holders. Threatsys is ensuring that data privacy is maintained and that sensitive information is adequately secured.

BSKY Portals and applications are the prime target for cybercriminals due to the vast amount of sensitive data they store. All the Web and Mobile Applications are heavily regulated, and compliance with regulations such as HIPAA (Health Insurance Portability and Accountability Act) and GDPR (General Data Protection Regulation) is crucial. Threatsys needs to complete the whole project of 10+ Applications within 1 month of timeline.

Threatsys, the well-known Cyber Security Firm of Bhubaneswar, Odisha, has appointed ten security researchers under the Project and Delivery Manager. In order to gain a better understanding of the application, the team thoroughly studied the workflow of the four modules before conducting any security testing. The testing was carried out on a host that was hosted on the staging server, using a variety of commercial cyber security tools, including Burp Suite, IBM App Scan, WhiteHat DAST, Veracode, Acunetix, Intruder, Netsparker, HCL Appscan, Qualsys Web Apps Scanner, OWASP Zap, SAINT, and Tenable.

Threatsys used a combination of the Open Web Application Security Project (OWASP) testing guide and ISECOM’s Open-Source Security Testing Methodology Manual (OSSTMM) for conducting penetration test of the server and applications. The testing was done to simulate as closely as possible the viewpoint of completely external attacker and Application user.

the threatsys team identified more than 50+ bugs across all the portals i.e BSKY Portal, Hospital Empanelment Portal for both Government Hospitals and Private Hospitals, BSKY Citizen Dashboard for all Odisha People, Grievance Portal for all BSKY Card Holders, BSKYTMS Portal, BSKY Mitra Assistance AI Platform, BSKY Mobile Application, including 15+ critical and 23 high-level vulnerabilities. All projects were delivered and retested within the set deadline, with the development team taking three weeks to fix all the raised security gaps. Threatsys remains committed to ensuring the integrity and confidentiality of the data and applications it works on, helping to safeguard sensitive BSKY Card holders information and online citizen services managed by the Government of Odisha.

Threatsys has successfully completed the cyber security testing and CERT-IN Security audit project with the utmost diligence and professionalism. Threatsys provided Initial Version 1 and Final Version 2 Reports with the appropriate support on time for 10+ Applications, and according to the proper security implementation, which has helped to issue the CERT-In VAPT certificate for all four modules of the Biju Swasthya Kalyan Yojana(BSKY), Odisha Government

All the modules of Department of Health and Family Welfare Departments that is BSKY applications are hosted in the state data centre, ensuring the highest level of security and reliability. The successful completion of the project means that citizens of Odisha can now use the BSKY Portal, Hospital Empanelment Portal for both Government Hospitals and Private Hospitals, BSKY Citizen Dashboard for all Odisha People, Grievance Portal for all BSKY Card Holders, BSKYTMS Portal, BSKY Mitra Assistance AI Platform, BSKY Mobile Application and more. These web and mobile applications are now well-protected against external threats, and the highly sensitive data they process, store, and fetch are done so flawlessly. Threatsys is the Best Cyber Security Service Provider that protects the data of all the BSKY Card Holders Data of Odisha and responsible for their security, integrity and privacy.