CDE Almería - Centro de Documentación Europea - Universidad de Almería

Centro de Documentación Europea de la Universidad de Almería

The EU Agency for Cybersecurity publishes a Cybersecurity Procurement Guide for Hospitals. Healthcare IT professionals have a new instrument in their toolbox.

ciberseguridad hospitales

The hospital is a vast ecosystem comprised of an entire network of devices, equipment and systems that often require connection to external systems, making monitoring and control a very hard task to do. This is due to the high sensitivity of medical data and the potential vulnerability the sector is faced with cybersecurity has to be applied every step of the way to ensure patient data privacy and the availability and resilience of healthcare services at the same time.

The ‘Procurement Guidelines for Cybersecurity in Hospitals’ published by the Agency is designed to support the healthcare sector in taking informative decisions on cybersecurity when purchasing new hospital assets. It provides the information to be included in the procurement requests that hospitals publish in order to obtain IT equipment.

A cybersecurity procurement guide

This new report outlines good practices and recommendations for including cybersecurity as a provision in the procurement process in hospitals. Initially the report presents the set of hospital assets and the most prominent cybersecurity threats linked to them. After categorising the procurement process in three steps, namely ‘Plan, Source and Manage’, it identifies the cybersecurity requirements associated with each step. To make this even easier, the guide provides suggestions for evidence on how the requirements can be fulfilled by the provider.

Who can use the guide?

This guide provides an accessible overview and allows reutilisation by CIOs and CISOs of healthcare providers, medical device manufacturers, insurers and other healthcare related organisations, with the objective of becoming a useful reference. The visualisation of this information into a handy tool will be released in the coming months.

More information

Full news

Procurement guidelines for cybersecurity in hospitals. Good practices for the security of healthcare services. Study

Publicaciones relacionadas:

Aplicaciones móviles de un teléfono móvilEU recognises progress made by digital platforms to combat misinformation ENISA is setting the ground for Industry 4.0 Cybersecurity A Europe that protects: good progress on tackling hybrid threats Security Union: Commission receives mandate to start negotiating international rules for obtaining electronic evidence A Europe that protects: Continued efforts needed on security priorities

“This is a space for debate. All comments, for or against publication, that are respectful and do not contain expressions that are discriminatory, defamatory or contrary to current legislation will be published”.

“Este es un espacio para el debate. Se publicarán todos los comentarios que, a favor o en contra de la publicación, sean respetuosos y no contengan expresiones discriminatorias, difamatorias o contrarias a la legislación vigente.”

Reader Interactions

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.