On 3-4 April, our Secretary General, Ms Ilaria Giannico, was invited to join the Secure Summit, organized by the Polish presidency of the Council of the European Union in Bydgoszcz, Poland.
She had the opportunity to share some insights on the European Commission’s Action Plan on cybersecurity for hospitals and healthcare providers that was presented by the European Commission last June.
Although we welcome the fact that the Commission recognizes cybersecurity as a priority and has come up with a plan, here’s some of the key points she raised on behalf of the European Union of Private Hospitals (UEHP):
- the document should clarify the role of the future EU/ENISA Healthcare Support Center in relation with the existing mechanisms.
- the plan is not very clear in terms of what will be done in addition to the existing, in terms of pooling information from the national ISACs and CSIRTs.
- in terms of recovery, it would be extremely important for the Commission to dedicate some resources and some capabilities to help hospitals that have fallen victim to a serious attack to get back on their feet.
- very good proposal to have ENISA and the EU Healthcare Support Center play a role in the training and sensibilization of healthcare actors, and in the dissemination of best practices.
- on PPPs : the idea of a Health Cybersecurity Advisory Board is a good one. We suggest to include some of the CIOs and CISOs of the largest EU healthcare private providers to be members to make this Advisory Board more concrete and action-oriented.
We will keep to further discuss those points with the colleagues in charge of the document.
