ENISA issues key recommendations on protecting eHealth services and infrastructures

ENISA has engaged more than fifteen MS and two EFTA countries in a study to identify the measures policy makers and the private sector should take to improve the security and resilience of eHealth systems. This study focuses on three broadly used, real cases, namely Electronic Health Records, national eHealth services (for example ePrescription) and Cloud Services supporting eHealth systems.

The Executive Director of ENISA, Udo Helmbrecht, commented on this report: “The complexity and interdependencies of eHealth systems have been steadily increasing. Ensuring the availability, integrity and confidentiality in eHealth is a challenging task for providers and beneficiaries. ENISA seeks co-operate with all stakeholders to enhance the security and privacy of all eHealth infrastructures and services.”

The report recommends, inter alia, that:

  • National cyber security authorities should identify critical eHealth assets and carry out risk assessments with a view to mitigate risks
  • Policy makers should introduce baseline cyber security guidelines for eHealth infrastructures and services
  • eHealth operators, along with public sector actors, should setup an information sharing mechanism to exchange good practices and expertise on threats and vulnerabilities.

These findings were validated by numerous experts from the public and private sectors in an open workshop organised together with the European Commission on 30th of October 2015.

New technologies, such as cloud computing, smart devices and the Internet of Things, already provide the innovation drive eHealth needs. As cyber security challenges grow alongside services in 2016, ENISA will focus on the adoption of Cloud computing by healthcare providers and carry out an analysis regarding Smart Hospitals.

For full report


Neueste Artikel

Städte und Gemeinden sehen auch nach den Ergebnissen der Neuauflage des Zukunftsradar Digitale Kommune im Jahr 2019 einen hohen Nutzen durch die Digitalisierung. Gleichzeitig werden auch in diesem…

Die Startups in Deutschland werden skeptischer. Aktuell sagen nur noch 39 Prozent der Gründer, dass sich in den vergangenen zwei Jahren die Lage für ihr eigenes Startup verbessert hat….

Seit Mai 2019 stellt das BSI ein zweistufiges Schulungskonzept zum Erwerb eines neuen Nachweises zum IT-Grundschutz-Praktiker und IT-Grundschutz-Berater zur Verfügung. Auf der BSI-Webseite steht nun der Antrag zur Zertifizierung…