New strategy for cyber and information security in the Danish healthcare sector

April 30, 2019
As the first country in the world, Denmark presents a new strategy with the purpose to provide a strengthened collective cyber and information security effort in the healthcare sector.

As digital solutions become increasingly important within the healthcare service, safe and secure conditions also include strong cyber and information security. Digital tools are an opportunity to offer citizens and relatives a safe, accessible, and coherent healthcare service where citizens can easily get in touch with their own general practitioner and hospitals, where all relevant information follows citizens along treatment pathways throughout the healthcare service, and where citizens can experience treatment and care in close proximity to their homes.

The Danish healthcare service is already one of the most digitized healthcare services in the world, and there is still great potential. However, with digitization new challenges arise as well. As individuals and equipment at regional hospitals, in municipal care, at general practitioners, and among other healthcare providers become increasingly interconnected, the complexity of the systems increases and with it the healthcare service's vulnerability to cyber-attacks. Therefore, a new strategy for cyber and information security in the healthcare sector has recently been published by the Danish Ministry of Health, Local Government Denmark, and Danish Regions.

The strategy is divided into four tracks (Predict, Prevent, Detect, and Respond) with the aim to strengthen the healthcare sector’s capacity to predict, prevent, detect, and respond to cyber and information security incidents. A number of specific initiatives have been assigned for each track, and the actors in the sector will work together to implement them. Some of the initiatives build on existing efforts among some of the actors, while others involve new joint measures.

Furthermore, some of the strategy’s initiatives aim to bring together a number of activities in the sector to form cross-sectorial activities via the healthcare sector’s decentralized cyber and information security unit (DCIS) in the Danish Health Data Authority. The aim of this approach is to ensure a holistic approach to the collective efforts towards strengthening the collective level of security in the healthcare sector and ensure that all aspects of cyber and information security are addressed and assessed.

Read the strategy for cyber and information security in the healthcare sector 2019-2022 here.