The Project HISC4ALL – Health Information Safe and Cybersecured for All, consists of creating a FRAMEWORK involving the SME in designing a common and shared Information Security and Cybersecurity Framework for the healthcare sector, and its application process.
The focus of the project will be on improving the cybersecurity capabilities of healthcare and health institutions across the EU, from a pilot-project in Portugal. It includes developing a framework to promote cybersecurity services and products, skills and training, awareness raising, and exchange of information. The solution will include cross-borders analysis from other EU countries.
The promoters are Instituto Nacional de Emergência Médica, INEM – Public Institution from the Ministry of Health, responsible for the Integrated Medical Emergency System (coordinator); Hospital São João Porto, HSJP, Public Hospital; and Paldata – Private SME, Information & Systems Solutions Provider, including for the Health Sector.
The consortium implements the HISC4ALL project. The project is co-financed by the European Commission (EC) under the topic DIGITAL-2022-CYBER-02-SUPPORTHEALTH of the Digital Europe Programme (DIGITAL).
Covid-19 pandemic made a sudden and urgent shift of the patient care to citizens’ homes, making the Healthcare entities more exposed to cyber-attacks. The Consortium saw the need in the market to incorporate an Information Security and Cybersecurity tool.
The Consortium proposes to create a new framework to assess the level of Information Security and Cybersecurity maturity of the different actors in the health sector involved in sharing data and information with and within each other. The purpose is to ensure that these exchanges take place between entities that meet certain minimum-security requirements and, to this end, comply with the highest levels of the maturity model to be developed.
Objectives
The project will be developed in 4 phases, over a period of 24 months (started on 01 January 2023 and will end on 31 December 2024). Outcomes will be:
- Final Framework for Information Security and Cybersecurity;
- Final Training, Awareness and Training program in the implementation and operation of the Framework;
- Final Framework Application Process;
- Framework Operation Process;
- HISC4ALL application (proof of concept);
- Website.
The target Stakeholders are Hospital and Clinics; Institutions of the Public National Health Service; NHS; SMEs of the healthcare sector (small hospitals, clinics, dentists, pharmacies); Non-profit organizations (Firefighters).