EU to toughen cyberattack defence strategy for healthcare sector

The European Commission will step up its cybersecurity action in an increasingly digitalised health sector already experiencing threats and poses new challenges. Political Guidelines 2024-2029 published before Von der Leyen’s reappointment as president of the EU executive last week included suggested a new action plan on cybersecurity of hospitals and healthcare providers will be presented in the first 100 days of the new mandate. The Guidelines were published a day before brought hospitals and other businesses to a halt worldwide, highlighting the reliance of health institutions on digital infrastructure.

With the rapid development of digital health alongside rising awareness of data privacy and security, the EU is keen to bolster independence from reliance on third-party digital infrastructure. The next Commission will put forward a European Data Union Strategy, building on existing data rules to ensure a “simplified, clear and coherent legal framework for businesses and administrations to share data seamlessly and at scale, while respecting high privacy and security standards”, according to the guidelines. Alongside this data strategy Von der Leyen announced an 'Apply AI Strategy' to boost industrial uses of AI and improve the delivery of a variety of public services, including healthcare.

During and following the COVID-19 pandemic there was an increase in cyberattacks on healthcare providers, as demonstrated by the European Union Agency for Cybersecurity's (ENISA) f.