Active Risk Management to protect IT Infrastructures in Hospitals

(PresseBox) ( Rotkreuz / Düsseldorf, )
  • Hospitals increasingly subject to IT attacks
  • End-to-end IT security concepts to minimize liability and security risks
IT attacks on the healthcare industry are on the rise. According to media reports, hospitals have recently become a major target of security threats due to malware. exceet Secure Solutions, a member company of exceet Group, offers end-to-end security concepts to minimize such risks.

The reasons for the enormous vulnerability of IT infrastructures in hospitals are as diverse as they are precarious. The blame falls on insufficient hardware capacities, obsolete operating systems and processes, staff shortfalls and budget limitations. Many clinics have submitted concrete applications for investment support from state governments, but in the meantime the onus is on hospital operators to take measures to systematically prevent unauthorized access to their IT networks.

Maintaining IT Security Standards in Hospitals

Simple organizational measures such as a comprehensive security assessment are a first key step in effectively minimizing liability and security risks. “Here the foremost objective is to define potential vulnerabilities, to identify concrete security risks associated with them, and to determine protection needs on the ground”, says Martin Schlüter, Head of the e-Health Segment at exceet Secure Solutions AG, in outlining the proven approach.

Industry-specific requirements are provided by the norm group DIN EN 80001-1, analog to ISO 27001: 2013 and the Basic IT Protection Principles developed by the Federal Agency for Information and Security Technology (BSI). Risk management based on these standards hays been a reliable tool for providers of medical IT networks for years, and specialists from exceet have successfully applied it in a wide range of healthcare projects.

Benefits for Hospital Operators and Compliance Officers

exceet provides support in preparing an individual risk management strategy, but also in realizing such a scheme from a technical point of view. This includes the introduction of network access controls, the installation of firewalls and the establishment of an endpoint security instance, and also extends to the selection of appropriate security hardware and software components. Compliance officers and hospital operators thus benefit from an end-to-end solution portfolio that safeguards the security of patient files and the effectiveness of medical data within hospital workflows, and protects data and systems security from attack while maintaining due diligence obligations in crisis situations.

For further information on DIN EN 80001 and ISO 27001, please refer to our White Papers at:
The publisher indicated in each case is solely responsible for the press releases above, the event or job offer displayed, and the image and sound material used (see company info when clicking on image/message title or company info right column). As a rule, the publisher is also the author of the press releases and the attached image, sound and information material.
The use of information published here for personal information and editorial processing is generally free of charge. Please clarify any copyright issues with the stated publisher before further use. In the event of publication, please send a specimen copy to