MedISA Logo


Medical Centre Employee Centered Information Security Awareness


The MedISA research project is developing strategies to raise awareness of IT security and data protection among employees in medical care facilities.

Problem definition

According to reports from the German Federal Office for Information Security (BSI), cybercrime is on the rise. Medical care facilities are also repeatedly affected by cyber security incidents. Possible consequences: the exposure of sensitive data and the threat to patient care. A particular challenge for protection against cyber threats is the lack of information security awareness (ISA), lack of expertise about potential damage and low risk perception among users from the medical, nursing, therapy or IT sectors who access the interconnected systems. The industry-specific security standard for healthcare therefore calls for mandatory implementation of regular IT security training for employees to raise awareness and create an ISA. However, there has been little scientific research into how this can be done in a practicable and sustainably effective manner in the context of medical care facilities. Therefore, there is a lack of clear recommendations for action and implementation, as well as guidelines for medical care facilities to follow and implement this requirement.


The MedISA project investigates how measures to increase the ISA of employees in medical care facilities can be designed and bundled for the relevant target groups in order to achieve a high and sustainable degree of effectiveness of the ISA measures through high user acceptance. This question will be addressed in a participatory manner by means of user-centered research and development methods with the respective target groups. In addition to the sensible use of common ISA measures, such as training in presence or online, especially innovative approaches for novel ISA measures are explored. Measures are intended to be minimally invasive and integrated into the daily work of medical staff to continuously sharpen ISA.

Funding recipient
Bonn-Rhein-Sieg University of Applied Sciences
Funding amount
approx. 450.000€
01.12.2021 - 30.11.2024
Project Lead
Prof. Dr.-Ing. Luigi Lo Iacono