The MedISA research project is developing strategies to raise awareness of IT security and data protection among employees in medical care facilities.

Problem definition

According to reports from the German Federal Office for Information Security (BSI), cybercrime is on the rise. Medical care facilities are also repeatedly affected by cyber security incidents. Possible consequences: the exposure of sensitive data and the threat to patient care. A particular challenge for protection against cyber threats is the lack of information security awareness (ISA), lack of expertise about potential damage and low risk perception among users from the medical, nursing, therapy or IT sectors who access the interconnected systems. The industry-specific security standard for healthcare therefore calls for mandatory implementation of regular IT security training for employees to raise awareness and create an ISA. However, there has been little scientific research into how this can be done in a practicable and sustainably effective manner in the context of medical care facilities. Therefore, there is a lack of clear recommendations for action and implementation, as well as guidelines for medical care facilities to follow and implement this requirement.

Objective

The MedISA project investigates how measures to increase the ISA of employees in medical care facilities can be designed and bundled for the relevant target groups in order to achieve a high and sustainable degree of effectiveness of the ISA measures through high user acceptance. This question will be addressed in a participatory manner by means of user-centered research and development methods with the respective target groups. In addition to the sensible use of common ISA measures, such as training in presence or online, especially innovative approaches for novel ISA measures are explored. Measures are intended to be minimally invasive and integrated into the daily work of medical staff to continuously sharpen ISA.

Funding recipient

Bonn-Rhein-Sieg University of Applied Sciences

Funding amount

approx. 450.000€

Duration

01.12.2021 - 30.11.2024

Project Lead

Prof. Dr.-Ing. Luigi Lo Iacono

Contact