Romanian Cyber Care Health - RO-CCH

The Romanian National Cyber Security Directorate (DNSC) is the beneficiary of a non-reimbursable financing for the implementation of “Romanian Cyber Care Health - RO-CCH” project, under the grant agreement no. 101101522. The project is financed through granting authority: CNECT.H – Digital Society, Trust, and Cybersecurity, under the call DIGITAL-2022-CYBER-02-SUPPORTHEALTH topics, type of action: Digital SME Support Actions.

Coordinator:
The Romanian National Cyber Security Directorate (DNSC)

Project starting date: 1 January 2023
Project end date: 31 December 2024
Project duration: 24 months
Total value: € 578,870.00 of which non-reimbursable financial assistance: € 289,435.00
DNSC budget: € 578,870.00 of which non-reimbursable financial assistance: € 289,435.00

The Romanian Cyber Care Health - RO-CCH project will support cyber security resilience in the Romanian healthcare system and health institutions, which have been put under stress over the recent years, especially further to the COVID-19 crisis, in view of limiting the damage of safety-critical cyber security incidents which have affected health institutions and health services providers. The overall objective is to reduce cyber security risks to increase patient trust and safety in healthcare and health institutions.
The project will support cross-fertilisation among cyber security and healthcare communities of practices in order to increase the awareness of cyber security threats affecting healthcare and health institutions and to define collaboratively multi-disciplinary cyber security training schemes tailored to healthcare and health institutions environments and related healthcare system stakeholders, hence establishing the foundations for cyber security skills in health sector across the European Union.
This overall objective involves six specific objectives, which provide a socio-technical account of cyber security in healthcare system and a detailed agenda for enhancing cyber security in healthcare and health institutions:
Specific Objective 1 – Defining a cyber threat landscape for healthcare and health institutions;
Specific Objective 2 – Identifying vulnerabilities in healthcare and health institutions;
Specific Objective 3 – Understanding human factors in cyber security;
Specific Objective 4 – Defining organisational strategies enhancing cyber security in healthcare environments;
Specific Objective 5 – Defining cyber security awareness and training schemes for healthcare;
Specific Objective 6 – Engaging with cyber security and healthcare stakeholders.
It is expected that market-ready innovative cyber security solutions will be adopted, including provisions developed in the framework of EU-supported research and innovation projects. Furthermore, healthcare and healthcare institutions (SMEs in particular) will be equipped with up-to-date tools to protect themselves against cyber threats, as well as revised data sharing practices to improve security collectively. All these aspects are predicted to make a significant contribution to the overall Digital Europe Programme objectives.

The activities of the project are the following:

WP1 Cyber strategies in healthcare system - defines a tailored threat landscape and identifies cyber organisational maturity and operational models in order to define cyber strategies and awareness tailored to healthcare and health institutions;
WP2 Cyber awareness programmes and training schemes - identifies vulnerabilities in healthcare and health institutions, reviews relevant cyber awareness campaigns and training schemes and defines tailored cyber security training paths for healthcare professionals;
WP3 Human factors in healthcare cyber security - highlights the importance of human factors in cyber security, designs cyber security scenarios supporting communication of key messages, and identifies cyber security key performance indicators for healthcare;
WP4 Outreaching cyber security and healthcare communities of practices - defines an outreaching strategy and implements activities forming a detailed dissemination and communication plan. Furthermore, it implements a survey for gathering input from stakeholder groups and is communicating results to cyber security and healthcare communities of practices and other relevant stakeholders. Furthermore, WP4 provides also further opportunities for coordination and integration of all work packages;
WP5 Project management and coordination - is responsible for all governance procedures of the project and the communication with the European Commission.

Content reflects only the authors’ view and European Commission is not responsible for any use that may be made of the information it contains.