Skip to main content
European Commission logo
en
European Commission

Cybersecurity of hospitals and healthcare providers

A healthcare sector resilient to cyber threats

Digitalisation has revolutionised healthcare, improving patient services through innovations such as electronic health records, telemedicine, and AI-driven diagnostics. However, cyberattacks can have severe consequences, including delays in medical procedures, gridlocks in emergency rooms, and disruptions to vital services.

The healthcare sector is one of the most targeted by cyberattacks, with an increasing number of incidents in recent years — more than in any other critical sector in the EU.

Key figures

309 incidents affecting cybersecurity in the health sector were reported in 2023
54% of cyberattacks in the health sector involve ransomware

To address this, the EU is taking action to protect healthcare as critical infrastructure. A new European action plan aims to ensure that healthcare systems, institutions, and connected medical devices are resilient against cyber threats, safeguarding patient safety and trust in digital.

The action plan was among the first initiatives that the Commission presented during the first 100 days of the new mandate, as announced by President von der Leyen in her political guidelines.

What does the action plan propose?

The European action plan builds on existing legislation and aims to establish a pan-European cybersecurity support centre for hospitals and healthcare providers, offering tailored guidance, tools, services, and training. 

It is based on 4 priorities:

  • Enhanced prevention. The plan helps to build the healthcare sector's capacities to prevent cybersecurity incidents through enhanced preparedness measures such as guidance on implementing critical cybersecurity practices. Secondly, the Member States may also introduce cybersecurity vouchers to provide financial assistance to micro, small, and medium-sized hospitals and healthcare providers. Finally, EU will also develop cybersecurity learning resources for healthcare professionals.
  • Better detection and identification of threats. The cybersecurity support centre for hospitals and healthcare providers will develop an EU-wide early warning service, delivering near-real-time alerts on potential cyber threats, by 2026.
  • Response to cyberattacks to minimise impact. The plan proposes a rapid response service for the health sector under the EU cybersecurity reserve. Established in the Cyber Solidarity Act, the reserve provides incident response services from trusted private service providers. As part of the plan, national cybersecurity exercises can take place along with the development of playbooks to guide healthcare organisations to respond to specific cybersecurity threats, including ransomware. Member States are encouraged to request reporting of ransom payments from entities, to be able to provide them the support they need and allow follow-up by law enforcement authorities.
  • Deterrence: protecting European healthcare systems by deterring cyber threat actors from attacking them. This includes the use of the cyber diplomacy toolbox, a joint EU diplomatic response to malicious cyber activities.

What's in it for you?

The action plan will create a safer and more secure environment for patients, ensuring that:

  • personal data and medical records are protected

  • healthcare services are not disrupted by cyberattacks

  • trust is strengthened in healthcare providers, who are taking steps to prevent and respond to cyber threats

How will it work?

The action plan will be implemented in close collaboration with healthcare providers, the healthcare sector, Member States and the cybersecurity community, with the European Union Agency for Cybersecurity (ENISA) at its centre.

The Commission ran a targeted consultation for the action plan in 2025 that collected views from relevant parties and citizens. The results of this consultation are published in a summary report.

Next steps

  1. 2025 Q1

    Set up a joint health cybersecurity advisory board

  2. 2025 Q2

    Begin work to establish a European cybersecurity support centre for hospitals and healthcare providers

    Launch of a stakeholder consultation – results summary

  3. 2025 Q4

    First meeting of joint health cybersecurity advisory board

    Present recommendations to further refine the action plan

  4. 2025-2026

    Roll out specific actions outlined in the plan

    Carry out an annual health cyber maturity assessment

Related links

This page was last updated on 12 March 2026