How to address cybersecurity in healthcare?

18. 7. 2025

Cybersecurity in healthcare must be approached comprehensively—at the organizational/hospital level (IT systems, processes, staff) and at the level of technologies and medical devices that handle patient data or communicate with other systems.

It is essential to distinguish between management systems (e.g., ISO/IEC 27001, ISO 13485, or the new Cybersecurity Act based on NIS2), which apply solely to the organization, its processes, and quality management.
These systems do not demonstrate or prove the cybersecurity of specific products or medical devices—this must be addressed separately through technical standards and specialized assessments.

Ensuring the security of medical devices and information systems requires:

Secure development and system management (e.g., according to IEC 81001-5-1 or IEC 62443-4-1)
Vulnerability testing and penetration testing (e.g., according to IEC 62443-4-2)
Implementation of an Information Security Management System (ISMS according to ISO/IEC 27001)
Assessment of compliance with NIS2, the Cybersecurity Act (ZoKB), GDPR, and MDR (Medical Device Regulation)
Preparation of technical documentation and compliance for notification or CE marking

EZÚ offers both organizational and product-related services, supporting hospitals, public institutions, and healthcare technology providers in managing the full process of cybersecurity—from GAP analysis and tailored training to pre-assessments, audits, and certification based on relevant standards and regulations.

Name	Domain	Purpose	Expiry	Type
pll_language	it.ezu.cz	The pll _language cookie is used by Polylang to remember the language selected by the user when returning to the website, and also to get the language information when not available in another way.	1 year	HTTP
elementor	it.ezu.cz	This cookie is used by the website's WordPress theme. It allows the website owner to implement or change the website's content in real-time.	never	HTTP

Name	Domain	Purpose	Expiry	Type
_ga	it.ezu.cz	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.	2 years	HTTP
_gid	it.ezu.cz	Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.	1 day	HTTP
_gat_UA-88740921-10	it.ezu.cz	A variation of the _gat cookie set by Google Analytics and Google Tag Manager to allow website owners to track visitor behaviour and measure site performance. The pattern element in the name contains the unique identity number of the account or website it relates to.	1 minute	HTTP

How to address cybersecurity in healthcare?

Menu

Useful information