Context of the project

The healthcare industry is plagued by a myriad of cybersecurity-related issues posing new challenges in the Healthcare Sector. In an increasingly data-driven world, cyber security is no longer just a concern for experts. During the last 24 months, Europe came across an unprecedented number of cyber-attacks in terms of their global scale, impact on the business sector and rate of spread.

Characteristically, the May’s 2017 attack in England’s National Health Service (NHS) demonstrated in the most flashing way the vulnerabilities of information systems (IS) in any possible way. Healthcare organizations are some of the most-trusted entities holding the most sensitive information about patients: name, date and place of birth, medical records, social security details. Suffering from many flaws (low budget, lack of IT organization, excessive use of legacy systems), healthcare actors have become easy targets for hackers, facing more and more pressure and threats from them.

The nature of the healthcare industry’s mission poses unique challenges since cyber-attacks can have ramifications beyond financial loss and breach of privacy. The General Data Protection Regulation (GDPR) 2016/679 which will be directly applicable in all member states by 25 May 2018 requires healthcare organizations to re-think their data flows and how they handle and monitor patient data to make sure they are in compliance with the regulation.

At the same time, the expected massive growth of data protection jobs drives new skills, knowledge and competencies from Healthcare employees. As a result, Healthcare Sector is facing the risk of a rising skills mismatch between data protection officers/employees across European countries with a different occupational profile on skills and competencies and most importantly, different levels of legislation/integration on data protection.

With SecureHealth project
we want to support individuals (DPOs and others) in acquiring
and developing skills and key competencies in dealing with
Data protection issues in the Healthcare sector.

The SecureHealth aims at empowering the major actors with employees that are going to fill the gap and the identified skills mismatch through:

  • Developing enhanced regional and cross-regional partnerships to ensure that a sufficient number of healthcare employees and learners receive the right training / education based on current needs;
  • Connecting educational and vocational training with healthcare industry and organisations in a more systematic and coherent way;
  • Developing an environment that is going to foster employability of employees in the healthcare sector, providing adequate tools that will better their working conditions and the quality of services provided;
  • Improving comparability and transfer of skills and competences focusing on-line training of current healthcare employees based on a blended approach, while introducing innovative education/ training initiatives;
  • Raising awareness and improving the knowledge on patients’ data privacy protection as well as providing concrete information on rising legal aspects.

Project structure

SecureHealth has structured around three (3) main Intellectual Outputs (IOs) and will include the implementation of five (5) Training events.

The project’s IOs are:

I.O. 1: Conduction of a current gap analysis and identification of an Occupational Profile for DPOs in the Healthcare Sector;
I.O. 2: Designing of two VET Curricula and horizontal data protection training for DPOs and employees in the Healthcare sector;
I.O. 3: Piloting of Curricula and Peer mentoring Training Scheme in the Healthcare sector.

The five training events are tailored to each participant country and include training of DPOs in the Health sector on GDPR in Slovenia, Croatia, Greece, Belgium and Cyprus. Delivery of training has the below assets:

  • strengthens the cooperation between the organisations involved in the same Strategic Partnership;
  • allows DPOs in SMEs to develop their knowledge and understanding on national and European data protection regime;  
  • promotion of European values in the field;
  • it provides the opportunity of testing the competence based Curricula developed;
  • it enhances the practical, work based character of the Project;
  • training modules, training material and assessment tests are going to be tested in real training implementation;
  • it evaluates the experiences of the beneficiaries.

Project objectives

Project objectives can be broken down into different levels, ranging from an overall vision to an operational intention relating to outputs. SecureHealth project objectives have been formulated during the project initiation and design phase and reflect the partnership common vision towards optimum results.

The project’s main objectives are:

  • Foster employability of young learners and employees in the Health sector providing them with the new Data Protection Skills Sets, achieving higher connectivity between the emergence of new job roles and associated skills needs from the 2016/679 Directive.
  • Enhance transparency, comparability and harmonization of Sectoral skills and qualifications of data protection employees, providing a new Occupational Profile which includes the new “soft skills” needed in the data privacy area.
  • Support the setting-up of two new VET Curricula: preparation of a learning-outcome based Training course for DPOs in Health sector & trainers that are going to cover “horizontally” the main areas of skills and competences and share a common learning experience among them at a European level and an Awareness raising DPO Curriculum accompanied by a strong Peer Mentoring element to enhance the capacities of in-company trainers within the Healthcare sector.
  • Develop a new Peer Mentoring Scheme, supported by a Toolbox, that is going to provide the necessary linkage between VET Training and Actual Work and enhance real learning about real issues in the data privacy sector, based on Healthcare industry actual needs.
  • Foster cross-border, transnational / interregional mobility for DPO's in the Health sector that leads to knowledge transfer and new job opportunities.

Project results

A concise description of the results and/or products expected:

  • A renewed Occupational Profile for DPOs accompanied by a new Skills Chart
  • A DPO VET Curriculum accompanied by a Peer Mentoring Scheme
  • An Awareness raising Curriculum on Data Protection for current and future employees
  • Data Protection and GDPR Learning Resources for learners and wider audiences
  • On line Peer Mentoring Toolbox
  • Development of effective feedback loops to enhance peer mentoring

Feel free to contact us by sending an e-mail to:

This project has been funded with support from the European Commission. This website reflects the views only of the author, and the Commission cannot be held responsible for any use which may be made of the information contained therein.

Project reference: 2020-1-SI01-KA202-075881