Daniela Cîmpean, President of Sibiu County Council, was appointed today Rapporteur on the opinion regarding the "European action plan on the cybersecurity of hospitals and healthcare providers".
The European Union has recognized the increasing importance of digital health and cybersecurity in hospitals and healthcare providers. As part of its commitment to ensuring a secure and resilient healthcare system, the EU has launched in January 2025 the European Action Plan on Cybersecurity for Hospitals and Healthcare Providers.
In her first reaction Cîmpean said "Healthcare systems are becoming increasingly digital, and protecting patient data and critical infrastructures must be an absolute priority. A cyberattack on a hospital is not just a technological issue – it is a direct threat to patient safety."
Daniela Cîmpean is no new face in the field of health. She was the rapporteur for the opinion on the European Health Data Space (EHDS). The objective of the opinion was to ensures that patients have access to their medical data in digital format anywhere in the EU, while also supporting research and public health policies.
Cîmpean said that as part of her work she intends to:
✅ organize consultations with specialists and European institutions
✅ put forward legislative proposals to strengthen protection measures
✅ collaborate with member states for effective and uniform solutions
Hospitals and healthcare systems are becoming more digitized, increasing their vulnerability to cyberattacks. In response, the EU has laid out a comprehensive framework to assist healthcare providers in enhancing their cybersecurity measures, promoting the exchange of best practices, and encouraging the adoption of secure digital technologies. Key words are: Prevent, Detect, Respond and recover, Deter. This Action Plan also includes fostering closer cooperation between national authorities, healthcare organizations, and the private sector. The initiative is part of the EU's broader Digital Health Strategy, which aims to ensure that healthcare systems across Europe are not only digitalized but also secure, accessible, and patient-centred. By focusing on both infrastructure and people, the EU aims to protect citizens' health data while enabling the full potential of digital health innovations.
Indicative timetable for adoption:
▪ Adoption in the NAT Commission Meeting: External meeting in Venice 20-21 May 2025
▪ Adoption in plenary session: 2-3 July 2025
