{"id":376099,"date":"2025-08-26T22:55:11","date_gmt":"2025-08-26T22:55:11","guid":{"rendered":"https:\/\/www.europesays.com\/uk\/376099\/"},"modified":"2025-08-26T22:55:11","modified_gmt":"2025-08-26T22:55:11","slug":"europes-hospital-it-leaders-in-germany-france-and-italy-warn-ehds-push-outpaces-cyber-defenses","status":"publish","type":"post","link":"https:\/\/www.europesays.com\/uk\/376099\/","title":{"rendered":"Europe’s Hospital IT Leaders in Germany, France, and Italy Warn: EHDS Push Outpaces Cyber Defenses"},"content":{"rendered":"


\n BRUSSELS, August 26, 2025 (Newswire.com)
\n –
\n <\/strong>Cybersecurity has overtaken other digital priorities as the most acute operational risk to European hospitals, according to a new Black Book\u2122 European survey of 352 hospital IT leaders in Germany (158), France (84), and Italy (110). Respondents describe a widening attack surface driven by ransomware pressure, middleware\/API weaknesses, and deferred EHR patching. just as the European Health Data Space (EHDS) enters its transition phase toward application and NIS2 obligations bite through national laws.<\/p>\n

Key findings from the Black Book survey<\/strong><\/p>\n

74%<\/strong> of hospitals reported at least one serious cyberattack attempt in the past 12 months; the most common entry points were compromised credentials and attacks on APIs used for data exchange (FHIR\/HL7).<\/p>\n

83%<\/strong> identify interoperability vendors and middleware systems as their most exploitable layer, citing weak API credential management, inconsistent mutual-TLS (mTLS), and infrequent key\/token rotation.<\/p>\n

60%<\/strong> acknowledge deferred EHR patching; in open-ended responses, executives most often referenced their own deployed EHR environments<\/p>\n

69%<\/strong> of French and Italian CIOs say their posture is constrained by vendor patch responsiveness and complex upgrade dependencies across EHR, PACS, LIMS, and scheduling systems.<\/p>\n

62%<\/strong> report no ring-fenced incident-response budget or in-house Security Operations Center (SOC) capacity.<\/p>\n

89%<\/strong> believe EHDS connectivity will expand breach exposure before essential controls (strong identity, network segmentation, EDR\/XDR, tested immutable backups) are widely implemented.<\/p>\n

“Identity and the APIs between core systems are the weak links,” said Doug Brown, Founder & President of Black Book Research. “Hospitals are working through backlogs of unresolved vulnerabilities while uncontrolled digital keys and dependency-bound patch cycles enlarge the attack surface. Without enforceable timelines for critical fixes, transparent disclosure, and clear software inventories, hospitals are fighting fast-moving threats with processes that can’t keep pace.”<\/p>\n

The EHDS Regulation (EU) 2025\/327 entered into force on March 26, 2025, initiating phased application and expanding cross-border data use on top of MyHealth@EU services like ePrescription and Patient Summaries.<\/p>\n

Real-world incidents: a pattern of escalation<\/strong><\/p>\n

Multi-country (Germany\/Austria\/Switzerland)<\/strong> – AMEOS Group disclosed a security breach disrupting operations across multiple countries in late July 2025.<\/p>\n

Germany<\/strong> – University Hospital Frankfurt suffered a major cyberattack reported July 2025, severing internet access and triggering infrastructure rebuild; There were 324 health-sector incidents reported in 2023, the most of any critical sector.<\/p>\n

United Kingdom<\/strong> – Ransomware on Synnovis pathology services forced London trusts to cancel procedures and revert to manual workarounds; NHS and press statements documented extensive disruption.<\/p>\n

Germany <\/strong>– UKSH (L\u00fcbeck & Kiel) canceled elective surgeries amid the global CrowdStrike IT outage-not a cyberattack, underscoring third-party resilience risk.<\/p>\n

Belgium<\/strong> – CHU UCL Namur experienced a major IT outage that curtailed non-urgent admissions across three sites.<\/p>\n

France <\/strong>– H\u00f4pital Simone-Veil (Cannes) faced a 2024 LockBit ransomware incident; non-urgent care was postponed and stolen data later published.<\/p>\n

Ireland<\/strong> – Mater Misericordiae University Hospital (Dublin) reported EHR\/IT 2024 outages leading to cancellations and ED advisories.<\/p>\n

EU-wide context:<\/strong> In January 2025, the European Commission launched an Action Plan to bolster hospital cybersecurity-standing up an ENISA Support Centre, an EU-wide early-warning service by 2026, and rapid-response capacity via the EU Cybersecurity Reserve.<\/p>\n

Vendor ecosystem: foundational but fragile<\/strong><\/p>\n

Across the survey base, respondents report heavy reliance on a small set of dominant clinical platforms spanning EHR, interoperability, and imaging. While no single brand was singled out as uniquely responsible, hospitals emphasized shared risk characteristics across large platforms:<\/p>\n