The healthcare sector is highly dependent on digital systems. Patient records, medication dispensing, supervisory home automation, schedule planning and communication are deeply linked to ICT. In a time of international tensions and digital threats, this dependence is particularly evident. Disruptions caused by ransomware, supplier failures or problems with electricity and data connections can therefore have a direct impact on the continuity of healthcare.
Immediately noticeable for patients and healthcare providers
Z-CERT director, Wim Hafkamp: "Digital failure is not an abstract IT problem. It affects people who need care. In Belgium, in January 2026, we saw how a cyberattack on a hospital led to prolonged system outages and postponed operations. This directly affects patients and healthcare providers. Good preparation ensures that care can continue safely and carefully even then."
Digital emergency kit as the next step
We advocate the structural implementation of a digital emergency kit that is also available offline and on paper. And that organisations practise and update this regularly. Just as the government calls on citizens to have an emergency kit at home that will see them through for at least three days, healthcare organisations must be prepared for prolonged digital system failure. This means that organisations must determine in advance how they will continue to function in the event of a prolonged IT outage. They must also determine which alternative work processes are available and how cooperation with suppliers and healthcare partners will be arranged when technology is temporarily unavailable. A digital emergency package is never “finished”. It requires constant attention, updating and practice to ensure that it actually works in a crisis situation.
More and more healthcare organisations are already taking important steps in this direction. A growing number of institutions now have demonstrable digital continuity and emergency procedures in place. At the same time, the Cybersecurity Assessment shows that further expansion, practice and assurance throughout the sector remain necessary.
What does the digital emergency kit consist of?
Healthcare organisations are obliged to take measures to ensure information security and continuity. This is laid down in sector-specific standards (NEN7510) and the forthcoming Cyber Security Act, among other things. The digital emergency kit fits in well with this. It translates these obligations into concrete, practised scenarios for long-term outages.
In our opinion, a digital emergency package should include: clear basic data and contact information, detailed incident and crisis procedures, emergency and continuity agreements to allow care to continue without IT, and recovery plans to restart systems after an incident.
Care must remain reliable, even in the event of system failure
Care must remain reliable and accessible for patients and clients, even when digital systems fail. Investing in digital resilience is therefore not a choice, but part of good governance. It requires budget, but also time, practice and attention. Care continuity must be organised before it is needed. That starts today.