How Strong Identification of Needs and Barriers Can Boost Cybersecurity at Health & Care Facilities

Overview

John Paul II Podhalański Specialist Hospital in Nowy Targ and Adult Learning Centre aimed at improving the health & care system in terms of efficiency and electronic circulation documentation. This included speeding up the retrieval of patient records from the database and streaming report and analysis creation, for stronger data protection and an increased cybersecurity level amongst health & care professionals.

Using the Digital & Innovation Skills Helix concepts—otherwise known as “DISH”—medical professionals met the challenges that would prevent them from achieving the aforementioned objectives. In particular, the main issue was the lack of IT competencies amongst the staff and a shortage of e-Skills in managing the electronic data exchange environment. In addition, distrust in technical innovations and the need for continuous education, which had stemmed from a lack of previously implemented on-the-job training, compounded the problem. There was no proper procedure in place that would resolve these concerns and ultimately lead to desired outcome and effects.

Therefore, the institution worked on carrying out a pro-development training programme that would raise awareness of risks resulting from unsecured medical data. At the same time, a programme of this kind would undertake the endeavour to expand upon professionals’ ability to detect potential pitfalls and respond to foreseen threats in a timely and effective manner. The DISH concepts allowed us to fill in the gaps and provide direction; standardise actions to address barriers in cybersecurity organisational practices; and strengthen weak links in processes. As a consequence, the institution could further fortify its level of cybersecurity, minimise costs for training development, and enjoy a period no cybersecurity incidents that would arise due to a human factor amongst professionals.

At A Glance

the number of staff trained including
22 doctors, 20 medical caregivers
7 administrative employees and 13 nurses

the percentage observed in reduced waiting time for issuing medical record copies

80%

the percentage of participants who reported feeling confident that they would use the knowledge acquired in dealing with patient data to preserve cybersecurity

Need Identification

Planning and Implementation Tool Helps Address Barriers to Effective Cybersecurity Growth by Facilitating Evaluations of Competency Gaps

“DISH has proven to be very flexible in addressing adversities (low level of e-health competencies and the lacking idea on how to approach the problem and solve it) that have so far prevented cybersecurity level growth.”

– Bartosz Kosiński, Trainer

Before introducing the training programme, we performed an in-depth diagnosis using the Planning and Implementation process tool to obtain interesting findings on missing competencies. Thanks to the tool, we were able to enumerate all the adversities that had so far blocked or prevented the introduction of a reasonable practice that would fortify cybersecurity competencies and personal data protection. The observation we made was that participants had a low level of knowledge on the existence of a proactive approach regarding cybersecurity and patient record management. Interviews with health & care professionals also provided some insight into participants’ expectations and needs in the context of the training. At the same time, these professionals were not aware of the potential risks associated with digital solutions related to electronic circulation and used in routine work.

This all said, the DISH process tool was very adaptable when working on the needs and lack of certain knowledge. It helped resolve the potential obstacles that would prevent the growth of a cybersecurity level. Structuring a feasible training programme, in which we could show practical tips and leave some openness for discussion, paved a way to provide a strong response to the issue of existing barriers and doubts.

Standardisation

On-The-Job Training Unifies The Competency Assessment Framework

“I believe a project like DISH is necessary and perhaps even crucial for the efficient functioning of the healthcare system. It is important to have some standardisation in terms of training to improve the competencies of health & care professionals”.

– Bartosz Kosiński, Trainer

Introducing the second DISH tool increased the effectiveness of training through standardisation by systematising the approach to on-the-job training planning. The implemented activities introduced a coherent and streamlined method to maximise training efforts. The lack of a pre-existing standard regarding on-the-job training had been associated with an absence of desire and confidence in developing digital skills in health. It was necessary to define the training objectives to show participants the added value whilst simultaneously increasing the awareness of the problem via interactions between technology and human behaviour.

Participants required real-life and practical examples that were presented in the form of case studies and best practices. This made it possible to adapt the learning process for the training audience based on the issues and gaps that had been already identified and eliminate erroneous medical record management habits. The On-The-Job Training process tool showed that effective strengthening of competencies happens when we eliminate barriers. Standardising training materials and methods allowed for improved training effectiveness because of an individualised focus on medical professionals who need to succeed in specialised areas.

Efficiency

The Assessment and Recognition Tool Identifies Weak Links that Would Otherwise Slow Management Execution

Planned on-the-job training integrated active methods like moderated discussions and risk factor analyses in cybersecurity via case studies. However, despite these approaches, some participants still face some difficulties in learning and acquiring the relevant digital skills and knowledge. Thankfully, because of the Assessment and Recognition too, we were able to check the durability of the transferred knowledge and, if necessary, provide follow-up and more personalised training. This would result in strengthening areas that would contribute to carrying out management responsibilities more efficiently.

Only with DISH

Establishing a Pro-learning Culture

The DISH tools impact the attitude of participants by introducing standardised yet well-prepared training and promoting engagement. This is possible because it explores real concerns and barriers amongst participants that had inhibited the growth of interest in cybersecurity in health & care. The positive result can become even more evident during individualised approaches, because it fosters self-awareness of digital competencies and furthers exploration of existing gaps. Indeed, the tools lay the groundwork for a pro-learning and pro-development culture, strengthening the pillars of health & care and supporting digital hygiene in an ever-changing cybersecurity setting.

Results

95%

of participants reported learning competencies during a post-training assessment process

100%

training efficiency described by participants during the post-training evaluation in relation to an increased cybersecurity level in the facility and a lack of cybersecurity incidents caused by the human factor

of participations needed additional steps to develop digital competencies, underpinning the need to address the level of distrust in relation to introducing digital competencies

Training Material

Build upon the Poles’ experience and use their own well-tested
documents to support you with DISH implementation

Polish

English

Change begins now.

The health & care sector is transforming quickly — shifting demographics and a
widespread digital overhaul. But, with DISH, you can be one step ahead.

Get Started

All Case Studies

Next Case Study

Cookie	Duration	Description
cookielawinfo-checkbox-advertisement	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category .
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
CookieLawInfoConsent	1 year	Records the default button state of the corresponding category & the status of CCPA. It works only in coordination with the primary cookie.
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
VISITOR_INFO1_LIVE	5 months 27 days	A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface.
YSC	session	YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt-remote-device-id	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.