New Imprivata Survey Reveals Significant Gaps in NIS2 Cybersecurity Preparedness Among Healthcare Organisations

Survey reveals nearly 70% of healthcare organisations are either unaware of the NIS2 Directive or are lacking necessary IT security adaptations, highlighting urgent need for enhanced cybersecurity measures in the healthcare sector

Langenfeld, 4 June 2024 - Imprivata, the digital identity company for life- and mission-critical industries, today announced new research which highlights a concerning trend among healthcare organisations regarding their preparedness for the upcoming NIS2 Directive.

The survey, which gathered responses from 227 professionals in the healthcare sector at the DMEA 2024 Conference in Berlin, indicates a substantial lack of readiness for the stringent cybersecurity requirements set to be enforced later this year. Nearly 40% of respondents admitted to having never heard of the NIS2 Directive, while an additional 30% acknowledged that their IT security does not comply with the new requirements.

“It is concerning that a significant number of healthcare organisations are not yet prepared for the NIS2 Directive,” said Ingo Buck, Regional Manager DACH at Imprivata OGiTiX GmbH. “It's crucial that these institutions assess their current strategies and processes immediately to ensure they meet the upcoming requirements by October 2024."

NIS2 and KHZG: Cybersecurity Preparedness Lags

Effective identity management is not just an operational necessity but a cornerstone of cybersecurity in healthcare. As cyber threats evolve, robust identity management systems are essential to protect sensitive data and ensure compliance with stringent regulations like NIS2. Despite this, only 19% reported a very mature approach to managing digital identities, with centralised management and flexible integration capabilities.

Additionally, for those that have implemented Hospital of the Future Act (KHZG) cybersecurity measures, nearly three-quarters (73%) say they have not noticed changes or improvements to their hospital processes or cybersecurity measures. This underscores a critical need for increased awareness and urgency to adopt solutions that optimise both clinician efficiency and security, particularly considering the NIS2 Directive and expiring KHZG funding.

To learn more and review the full survey results, visit

About Imprivata

Imprivata is the digital identity company for life- and mission-critical industries, redefining how organisations solve complex workflow, security, and compliance challenges with solutions that protect critical data and applications without workflow disruption. Its platform of interoperable identity, authentication, and access management solutions enable organisations in over 45 countries to fully manage and secure all enterprise and third-party digital identities by establishing trust between people, technology, and information. For more information, visit

Media Contact