Curriculum Wizard

Curriculum Wizard

1. Organisational level

Digital (health) technologies in the organisation

The healthcare organisation makes use of
Mobile technologies (non-medical)	Mobile technologies (medical)	Desktop technologies	Bring Your Own Device	Bring Your Own Software

The healthcare organisation makes use of technologies that run on legacy software
Yes	No	I am not sure

The healthcare organisation maintains its IT (regularly/according to guidelines/best practices)
Yes	No	I am not sure

Employees have to (be able to) use a variety of digital (health) technologies and applications as part of their work
Yes	No	I am not sure

The healthcare organisation makes the necessary resources available for cybersecurity protection and upkeep
Yes	No	I am not sure

Organisational policies

Employees are able to find the organisation’s security policies (including guidelines, rules and procedures)
1	2	3	4	5	There are no such policies or directives

Employees know how to respond to (suspected) data breaches in line with the healthcare organisation’s policies (e.g. they know who to contact in case they think a data breach occurred)
1	2	3	4	5

Employees know how they can access work files remotely
1	2	3	4	5	This is not possible for this healthcare organisation

Employees know how they can access shared work files securely
1	2	3	4	5	This is not possible for this healthcare organisation

Employees are aware of the rules surrounding their use of social media in relation to their work
1	2	3	4	5

Employees are familiar with the healthcare organisation’s policies regarding passwords, their access credentials and/or other tokens/badges
1	2	3	4	5

Employees are aware of the consequences they face (professionally) if they do not follow the healthcare organisation’s cybersecurity policies
1	2	3	4	5

Security culture

The healthcare organisation promotes/communicates cybersecurity as a key objective to its staff members, patients, suppliers
1	2	3	4	5

Management level employees are active supporters of cybersecurity
1	2	3	4	5

Cybersecurity is communicated as a shared responsibility for all employees
1	2	3	4	5

Employees are encouraged to give feedback on cybersecurity concerns to colleagues - including to those in a higher position
1	2	3	4	5

Most employees accept (new) cybersecurity-related interventions/measures in the healthcare organisation
1	2	3	4	5

Employees are free to point out possible cybersecurity risks in the healthcare organisation to management or IT/security personnel
1	2	3	4	5

Training and education strategy by the healthcare organisation

Employees receive dedicated training on working with (new) digital health technologies
Yes	No	Sometimes

Employees receive regular training on cybersecurity and/or privacy topics
Yearly	Monthly	Independent learning options	Never

2. Employee level

Skills, knowledge and awareness of cybersecurity (risks)

Most employees are aware of their own role/responsibility surrounding topics of cybersecurity
1	2	3	4	5

Most employees are aware of the risks that may result from incorrect use of digital healthcare technologies
1	2	3	4	5

Most employees have a basic level of digital literacy*
1	2	3	4	5

Most employees know about cybersecure digital (health) technologies
1	2	3	4	5

Employees are aware of the rules surrounding their use of social media in relation to their work
1	2	3	4	5

Employees are familiar with the risks linked to a bad/incorrect use of passwords, access credentials and/or tokens or badges
1	2	3	4	5

Beliefs and attitude towards digital (health) technology and cybersecurity

Most employees believe that digital (health) technologies are a positive development in healthcare
1	2	3	4	5

Most employees believe that cybersecurity is an important topic for healthcare organisations
1	2	3	4	5

Most employees feel confident in using digital (health) technologies
1	2	3	4	5

Most employees believe that they can contribute to organisational cybersecurity protection
1	2	3	4	5

Most employees believe that they can protect their personal devices etc in the context of cybersecurity
1	2	3	4	5

Cybersecurity behaviour

Most employees comply with the healthcare organisation’s policies regarding passwords (e.g. update passwords, do not share their access credentials and/or other tokens/badges with others)
1	2	3	4	5

Employees have found ways around policies that they see as blocking normal work or creating unnecessary work
1	2	3	4	5

Employees openly address security risks (if/when they become aware of them), such as unlocked computers or devices, leaving confidential information in plain sight, etc.
1	2	3	4	5

Employees discuss non-cybersecure behaviour with colleagues
1	2	3	4	5

Employees ask questions about cybersecurity-related topics
1	2	3	4	5

Employees actively respond to cybersecurity advice
1	2	3	4	5

3. Training aspects

Training group composition

Training participants have had limited to no real life experience with cybercrime or data breaches
1	2	3	4	5

The training participants have no extensive knowledge on IT
1	2	3	4	5

The training participants have no extensive knowledge on cybersecurity
1	2	3	4	5

Training participants within one group are likely to have different levels of experience/expertise with digital (health) technologies
1	2	3	4	5

Training content and structure

The training participants have access to
Personal data (patients)	Medical data (patients)	IT/Infrastructure data	Personnel data	Financial data

The group will likely consist of [x] people per session
1-10	11-25	26 or more	Not decided yet

The group wil consist of
Management level staff	Medical staff	IT staff	Support staff	Board members	Other staff groups or a mix of different staff groups

The training's purpose is to
Refresh existing knowledge	Raise awareness	Teach new skills/knowledge	Other

The training will focus on a preselected topic
Yes	No	I need inspiration!

The trainer will make use of preexisting materials
Yes	No	I need inspiration!

The training will use tools that the organisation already has available
Yes	No	I need inspiration!

The training will make use of a predetermined training.instruction method
Yes	No	I need inspiration!

The training will take place at an
Internal location	External location	Not decided yet

The training will consist of multiple sessions
Yes	No	Maybe

The training will have an online component
Yes	No	Maybe

The organisation will use the services of an external trainer/training developer
Yes	No	Maybe

Assessment

Training participants will be assessed
Yes	No	Maybe

Assessment will occurr with predetermined methods
Yes	No	I need inspiration!

A positive assessment result will result in a reward
Yes, a certificate	Yes, accreditation points	Yes, other forms of recognition	No reward

Evaluation

The training will be evaluated
Yes	No	Maybe

Please answer all the questions. Unanswered questions are marked with a red circle.

Submit Survey