How e-learning can help guard against cyber-attacks

April 20, 2021

A new e-learning program will teach healthcare teams about the extreme and escalating risk of cyber-attacks in the healthcare industry – and how to avoid them.

Saegis, a subsidiary of the Canadian Medical Protective Association (CMPA), recently rolled out its comprehensive Saegis Shield program, an accredited cybersecurity and privacy awareness e-learning program that addresses the unique needs within Canadian healthcare.

As cyber-attacks escalate across all industries around the world, cyber criminals have increasingly put healthcare organizations in their crosshairs. In 2019, even before the pandemic, 48 percent of all security breaches in Canada were in the healthcare space.[1]

Cyber criminals typically strike by taking advantage of untrained and unaware healthcare staff.

“The best defence against a security breach is a well-trained human defence,” said Saegis CEO Margaret Hanlon-Bell. “We have seen research that indicates 99% percent of malware requires human interaction to infect a user device. We have developed an education program for healthcare teams that focuses on the day-to-day risks and how to better avoid them.”[2]

An escalating threat

Before last year, privacy breaches were already an increasing problem across industries and sectors. When the COVID-19 pandemic struck, cyber-attacks in the healthcare space spiked. In the last two months of 2020, attacks on hospitals and healthcare institutions worldwide increased 45 percent – more than double the increase across all industries. The dominant type of attack type against healthcare organizations was ransomware, and Canada saw the biggest increase at 250 percent.[3]

E-learning designed for all staff

Saegis Shield was co-developed with cybersecurity and privacy experts experienced in the perils of healthcare breaches. The program is designed to teach all healthcare providers and staff at hospitals, clinics, and healthcare institutions – including clinic directors, administrators, managers, physicians, and nurses – about security issues and how to avoid breaches.

Program participants initially complete an assessment that establishes a score for their cybersecurity knowledge and practices. Then, at their own pace, they complete a custom curriculum of online modules about cybersecurity best practices and privacy obligations.

Each module covers a critical topic, such as “Email & Patient Health Information” or “Password Security”. The program also includes monthly phishing challenges, through which participants learn to spot malicious email messages. In quarterly webinars, learners can interact with cybersecurity and privacy experts and ask questions. Learners are rewarded by seeing their score improve as they move through the program and complete training and phishing challenges.

By completing just one 15-minute module per week, healthcare professionals can develop cybersafe habits.

Accredited for professional development

Saegis Shield can be used by physicians to support their continuing professional development goals. The e-learning program is accredited by the College of Family Physicians of Canada for 30 Mainpro+ credits under “Assessment”, and by the Royal College of Physicians and Surgeons of Canada for 30 Section 3 credits.

To see a brief demonstration, view the Saegis Shield Video Tour (length: 4 minutes).

For more information, contact

[1]Burke, D. CBC News. Hospitals “overwhelmed” by cyberattacks fuelled by black market.

[2] LPNet Security. More than 99% of cyberattacks rely on human interaction.

[3] Solomon, Howard. IT World Canada. What to do before and after being hit by hackers.

Sign up for the Saegis eNewsletter

Sign up here to receive occasional email updates about Saegis programs, as well as insights into patient safety and practice management.