Incident Correction

In case a healthcare institution has been affected by an ICT security incident, Z-CERT will offer advice on the approach and best resolution method of the incident. Additionally, Z-CERT can conduct forensic research into the Modus Operandi, in order to minimize technical and financial damage as well as any reputation risk.


On a periodic basis Z-CERT checks participants' IP addresses and domain names for multiple blacklists (viruses, worms, botnets, etc.). In case any outcome on this comes back as positive, Z-CERT will immediately inform the participant(s) and offer advice.


Z-CERT will inform its participants of any vulnerabilities detected in medical devices, medical networks and medical applications. To those participants affected by a vulnerability, Z-CERT will provide advice on how to best deal with the situation. Z-CERT will also be sending out alerts regarding possible threats and current attacks.

Knowledge and Expertise

Z-CERT shares its knowledge (through the release of whitepapers, etc) with its participants, facilitates meetings for its participants, as well as hosts network events and theme sessions.

Handling responsible disclosure Notifications

Any vulnerabilities detected in healthcare facility systems, in medical networks and in medical devices by third parties, can be reported to [email protected] (encrypted with our PGP-key highly preferred). Upon receipt of such report, Z-CERT will immediately reach out the participant in order to correct the detected vulnerability, and will act as first point of contact to the detector.