IBA publishes article by Manuel Durães Rocha and Simão de Sant’Ana on the NIS2 Directive

Manuel Durães Rocha and Simão de Sant’Ana are the authors of an article on the application of the NIS2 Directive to the healthcare sector, published by the International Bar Association (IBA).

Entitled “The impact of the NIS2 Directive: will hospital CEOs have to become cybersecurity experts?”, the piece focuses on the direct responsibilities of hospital board members, including CEOs, in relation to cybersecurity.

With the entry into force of this directive, which succeeds the original 2016 NIS Directive, managers will no longer be able to fully delegate cybersecurity responsibilities to specialised technicians. Instead, they will be personally accountable for ensuring their organisation’s compliance with the legal requirements in this area.

The directive provides for severe penalties in the event of non-compliance, including substantial fines for both institutions and individual directors, as well as the potential suspension of licences and management functions.

The authors argue that, under these new obligations, hospital leaders will need to become knowledgeable in cybersecurity in order to meet legal requirements and protect their institutions.

Read the full article here.