🚨  NIS2 is now in effect. Security awareness is now legally required in the EU.

Check compliance
Start your free trial
Back to cases overview

How Psyned makes security awareness part of healthcare

Psyned specializes in psychological care. As a healthcare institution, it must comply with strict regulations to process sensitive client information. That takes more than just good technology. “Medical data are among the most sensitive personal data, but I’d rather find my dental X-ray online than my therapist’s notes. That level of vulnerability hits much deeper.”

The organization holds both ISO 27001 and NEN 7510 certifications for information security and quality assurance. Stefan Behrens, Managing Director at Psyned, explains: “Our technical setup is solid, and we regularly conduct pentests. The results always show that our systems are robust. Therefore, with all the technical measures in place, wrong human behavior is among our biggest security risks and the security awareness of our people is a critical factor.

"Medical data are among the most sensitive data, but I’d rather find my dental X-ray online than my therapist’s notes. That level of vulnerability hits much deeper."
Stephan Behrens Managing Director at Psyned

The challenge: From culture to continuity

Psyned has long been committed to safe behavior. “We try to create a safe work environment where mistakes can be discussed. When a data breach occurs, we don’t point fingers. In fact, staff members report incidents themselves and take responsibility toward clients. That’s our culture, and we’re proud of it.”

But culture alone isn’t enough. “We needed a training program that keeps security awareness top of mind continuously, without taking too much time. We knew something quick and to the point would work best for us,” says Stefan.

The solution: An accessible security awareness program

Psyned landed on Guardey for two reasons. First of all, they appreciated the gamification aspect that creates friendly competition between colleagues. Besides that, Guardey’s special training program with healthcare-specific content was a perfect fit. “The training content from the healthcare program aligns better with what staff recognize from daily practice. Not every question is healthcare-specific, but it adds just enough relevance.”

Looking ahead, Psyned also wants to add its own custom training content, such as internal protocols. “In the future, we’d like to incorporate our own policy points, like how we handle passwords or USB sticks.”

By embedding the training in the organization’s existing routines, onboarding was quick. “Guardey is included in our weekly communications. That way, people see it as part of their workweek.”

More than just compliance

The impact of security awareness training goes beyond compliance for Psyned. “What I like is that it actually changes people’s behavior. They recognize phishing better, are cautious with strange links. That’s a gain that extends beyond having the program in place.”

“The training content from the healthcare program aligns better with what staff recognize from daily practice. Not every question is healthcare-specific, but it adds just enough relevance.”
Stephan Behrens Managing Director at Psyned

Meanwhile, Guardey also provides objective evidence of training participation, which is crucial for healthcare institutions under audit. “You need to be able to demonstrate that you’re working on security awareness continuously. Guardey makes that really easy. You can see exactly who did what and when in its reporting section.”

The result: Motivated and competitive employees

Guardey’s impact at Psyned is evident in the stats, says Stefan. More importantly, it also affects employee behavior. “We’ve seen people who don’t want to lose their participation streak. When someone goes on holiday, they sometimes ask if we can pause the training. We don’t, but the fact that they ask tells us that they are motivated.”

The trainings also offer concrete talking points for team discussions. “We use the spider diagram during our IBMF meetings, where we can see which themes are going well and where more attention is needed. That leads to meaningful conversations, not just ticking boxes.”

“Auditors tell us: ‘Oh, you’re using Guardey? Fantastic.’ After that, they only want to quickly check if it’s actively being used. Then it’s on to the next topic of the audit.”
Stephan Behrens Managing Director at Psyned

Finally, Guardey adds value during audits. “Auditors tell us: ‘Oh, you’re using Guardey? Fantastic.’ After that, they only want to quickly check if it’s actively being used and it’s on to the next topic of the audit. That’s really valuable to us.”

For Psyned, Guardey is more than just a training solution. It has become a standard part of the workweek. “The program is accessible, fun, and educational. People talk about it, actively participate, and are more aware of risks. For us, that’s exactly what we needed.”

Don’t let hackers outsmart you

Make sure your employees are prepared to recognize security threats with Guardey. Start your 14-day free trial today.

READY TO GET STARTED?

Join 500+ businesses already protecting their teams with Guardey

Start your free 14-day trial
14 days free · No credit card · Full access · Setup in 5 minutes
Or schedule a personalised demo