Schedule a Demo
Back to cases overview

Roosevelt Kliniek keeps patient data safe with security awareness gaming

About Roosevelt Kliniek

The Roosevelt Kliniek is an institution for specialty medical care in gynecology, dermatology, cosmetic dermatology, surgery, and skin therapy. They have locations in Dutch cities Leiden, Delft, and Monster, and their team consists of 33 employees.


“We are a healthcare organization that cares about the privacy of our patients,” says Kim van Polanen, operational manager at Roosevelt Kliniek. “That’s why a strong cyber security strategy is essential for us. We’re already covered on the technological side, but believed we needed to invest into the security awareness of our employees too.”

“Most solutions we found online were focused primarily on phishing prevention. However, we were looking for a training solution that covered a wider variety of topics, such as ransomware, password security, and so on,” says van Polanen. “As a medical institution, we have specific security measurements in place to protect patient data. This includes how we control access to our computers, the place of personal electronic devices at work, and how to act in case of a cybersecurity-related issue. So we wanted to be able to customize the training content to add that information.”


“With help from Guardey, we first set up a phishing simulation,” says van Polanen. “The Guardey team created a fake email tailored to our organization, with the HR solution we use as the sender.” Because this was a phishing test with real social engineering, more employees clicked on the fake phishing link than during their usual annual phishing tests. “These results helped us to convince our employees that regular cyber security training was necessary.”

With Guardey, Roosevelt Kliniek now trains security awareness with gamification. During weekly challenges that take up to three minutes to complete, they learn about topics such as phishing, CEO fraud, password security, and more. “Soon, we’ll also start adding our custom content,” says van Polanen.

The reactions from the team about using Guardey have been positive. “Guardey is a fun way to learn about cyber security because you’re playing a game. Other solutions we tested used a lot of long-winded videos, which made for a passive learning experience. We also felt people could easily just turn on the video and play a game on their phones until the video was over. You can’t slack off with Guardey.”


Van Polanen defined three main values of using Guardey.

Custom content

“Guardey will enable us to add custom content, including our own cyber security regulations. This is key for us,” says van Polanen.

NEN 7510 compliance

The NEN 7510 directive, which was developed especially for Dutch healthcare organizations, sets a framework that implies healthcare organizations should invest in the security awareness of their employees. “With Guardey, we now also comply with this standard, which is something we highly value.”

High participation rate

“In the first months of using Guardey, we’ve had a participation rate of 95%”, says van Polanen. “It doesn’t take us much effort to convince the team to take on their weekly challenges.”

Don’t let hackers outsmart you

Make sure your organization is prepared to recognize cyber threats with Guardey. Start your 14-day free trial today.

Frequently Asked Questions

What is gamification?

Gamification is adding game elements into non-game environments, such as security awareness training, to increase participation and foster active learning.

What are the benefits of gamification in security awareness training?

Traditional security awareness training can often be dry and boring. With gamification, the complex subject matter is transformed into an engaging and memorable experience.

By integrating game elements such as challenges, quizzes and rewards, it incentivizes users to actively learn. This makes the training more enjoyable and fosters a sense of competition and achievement. This combination drives better retention and application of cyber security knowledge.

Why is it important to train security awareness on a weekly basis?

Research shows that up to 90% of the learnings from yearly or even quarterly training are forgotten within a few weeks. Guardey was built to keep its users aware of cyber threats 365 days a year. The game comes with short, weekly challenges that slowly builds up the user’s knowledge and eventually drives lasting behavior change.

Which topics are covered in Guardey’s security awareness game?

Guardey covers a wide array of topics to train users about all currently relevant cyber threats, put together in collaboration with ethical hackers and educationalists. The topics covered include phishing, remote work, password security, CEO fraud, ransomware, smishing, and much more.

How much time do the weekly challenges take?

Every challenge takes up to three minutes to complete.

Can I use Guardey to comply with the ISO27001, NIS2, and GDPR security awareness policies?

Yes. ISO27001, NIS2, and GDPR all require that all employees receive appropriate security awareness training. Guardey is always up-to-date with the latest cyber threats, policies, and procedures.

Is security awareness training important for all employees, or just specific roles?

Cybersecurity awareness training is crucial for all employees, not just specific roles. Every staff member can potentially be a target or an unwitting entry point for cyber attacks. Training helps create a security-focused culture and minimizes risks for the entire organization.

While certain roles may require specialized training, a foundational level of training should be accessible to everyone.

In which languages is Guardey available?

Guardey is available in English, Dutch, Italian, French, Spanish, German, Polish, Swedish and Danish.

Want to ask more questions?
Get a personal demo

Get the latest resources & news, delivered directly to your inbox.

Anouk CTA Guardey website

Let's protect your business!

  • Try completely risk free
  • 24/7 support
Start 14-day free trial