<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=2171572209666742&amp;ev=PageView&amp;noscript=1">

How Privatklinik Wyss ramped up information security

A private hospital in Münchenbuchsee, Bern, Privatklinik Wyss is faced with constantly increasing security requirements. This is why their ICT department was looking for a partner to advise and support them in achieving the best possible data protection for their systems and patient records, the heart of their business. 


«Adnovum helped me get familiar with the topic of information security. Understanding what is important, having a tailor-made concept at hand, and being able to put everything into practice is a tremendous added value.»

Markus Gretler

Head of ICT, member of the extended management board, Privatklinik Wyss

The solution 

Today, Privatklinik Wyss has an Information Security Management System (ISMS) in place as well as a comprehensive security concept at hand – both tailored to their needs and aligned with ISO standard 27001. 

 The concept not only serves as proof that Privatklinik Wyss meets the requirements of cantonal authorities, but also allows for effective information security measures. It will serve as a reference going forward, providing formal descriptions that Privatklinik Wyss can use to apply for ISO 27001 if desired. 

 On a purely technical level, the organization can now rely on a configuration management database (CMDB) serving as a solid foundation that lists all of their applications, including their current status.  

  Plus, to raise their awareness of information and cybersecurity, employees were shown in a live hacking session how a phishing attack works – from reception of the e-mail, data encryption, and ransom payment to data decryption.  

Non-negotiables for Privatklinik Wyss:

Security: The new ISMS concept resulting from on an in-depth information security and technical analysis allowed Privatklinik Wyss to implement measures exactly where needed to protect their systems and data. 

Total control: Thanks to the concept and the CMDB, Privatklinik Wyss can constantly monitor their security situation and progress 

Being future-proof: As the ISMS concept is aligned with ISO 27001, Privatklinik Wyss can restructure further workflows to comply with this standard if they want to apply for it. 

How we got there

In the beginning there was a wealth of ideas on how to implement information security. And two big question: Where do we start? Who can provide practical advice?  

 Privatklinik Wyss chose Adnovum, a technology-agnostic company. They started by developing a common understanding of information security. Based on an in-depth analysis of internal systems and data, they elaborated a comprehensive ISMS concept, including a CMDB after an assessment of the firewall and backup. The next step was to prioritize the defined measures and package them into workflows. 

 Privatklinik Wyss worked through these packages on a topic-specific basis, implementing measures to enhance information security and also extended their network. Whenever they identified security issues, Adnovum provided support and/or recommended third parties. Last but not least, Adnovum and Privatklinik Wyss raised their employees’ awareness for security in a live hacking session. 

«I chose Adnovum because they are technology-agnostic. My gut feeling that they are a perfect match was right: Over more than six months, we always received the advice and support we needed to move forward step by step.»

Markus Gretler

Head of ICT, member of the extended management board, Privatklinik Wyss 

This is our client 

Privatklinik Wyss is a psychiatric hospital with approx. 100 beds for inpatients, a day-care clinic and an outpatient area. The hospital treats people in various psychiatric disciplines, among them depression and anxiety. Patients include both residents from Canton Bern and people from outside the canton. Privatklinik Wyss is known for its family atmosphere and a modern infrastructure with comprehensive additional services.