Kazakhstan continues to make significant progress in digitalization, particularly in the healthcare sector, where the Ministry of Health of the Republic of Kazakhstan actively supports innovation and the development of cybersecurity standards.
Within this framework, Zhalgas Temirbekov, PhD in Jurisprudence and Teaching Professor at MNU, conducted a large-scale national study with the support of the Ministry of Health. The research surveyed more than 14,000 healthcare workers from all regions of Kazakhstan to assess their level of cyber literacy and preparedness for digital threats. Respondents included medical doctors, nurses, and administrative personnel from public, private, and research healthcare institutions.
Key Findings
The study revealed that although the digital transformation of Kazakhstan’s healthcare system is progressing rapidly, cybersecurity remains a critical area requiring systemic and institutionalized measures.
Only 30% of respondents reported confidence in the protection of their computers against cyberattacks.
Between 31% and 39% indicated they were unaware or unsure of the risks associated with viruses, trojans, and DoS attacks.
50% of respondents noted that their organizations have a sufficient number of IT specialists; however, less than half receive regular cybersecurity or “cyber hygiene” training.
A positive correlation was observed between the frequency of training and higher levels of cyber awareness and confidence in data protection.
Importantly, 63% of healthcare workers expressed support for the adoption of a sector-specific law on cybersecurity in healthcare, underscoring the need for comprehensive legal regulation.
Analytical Conclusions
The study identified several critical challenges:
- A shortage of qualified IT personnel continues to pose cybersecurity risks for healthcare organizations.
- Cybersecurity training and regulatory processes lack sufficient institutionalization.
- Regular professional development and the promotion of a “cyber hygiene” culture remain essential for strengthening digital resilience in the healthcare system.
Policy and Legal Recommendations
Based on the findings, the research proposes the following measures:
- Implement mandatory cybersecurity training for all categories of healthcare workers;
- Develop and adopt internal protocols for responding to cyber incidents;
- Strengthen IT staffing, particularly in public healthcare institutions;
- Draft and enact a dedicated law on cybersecurity in the healthcare sector to ensure accountability and enhance data protection.
The results of this study highlight the growing importance of cybersecurity as a fundamental component of Kazakhstan’s digital health agenda.
The full version of the study is available here.
Learn more about Zhalgas Temirbekov here.
