- Case Study -

Sophiahemmet Hospital

Sophiahemmet is the first hospital in Sweden to implement a digital autonomous information security policy.




Globally, the healthcare industry has experienced more security breaches than any other industry, so healthcare companies are leading the way in implementing the most comprehensive cybersecurity solutions. Explore how UBA Networks, together with Ava Cyber-Reveal, delivered Europe’s first autonomous information security policy for healthcare providers.



Sophiahemmet is a private hospital at Norra Djurgården in Stockholm, Sweden. It is associated with the Sophiahemmet University College. Its connection with the royal family goes back to 1884 when nursing education sponsored by Queen Sophia was still being conducted at the university.

HubSpot Video





Healthcare providers under one roof



From a proof of concept to the first implemented autonomous information security policy.

Sophiahemmet started with a proof of concept in August 2019. The POC intended to show the Ava Reveal cyber platform's ability and build the first digital autonomous information security policy for healthcare providers. 


  • Map the paper infosec policy to a fully digital autonomous information security policy. 
  • Secure older IT systems with sensitive patient records. 
  • Proactively and autonomously educate users before an incident can occur.
  • Get compliance reports together with Ava analyst service to keep the information security policy as a living digital document for the entire organization.


UBA Networks worked closely with the AVA team to map Sophiahemmet's paper information security policy to the AVA platform. 

Ragnar Sethson "I get all my statistics and reports in the AVA platform before my management reviews."

Sophiahemmet can now proactively and fully autonomously educate and help employees before a potential data incident occurs. To secure the older medical record system, we wrote a policy and mapped it directly to the AVA platform. This policy now ensures all sensitive data from this system by educating employees when a policy violation is triggered. Examples of the procedure include copying data from one database to another, copy PII information to USB or external cloud storage, print screens, and printing and attaching sensitive data in any mail client. Like Outlook, Gmail, or any other email clients.


HubSpot Video


Together with the Ava analyst team, Sophiahemmet gets in-depth quarterly reviews. These reports give Sophiahemmet insight into user behavior changes and keep their information security policy dynamic and living.


AVA Reveal is an award-winning next-gen cybersecurity platform that helps the organization to get the whole picture. The Ava Reveal platform comes with over 400 prewritten policies and is growing with every update on the Ava Reveal platform.   


Are you interested in how we can help your organization? Book a demo with us and let us hear your challenges and let us give suggestions on how to best implement a digital autonomous information security policy in your organization.   

Book a demo

Ensuring PHI compliance for healthcare