University hospital launches tender for SOC monitoring services
New tender seeks SOC services to secure hospital networks as healthcare accelerates e-services and adapts to stricter cybersecurity obligations.
New tender seeks SOC services to secure hospital networks as healthcare accelerates e-services and adapts to stricter cybersecurity obligations.
Follow Tenderlake on LinkedIn for concise insights on public-sector tenders and emerging procurement signals.
Samodzielny Publiczny Zakład Opieki Zdrowotnej Centralny Szpital Kliniczny Uniwersytetu Medycznego w Łodzi has gone to market for Security Operations Centre (SOC) services to monitor its network and server infrastructure. Published on 4th March 2026, the contract forms part of an e-services implementation project and shows how hospitals are reshaping their cybersecurity in line with tighter obligations under the EU’s NIS 2 Directive.
The notice, titled SOC Service for Hospital Infrastructure, covers the provision of SOC services to monitor the hospital’s network and server infrastructure. The service is explicitly linked to an e-services implementation project, signalling that security monitoring is being built into the digital services stack rather than added later.
The summary states that detailed requirements are set out in an appendix to the tender documents. While those details are not described in the notice text, comparable procurements in the sector suggest that such appendices typically define the scope of monitoring, incident handling processes and reporting expectations in depth.
As the clinical hospital of the Medical University in Łódź, Samodzielny Publiczny Zakład Opieki Zdrowotnej Centralny Szpital Kliniczny Uniwersytetu Medycznego w Łodzi operates complex IT systems that support both care delivery and teaching. Moving to a dedicated SOC model for its network and server estate marks a shift towards more formal, continuously managed cybersecurity, in line with the direction set by NIS 2 for essential services and public bodies.
The Łódź tender sits within a much wider push to couple hospital digitalisation with stronger security controls. In February 2026, Szpital Powiatowy im. Alfreda Sokołowskiego w Złotowie issued the Digital Transformation at County Hospital notice. That project focuses on implementing e-services to enhance healthcare quality through IT system integration, digitisation of medical documentation, cybersecurity improvements and the introduction of AI solutions.
Similar patterns appear elsewhere. The Digital Services and Cybersecurity Solutions contract at Uniwersytecki Szpital Kliniczny im. Fryderyka Chopina w Rzeszowie, published in December 2025, combines the development of digital services with the supply of server equipment, software and cybersecurity solutions. The structure of that tender underlines how new digital capabilities and security upgrades are increasingly procured as a package.
In February 2026, Samodzielny Publiczny Zakład Opieki Zdrowotnej w Przeworsku launched the Cybersecurity Services and Training procurement. It combines SOC services with author supervision, cybersecurity training, adaptation of information security management system (ISMS) documentation and a final audit, all aimed at enhancing digital services in healthcare.
Funding instruments are also pushing security to the front of digital projects. The Software and Cybersecurity Services for Hospital tender at the hospital in Krynica-Zdrój, published in March 2026, explicitly links software delivery and cybersecurity services to a project funded by the National Reconstruction and Resilience Plan. Here, digitalisation and protection are treated as inseparable components of a single investment.
Against this backdrop, the Łódź SOC contract is notable for being embedded directly in an e-services programme. Rather than treating monitoring as a separate IT add-on, the hospital is signalling that cyber resilience is a core design principle for its digital health services.
A cluster of recent notices shows SOC capabilities moving rapidly into the healthcare mainstream. In November 2025, Centrum Onkologii Ziemi Lubelskiej im. św. Jana z Dukli published the Data Security Improvement for Medical Systems tender, focused on enhancing data security in medical systems through better workstation and server protection and the establishment of a SOC service.
In December 2025, Wojewódzki Specjalistyczny Szpital Dziecięcy im. św. Ludwika w Krakowie went further with its Cybersecurity Enhancement Services procurement, combining SOC implementation with training, penetration testing, vulnerability scanning, licence provision and ISMS documentation adjustments.
Other hospitals are using SOC as part of broader security system overhauls. Zespół Zakładów Opieki Zdrowotnej w Ostrowie Wielkopolskim, for example, is procuring an IT Security System Implementation that includes an IT security monitoring system, an information security management system, cybersecurity training and workshops, and a security audit.
By the end of December 2025, DOLNOŚLĄSKI SZPITAL SPECJALISTYCZNY IM. T.MARCINIAKA-CENTRUM MEDYCYNY RATUNKOWEJ had issued a SOC/SIEM Services Procurement for SOC/SIEM services and a vulnerability scanner to deliver continuous monitoring of information systems and IT infrastructure as part of a digital transformation initiative.
In January 2026, Wojewódzki Szpital Specjalistyczny w Legnicy followed with an Integrated Cybersecurity System Procurement covering an integrated XDR system, ongoing maintenance, outsourced SOC functions and training for IT staff, all explicitly framed as compliant with relevant legal regulations.
More recent notices demonstrate how SOC is being embedded into hospital networks and regional infrastructures. The Network Modernization and SOC Purchase project at Wielospecjalistyczny Szpital – Samodzielny Publiczny Zespół Opieki Zdrowotnej w Zgorzelcu, announced in February 2026, combines network modernisation, including SD-WAN across multiple locations, with the purchase of a SOC system to improve the security of medical documentation.
In March 2026, SZPITAL POWIATOWY W ZAWIERCIU launched a Security Operations Center Implementation for a SOC that will provide 24/7 monitoring of cybersecurity threats and breaches, alongside a SIEM system, as part of a digital transformation project.
Alongside these, tenders such as the SIEM System and SOC Services notice for Samodzielny Publiczny Zakład Opieki Zdrowotnej w Choszcznie and the Security Operations Center Services tender for Szpital Miejski św. Jana Pawła II w Elblągu show a demand for comprehensive SOC solutions that cover delivery, implementation, configuration, launch and maintenance of monitoring systems, often bundled with staff training.
Within this trend, the Łódź hospital’s contract stands out for its concise focus on SOC services for network and server monitoring, embedded within an e-services project. The emphasis in the published summary is on the service layer rather than on hardware procurement or a wholesale redesign of the security architecture.
The move towards SOC services is not limited to healthcare. In November 2025, Lietuvos Respublikos aplinkos ministerija published the SOC Systems Configuration and Maintenance notice, seeking deployment, maintenance and security analytics services for SOC tools across institutions under the ministry, with a focus on a National SOC/CSIRT modular system.
In January 2026, Państwowa Inspekcja Pracy Główny Inspektorat Pracy tendered for SOC Service Procurement that combines the launch and maintenance of a SOC with automation of security processes, attack detection using honeypot technology and secure user access management. This points to an appetite for more advanced threat detection and orchestration capabilities in public administration.
Energy and central government bodies are moving in the same direction. In March 2026, SPP - distribúcia, a.s. advertised a SOC Service for IT Security contract focused on integrating SOC services into its environment, while Ministerstwo Aktywów Państwowych launched a SOC Service Implementation notice to implement and configure security monitoring infrastructure and provide SOC services for continuous monitoring of its IT infrastructure.
Financing mechanisms also matter. The Server Room Monitoring System Delivery at Mazowiecki Szpital Bródnowski, announced in February 2026, will improve cybersecurity using funding from the European Union and local government. Together with projects backed by national reconstruction plans, such notices indicate that both EU and domestic funds are being used to lift baseline security capabilities.
Across these examples, institutions repeatedly stress continuous monitoring, automation, legal compliance and resilience of digital services. That language aligns with the trajectory of the NIS 2 Directive, which tightens cybersecurity and incident management obligations for essential and important entities and is encouraging buyers to formalise SOC capabilities rather than relying only on internal IT teams.
For suppliers, the Łódź hospital’s SOC Service for Hospital Infrastructure notice is another sign that demand for managed monitoring of critical health IT is growing quickly. The detailed appendix to the tender is likely to spell out expectations on integration with existing systems, incident escalation paths and the interface between the external SOC and the hospital’s own IT staff.
Observers of the healthcare cybersecurity market will be watching whether the award follows the pattern seen in other hospitals, where SOC services are increasingly bundled with SIEM or XDR platforms, vulnerability management, training and formal ISMS updates. Even if this contract focuses primarily on SOC monitoring of network and server infrastructure, the wider procurement landscape suggests that hospitals see it as one component of a broader, regulation-driven security architecture.
As NIS 2 takes hold and e-services programmes mature, further tenders for SOC, SIEM and integrated cybersecurity solutions across healthcare and other essential sectors are likely to follow. The outcome of this competition in Łódź will offer another reference point for how large clinical centres choose to organise and source their security operations in the years ahead.
Follow Tenderlake on LinkedIn for concise insights on public-sector tenders and emerging procurement signals.