Health body launches tender for 24/7 SOC and SIEM services
Tender seeks round-the-clock SOC and SIEM support for a healthcare project, reflecting rising cybersecurity expectations as clinical services move online.
Tender seeks round-the-clock SOC and SIEM support for a healthcare project, reflecting rising cybersecurity expectations as clinical services move online.
Follow Tenderlake on LinkedIn for concise insights on public-sector tenders and emerging procurement signals.
Zespół Opieki Zdrowotnej has gone to market for a new 24/7 security operations centre and SIEM platform, aiming to strengthen cyber defences around a healthcare project. The contract for SOC Service and SIEM Tool comes as hospitals and other public bodies respond to tougher cybersecurity expectations and a rapid shift towards digital health services.
On 9th April 2026, Zespół Opieki Zdrowotnej published a contract notice for the SOC Service and SIEM Tool. The buyer is seeking implementation, configuration and ongoing maintenance of a Security Information and Event Management system, together with round-the-clock Security Operations Center services. The SOC is expected to monitor and handle security incidents continuously across the healthcare project.
For a healthcare provider, this combination is about more than compliance. Clinical systems run at all hours and hold sensitive patient data, so breaches or outages can have immediate operational and safety consequences. Building a dedicated monitoring and incident-handling capability is a way to bring those risks under closer control.
Although the notice is short on technical detail, its scope covers the full lifecycle of a SIEM deployment: from initial implementation and configuration through to maintenance and the delivery of 24/7 services. Projects of this type typically involve integrating logs from key applications and infrastructure, configuring alerting rules, triaging incidents and coordinating responses with in-house IT teams. By bundling implementation and maintenance, the buyer is signalling a preference for an end-to-end service rather than piecemeal tools.
This notice sits within a wider wave of hospital procurements for SOC and SIEM capabilities. In December 2025, DOLNOŚLĄSKI SZPITAL SPECJALISTYCZNY IM. T.MARCINIAKA-CENTRUM MEDYCYNY RATUNKOWEJ launched a tender for SOC/SIEM Services Procurement, combining SOC/SIEM services with a vulnerability scanner to provide continuous monitoring of information systems and IT infrastructure as part of a digital transformation initiative for a healthcare facility. In the same month, Zespół Zakładów Opieki Zdrowotnej w Ostrowie Wielkopolskim advertised an IT Security System Implementation project covering an IT security monitoring system, an information security management system, cybersecurity training and a security audit.
The pattern continues into 2026. In January 2026, Wojewódzki Szpital Specjalistyczny w Legnicy issued an Integrated Cybersecurity System Procurement covering an integrated XDR system, SOC function outsourcing and staff training, while Wojewódzki Szpital Zespolony im. dr. Romana Ostrzyckiego w Koninie went to market for Digital Services and Cybersecurity Development that includes expanding its hospital information system, supplying workstations and delivering an EDR/XDR platform. By February 2026, SAMODZIELNY PUBLICZNY ZAKŁAD OPIEKI ZDROWOTNEJ W CHOSZCZNIE was seeking SIEM System and SOC Services with continuous monitoring, incident response and a password manager, and Samodzielny Publiczny Zakład Opieki Zdrowotnej Centralny Szpital Kliniczny Uniwersytetu Medycznego w Łodzi had published a tender for a SOC Service for Hospital Infrastructure to monitor network and server infrastructure as part of an e-services project.
Further contracts underline how endpoint protection and SOC are now tied closely to digital health. In March 2026, Szpital Dziecięcy Polanki im. Macieja Płażyńskiego w Gdańsku sp. z o.o. advertised Antivirus Software and Security Services, combining antivirus with EDR/XDR capabilities, integrated SOC services and IT personnel training. On 2nd April 2026, Regionalny Szpital Specjalistyczny im. dr Władysława Biegańskiego launched a tender for Comprehensive Cybersecurity Service Implementation, seeking a 24/7 cybersecurity service using EDR/XDR and SIEM, plus vulnerability scanning, as part of a broader effort to enhance digital and cybersecurity services in a healthcare setting.
Taken together, these projects feature a common mix of components:
Although hospitals dominate this procurement wave, other public institutions are moving in the same direction. On 16th January 2026, Państwowa Inspekcja Pracy Główny Inspektorat Pracy issued a contract notice for SOC Service Procurement, covering the launch and maintenance of a Security Operations Center, automation of security processes, attack detection using honeypot technology and secure user access management. The scope points to a mature security operations function rather than a narrow monitoring toolset.
In March 2026, GÓRNOŚLĄSKO - ZAGŁĘBIOWSKA METROPOLIA sought Security Operations Center Services that include implementing a unified SIEM/SOAR/XDR security platform for continuous monitoring, incident detection and response, process automation and proactive measures. On 31st March 2026, Sieć Badawcza Łukasiewicz – Instytut Lotnictwa published a notice for EDR System Subscription and Support, seeking a subscription to an endpoint and server protection system together with implementation and maintenance services.
These tenders suggest that SOC and advanced endpoint protection are increasingly being treated as shared, strategic capabilities across sectors, rather than niche tools reserved for the largest organisations.
Regulation is an important backdrop. The NIS 2 Directive expands cybersecurity obligations on organisations operating key services, raising expectations around monitoring, incident handling and governance. Procurements that combine SIEM, 24/7 SOC services and structured audits, such as those described above, align with this shift towards demonstrable, continuous cyber risk management.
Funding programmes are also steering priorities. The Wojewódzki Szpital Specjalistyczny im. Błogosławionego księdza Jerzego Popiełuszki we Włocławku has tied delivery and implementation of information systems and comprehensive cybersecurity services to a project Information Systems and Cybersecurity Services co-financed by a national recovery programme. Samodzielny Publiczny Zakład Opieki Zdrowotnej Szpital im. dr J.Dietla w Krynicy-Zdroju is taking a similar approach, with Software and Cybersecurity Services for Hospital funded by a National Reconstruction and Resilience Plan that links digitalisation and cybersecurity in a single project.
In both cases, cybersecurity is embedded from the outset in wider digital modernisation efforts, rather than added later as a bolt-on. The new SOC and SIEM services sought by Zespół Opieki Zdrowotnej appear to sit at the same crossroads of regulatory pressure and investment in digital health.
For suppliers and policymakers, these notices offer a glimpse of where public-sector cybersecurity is heading. Tenders are moving away from isolated hardware purchases towards integrated packages that blend SIEM platforms, SOC services, EDR/XDR tools, vulnerability scanning and training into a single, managed offering.
The implementation, configuration and maintenance of the new SIEM system for Zespół Opieki Zdrowotnej will show how far healthcare providers can rely on centrally managed security operations and continuous monitoring. Future notices will indicate whether this model becomes the norm across healthcare and other sectors facing expanding cybersecurity obligations.
Follow Tenderlake on LinkedIn for concise insights on public-sector tenders and emerging procurement signals.