Lab technician (Hospital care)
start
Disclaimer
The videos in the ESCAPE project were developed using a combination of digital and automated creative tools (AI). As a result, some visual elements may vary between videos.
In particular, the appearance of characters, including their uniforms, physical features, and overall presentation, may not accurately reflect the typical appearance of care or health workers in your home country or local context.
These variations are a technical result of the AI tools used in the production process and do not affect the educational content or objectives of the ESCAPE project.
Scenario 1:
The Silent Threat: A Cybersecurity Challenge in Healthcare
watch video
Completed
Congratulations, you have successfully completed
❌ Open the file, but only after disconnecting the computer from the internet to prevent malware from spreading: 👉 Why is this wrong? While disconnecting from the internet might slow down the spread, opening a malicious file still puts the system at risk. The best action is to avoid opening it entirely.
❌ Download and open the file on a different work computer to test if it is harmful before opening it on her own workstation: 👉 Why is this wrong? This could compromise another system instead of the original one, worsening the situation. No hospital computer should be used for “testing” suspicious files
Report the suspicious email to IT or the hospital’s security team before taking any action: 👉 Why? Reporting potential phishing attempts helps IT identify and block threats before they spread. Even if Elena wasn’t sure, flagging the email would allow experts to assess its legitimacy.
Check for subtle signs of phishing, such as slight misspellings in the sender’s email address or unusual wording:👉 Why? Phishing emails often contain small but critical mistakes, such as incorrect grammar, slight changes in the sender’s address (e.g., "dr.ruiz@hospital-eu.com" vs. "dr.ruiz@hospita1-eu.com"), or a sense of urgency to pressure the recipient into acting quickly.
Call Dr. Ruiz or the IT department to confirm whether this is a legitimate request before opening the attachment:👉 Why? Verifying unusual requests through a direct call is a best practice in preventing phishing attacks. Attackers often disguise themselves as trusted colleagues to trick staff into opening malicious files.
Correct Actions
CorrectActions
Correct Actions
Incorrect Action
Incorrect Actions
Next
Scenario 2:
If the Threat Becomes Reality: A Cybersecurity Breach Unfolds
wathc video
Test 2
Completed
Congratulations, you have successfully completed
❌ Alejandro should avoid discussing the breach with coworkers to prevent rumors: Controlled communication is important, but employees should be made aware through official channels, not hidden. Alejandro should follow official instructions about communications
Alejandro should immediately unplug his computer from the network:👉✅ Disconnecting from the network can help prevent the malware from spreading to other systems.
❌ Alejandro should delete the ransomware message to hide his mistake: 👉 Deleting evidence can make it harder for IT to analyze the breach and fix it properly. Always report everything openly
❌ Alejandro should attempt to pay the ransom himself to quickly recover the files: 👉 Paying the ransom is strongly discouraged—it does not guarantee recovery and encourages criminal behavior. Always escalate to leadership and legal teams.
Click to Check Correct Actions
Alejandro should document exactly what he clicked and what happened afterward: 👉 Documentation helps forensic investigators understand how the attack happened and what the next steps should be.
Alejandro must report the incident to the hospital’s IT and security team right away: 👉✅ Immediate reporting gives the IT team a better chance to contain and assess the damage quickly.
Correct Actions
CorrectActions
Incorrect Action
Incorrect Action
Incorrect Actions
Next
Scenario 3:
After the storm
watch video
Test 2
Completed
Congratulations, you have successfully completed
❌ It is impossible for healthcare institutions to recover from reputational damage after a cyberattack: While recovery can be difficult, with honest communication and strong improvements, institutions can regain trust over time.
❌ Cybersecurity awareness training should only be mandatory for IT staff: 👉 Everyone—not just IT—needs cybersecurity awareness, especially in healthcare where sensitive data is handled daily.
❌ Employees who unintentionally cause breaches should always be immediately fired: 👉 Immediate firing isn’t always the solution. Understanding mistakes and improving processes is often more effective for long-term protection.
Quick reporting of suspicious incidents can help minimize damage during a cyberattack: 👉✅ Rapid reporting can help IT teams contain threats before they spread widely.
After a cyberattack, reviewing and improving hospital policies is as important as fixing technical issues: 👉 Strong policies and updated procedures are crucial to preventing future incidents, just like fixing technical vulnerabilities.
Transparency with patients and authorities after a data breach is crucial to rebuilding trust: 👉✅Being transparent after a breach helps rebuild trust with patients, staff, and regulators.
Click to Check Correct Actions
Correct Actions
CorrectActions
Incorrect Action
Incorrect Action
Incorrect Actions
Next
Completed
Congratulations, you have successfully completed
Lab technician (Hospital care)
Bhupender Singh
Created on August 18, 2025
Start designing with a free template
Discover more than 1500 professional designs like these:
View
Math Mission
View
Secret Code
View
Museum Escape Room
View
Simple corporate escape room
View
Chaotic Kitchen Escape Room
View
Vibrant Breakout
View
Reboot Protocol
Explore all templates
Transcript
Lab technician (Hospital care)
start
Disclaimer
The videos in the ESCAPE project were developed using a combination of digital and automated creative tools (AI). As a result, some visual elements may vary between videos. In particular, the appearance of characters, including their uniforms, physical features, and overall presentation, may not accurately reflect the typical appearance of care or health workers in your home country or local context. These variations are a technical result of the AI tools used in the production process and do not affect the educational content or objectives of the ESCAPE project.
Scenario 1:
The Silent Threat: A Cybersecurity Challenge in Healthcare
watch video
Completed
Congratulations, you have successfully completed
❌ Open the file, but only after disconnecting the computer from the internet to prevent malware from spreading: 👉 Why is this wrong? While disconnecting from the internet might slow down the spread, opening a malicious file still puts the system at risk. The best action is to avoid opening it entirely.
❌ Download and open the file on a different work computer to test if it is harmful before opening it on her own workstation: 👉 Why is this wrong? This could compromise another system instead of the original one, worsening the situation. No hospital computer should be used for “testing” suspicious files
Report the suspicious email to IT or the hospital’s security team before taking any action: 👉 Why? Reporting potential phishing attempts helps IT identify and block threats before they spread. Even if Elena wasn’t sure, flagging the email would allow experts to assess its legitimacy.
Check for subtle signs of phishing, such as slight misspellings in the sender’s email address or unusual wording:👉 Why? Phishing emails often contain small but critical mistakes, such as incorrect grammar, slight changes in the sender’s address (e.g., "dr.ruiz@hospital-eu.com" vs. "dr.ruiz@hospita1-eu.com"), or a sense of urgency to pressure the recipient into acting quickly.
Call Dr. Ruiz or the IT department to confirm whether this is a legitimate request before opening the attachment:👉 Why? Verifying unusual requests through a direct call is a best practice in preventing phishing attacks. Attackers often disguise themselves as trusted colleagues to trick staff into opening malicious files.
Correct Actions
CorrectActions
Correct Actions
Incorrect Action
Incorrect Actions
Next
Scenario 2:
If the Threat Becomes Reality: A Cybersecurity Breach Unfolds
wathc video
Test 2
Completed
Congratulations, you have successfully completed
❌ Alejandro should avoid discussing the breach with coworkers to prevent rumors: Controlled communication is important, but employees should be made aware through official channels, not hidden. Alejandro should follow official instructions about communications
Alejandro should immediately unplug his computer from the network:👉✅ Disconnecting from the network can help prevent the malware from spreading to other systems.
❌ Alejandro should delete the ransomware message to hide his mistake: 👉 Deleting evidence can make it harder for IT to analyze the breach and fix it properly. Always report everything openly
❌ Alejandro should attempt to pay the ransom himself to quickly recover the files: 👉 Paying the ransom is strongly discouraged—it does not guarantee recovery and encourages criminal behavior. Always escalate to leadership and legal teams.
Click to Check Correct Actions
Alejandro should document exactly what he clicked and what happened afterward: 👉 Documentation helps forensic investigators understand how the attack happened and what the next steps should be.
Alejandro must report the incident to the hospital’s IT and security team right away: 👉✅ Immediate reporting gives the IT team a better chance to contain and assess the damage quickly.
Correct Actions
CorrectActions
Incorrect Action
Incorrect Action
Incorrect Actions
Next
Scenario 3:
After the storm
watch video
Test 2
Completed
Congratulations, you have successfully completed
❌ It is impossible for healthcare institutions to recover from reputational damage after a cyberattack: While recovery can be difficult, with honest communication and strong improvements, institutions can regain trust over time.
❌ Cybersecurity awareness training should only be mandatory for IT staff: 👉 Everyone—not just IT—needs cybersecurity awareness, especially in healthcare where sensitive data is handled daily.
❌ Employees who unintentionally cause breaches should always be immediately fired: 👉 Immediate firing isn’t always the solution. Understanding mistakes and improving processes is often more effective for long-term protection.
Quick reporting of suspicious incidents can help minimize damage during a cyberattack: 👉✅ Rapid reporting can help IT teams contain threats before they spread widely.
After a cyberattack, reviewing and improving hospital policies is as important as fixing technical issues: 👉 Strong policies and updated procedures are crucial to preventing future incidents, just like fixing technical vulnerabilities.
Transparency with patients and authorities after a data breach is crucial to rebuilding trust: 👉✅Being transparent after a breach helps rebuild trust with patients, staff, and regulators.
Click to Check Correct Actions
Correct Actions
CorrectActions
Incorrect Action
Incorrect Action
Incorrect Actions
Next
Completed
Congratulations, you have successfully completed