Menu
Browse

Uppsala län

Primary URL Location Industry
regionuppsala[.]se
Country Sweden
Government - Regional Icon
Government - Regional
Profile

Uppsala County, also referred to as Region Uppsala, is a regional authority that provides publicly funded healthcare and dental care to the population of Uppsala County. In addition to medical services, it organizes and finances regional public transport, ensuring bus and rail connections across the county. The organization also supports cultural initiatives, regional growth strategies, and infrastructure planning that affect businesses and residents alike. It acts as the central coordinator for hospitals, primary care centres, and specialist clinics operating within its jurisdiction. Uppsala County’s mandate includes promoting equal access to care and maintaining high quality standards across all its service providers.

Uppsala County’s distinguishing attributes lie in its combination of direct healthcare provision and broader regional policy responsibilities, which require integrated information systems. The January 2024 ransomware attack on its IT provider Tietoevry exposed this reliance, as attackers used unsecured Cisco VPN access to encrypt virtualization servers in a Swedish data center. The disruption affected Uppsala County’s healthcare record systems, payroll services, and administrative functions, while also impacting universities, retailers, and government agencies that depend on Tietoevry’s cloud hosting and the Primula HR platform. Although backup routines limited immediate risks to patient safety, the incident forced many administrative tasks into manual processing, slowing down routine operations. Service restoration efforts have been ongoing, with the isolation of compromised systems preventing the attack from spreading to other parts of the county’s IT infrastructure.

Structurally, Uppsala County operates as a publicly owned entity under Sweden’s system of regional self‑governance, answering to the county council and ultimately to the residents it serves. It is not a private subsidiary but a distinct administrative region within the national framework of Sweden’s twenty‑one regions. Its governance combines democratic oversight with operational autonomy, allowing it to make decisions on service delivery, strategic investments, and crisis management. The organization continues to prioritize cybersecurity resilience following the 2024 incident, seeking to harden its digital services while maintaining the core responsibilities of healthcare, transport, and regional development.

Incidents
Linked incidents available to members
1 incident