Helse Sør-Øst RHF

Health South‑East RHF is a regional health authority responsible for planning, financing and delivering specialist hospital services in the southeastern part of Norway. It oversees a network of public hospitals that provide acute care, specialised treatment, rehabilitation and mental health services to residents of the region, which includes the capital Oslo and surrounding counties. The organisation works closely with primary care providers, municipal health services and other health‑sector partners to ensure coordinated patient pathways across the continuum of care. Its core mandate is to guarantee equitable access to high‑quality hospital care while adhering to national health policies and quality standards set by the Norwegian Ministry of Health and Care Services. In addition to direct hospital management, Health South‑East RHF supports clinical research, medical education and the implementation of health‑technology innovations within its facilities.

The authority serves a population of roughly two million people, making it one of the largest regional health bodies in the country by both geographic coverage and patient volume. Its distinguishing attributes include a statutory role as a public sector entity tasked with hospital governance, a strong emphasis on patient safety and quality improvement programmes, and a central position in Norway’s decentralised healthcare model where regional authorities operate independently yet under national oversight. Structurally, Health South‑East RHF is owned by the Norwegian state through the Ministry of Health and Care Services, and it is linked to Sykehuspartner HF, which acts as its parent company for certain shared services such as procurement, IT infrastructure and administrative support. The organisation’s governance model combines a board appointed by the government with executive management responsible for day‑to‑day operations, ensuring accountability to both political authorities and the public it serves. The 2018 data breach incident, which affected approximately 2.9 million individuals, highlighted the critical importance of robust cybersecurity measures within its IT environment and prompted coordinated response efforts involving internal teams, HelseCERT and law enforcement.