Share
Information Services is in the process of buying back shares from minority shareholders. What are the results so far, and what is the objective of the buyback?
According to the requirements of Directive 2014/24/EU, the capital of a national systems integrator must be fully state-owned. At the time of the amendments to the Electronic Governance Act in 2019, which designated Information Services as Bulgaria’s national systems integrator by decision of the National Assembly, around 0.5% of the company’s capital was owned by former and current employees. This fact became the subject of a complaint to the European Commission by a Bulgarian IT organization.
Following discussions between the Ministry of Electronic Governance and the European Commission, it was clarified that the private shareholders were a consequence of the Privatization Act, and a buyback procedure was initiated. To date, 60% of the shares have been repurchased, and the process will continue until the end of the year. Taking into account this progress, the European Commission has already indicated to the Bulgarian authorities and the complainant that the regulatory requirements have been met and that the Commission’s procedure for a possible infringement case will be closed.
What specific benefits do state institutions derive from the system integration carried out by the company, and how does this affect operational costs and efficiency in the public sector?
Many people in business, but also within public administration, tend to associate systems integration only with its technical aspect. In my view, however, the more substantial part is that it is actually a strategic approach to fiscal discipline and operational efficiency in the public sector. Every project in this field begins with a detailed analysis of the specific institution’s ICT and cybersecurity environment. This is followed by a structured plan of activities aimed at bringing its IT systems and cybersecurity capabilities up to a world-class level. All of this is carried out in line with the best global standards, by specialists with internationally recognised expertise and certifications, with the goal of achieving optimal cost efficiency and performance.
I would venture to say that the level of insight into state administration IT systems at a national scale that our team has is unmatched in the Bulgarian IT sector. This enables us to propose the most effective solutions, helping institutions optimize and maximize the efficiency of their IT and cybersecurity operations.
To give just one example: between 2019 and 2026, savings of around €40 million were achieved for the state through better terms for procurement and completed projects. There is a project initially valued at BGN 7 million, which, after our involvement, was successfully implemented for BGN 1.6 million. Another example is a cybersecurity technology that a key state institution intended to acquire for over BGN 3 million, but which Information Services procured for $240,000. There are dozens of similar cases across different scales over the past few years. All of these examples are supported by official company documentation.
How does Information Services ensure transparency, efficiency and high quality in public procurement conducted within the scope of systems integration, and what criteria do you use to ensure that selected contractors meet the technological requirements of the public administration and cybersecurity standards?
We comply strictly with the law – including the European Commission’s regulations on publicity, transparency and efficient spending of public funds, as well as the laws of the Republic of Bulgaria. All contracts and technical specifications between us and the respective administrations are published publicly – both on the company’s website and on the Public Procurement Agency’s platform. This ensures full transparency regarding prices, conditions and implementation.
From 2020 to date, 922 procedures under the Public Procurement Act have been conducted. Of these, 578 were tender-based procedures, while the remainder were also under the Public Procurement Act but carried out through direct awards to Bulgarian companies holding copyright over specific systems such as accounting, document management, human resources, and similar solutions. Out of the 578 tenders, 574 were awarded on the basis of the lowest price criterion, and only 4 applied the “most economically advantageous tender” methodology. Over six years and more than 900 procedures, there have been only 9 complaints, all of which were resolved in favour of Information Services, as we have consistently followed the letter of the law.
What challenges do you face in the field of cybersecurity and what measures are you taking to address them?
The key to our approach to cybersecurity is the principle of ‘security by design’ and ‘defence in depth’, whereby, right from the design stage of every system, the architecture and processes are built with a priority on security at a multi-layered level. This means that, at both the system and user levels, every information system is designed to be secure by default, with built-in mechanisms for access control, data protection and service management.
The key principle in our cybersecurity approach is “security by design” and “defense in depth,” where from the very design phase of each system, the architecture and processes are built with a priority on security at a multi-layered level. This means that both at system level and at user level, every information system is designed to be secure by default, with built-in mechanisms for access control, data protection and service manageability.
We operate with a clear understanding that cybersecurity is not just about technology, but a combination of architecture, processes and people. That is why we invest both in cutting-edge global protection technologies and in the development of human capital.
In addition, we apply a model of continuous monitoring and transparency of system status. On our public website, we visualize in real time the status of key systems we manage and protect. This is part of our philosophy of service accountability and manageability.
We have succeeded in establishing a professional corporate image that has enabled us to be recognized as a key partner to the world’s leading technology companies. This trust in our capabilities gives us exclusive access to specialized cyber defense and cyber intelligence solutions, for example, enabling us not only to respond to threats but also to prevent them.
We have managed to establish a strong professional reputation that has enabled us to be recognized as a key partner of leading global technology companies. This trust in our capabilities gives us exclusive access to specialized cybersecurity and cyber-intelligence solutions, enabling us not only to react to threats but also to prevent them.
In 2024, an external assessment of our cybersecurity capabilities was conducted by the U.S. administration, which further confirmed the company’s level of maturity. As a result, a strategic partnership was signed with the U.S. Trade and Development Agency (USTDA) to build a centralized system for coordinating cybersecurity across the public administration. The aim is for a national cyber center to take on a coordinated role in prevention, response and recovery from cyberattacks.
How does Information Services’ membership of EURITAS enhance the company’s technological capacity and expertise?
EURITAS is the European association of public IT providers, into which Information Services was admitted following a presentation of our portfolio and capabilities. In practice, this places us alongside system integrators from leading European countries such as Germany, the UK, Ireland, Denmark, Finland, Italy, Austria, Malta and Switzerland.
The key aspect of this participation in EURITAS is, in fact, the exchange of experience with others in Europe on key topics – e-government, public procurement, artificial intelligence and cybersecurity. The teams meet regularly; there are a number of working groups, meetings and joint initiatives that give us access to best practices and technological solutions from other members.
One example that everyone can understand – our involvement during the COVID crisis was particularly important, when, as a partner of the Bulgarian government, we built and integrated the green certificate with the European system. This gave us the opportunity to work in practice within a pan-European digital infrastructure. Bulgaria was the first of all European countries to integrate with the central Green Certificate system.
Information Services carried out a full digital transformation of the Bulgarian healthcare system. Could you tell us more about this process.
The National Health Information System (NHIS) is one of the largest and most successful projects, and one of the key examples of digital transformation in Bulgaria. We launched it in 2020, and it now covers the entire healthcare sector.
All major healthcare stakeholders operate within the system in real time. At present, it contains over 700 million unique health records, covering the full medical history of Bulgarian citizens.
We developed an electronic portal through which every patient, general practitioner and specialist has access to the patient record. We also created two mobile applications, one of which is “eHealth,” aimed entirely at the public. Through it, patients can track test results, prescriptions, examinations and medical orders, while for children under 18 the information is automatically displayed in the parent’s profile. Currently, more than 500,000 Bulgarian citizens are actively using these services via the mobile app.
In addition to healthcare digitalization, we also built the National Expert Medical Commission system related to medical expertise. It fully digitized the process of issuing disability assessment decisions, including random case allocation, electronic issuance of decisions, and integration with other government systems. Digitalization has reduced the decision time from 73 days to just 2 days. As a result, patients are no longer required to carry paper documents between institutions, saving time, costs and administrative burden for both citizens and the administration.
Another key component is the National Health Insurance Fund (NHIF) system, where all processes are fully digitalized. While paper patient booklets and monthly reports were used in the past, information exchange happens now in real time. Since the beginning of the year, pharmacies also submit data in real time, without monthly reporting. Our ambition is to extend this model to hospital care as well, so that all payments and verifications are performed automatically and without administrative delays.
The NHIS and the NHIF systems are fully integrated and operate in real time, handling up to 1,300 operations per second. We are proud of the results achieved in the digitalization of the healthcare sector.
You can read the full text of the interview on the Forbes website.