This article presents the conceptual resilience governance framework and design aspects for resilient cyber-physical eHealth systems. Our safety and security thinking has been based on the supposition that inside defensive walls we are safe. The focus of our actions has been the control of our own systems, the improvement of the protection and staying inside the protection. However, nobody is able to control complex large integrated cyber-physical systems while, on the other hand, coordination and cooperation are needed. In eHealth, this means that the focus is moved from the control and securing of health information towards utilising of eHealth to promote health. On the other hand, we have an urgent need to complement the existing knowledge-base of safety and risk management by developing frameworks and models enabling network-wide resilience management that strives for maintaining and improving critical functionalities.