The state of research on cyberattacks against hospitals and available best practice recommendations: a scoping review

BACKGROUND: The health sector has quickly become a target for cyberattacks. Hospitals are especially sensitive to these sorts of attacks as any disruption in operations or even disclosure of patient personal information can have far-reaching consequences. The objective of this study was to map the a...

Descripción completa

Detalles Bibliográficos
Autores principales: Argaw, Salem T., Bempong, Nefti-Eboni, Eshaya-Chauvin, Bruce, Flahault, Antoine
Formato: Online Artículo Texto
Lenguaje:English
Publicado: BioMed Central 2019
Materias:
Research Article
Acceso en línea:https://www.ncbi.nlm.nih.gov/pmc/articles/PMC6330387/
https://www.ncbi.nlm.nih.gov/pubmed/30634962
http://dx.doi.org/10.1186/s12911-018-0724-5
_version_ 1783386961707270144
author Argaw, Salem T.
Bempong, Nefti-Eboni
Eshaya-Chauvin, Bruce
Flahault, Antoine
author_facet Argaw, Salem T.
Bempong, Nefti-Eboni
Eshaya-Chauvin, Bruce
Flahault, Antoine
author_sort Argaw, Salem T.
collection PubMed
description BACKGROUND: The health sector has quickly become a target for cyberattacks. Hospitals are especially sensitive to these sorts of attacks as any disruption in operations or even disclosure of patient personal information can have far-reaching consequences. The objective of this study was to map the available literature on cyberattacks on hospitals and to identify the different domains of research, while extracting the recommendations and guidelines put forth in the literature. METHODS: Four databases (PubMed, Web of Science, ProQuest, and Scopus) were searched using standardized and adapted search syntax in order to identify relevant manuscripts published between 1997 and 2017. These were screened by two reviewers and included or excluded based on inclusion and exclusion criteria. Data from articles were then extracted and analyzed. RESULTS: The search identified 818 records of which 97 were included. Of the 97, 32% were published in 2017 while around 40% of the articles were published prior to the last three years. Six domains of research emerged through the analysis, which are included here: context and trends in cybersecurity (27.8%), connected medical devices and equipment (29.9%), hospital information systems (14.4%), raising awareness and lessons learned (6.2%), information security methodology (15.4%), and specific types of attacks (6.2%). CONCLUSION: There is a generally growing interest in the research field, but the available literature remains limited in number. There are important aspects of cybersecurity (e.g. cloud storage and access management) as well as specific medical fields that rely on various medical devices that have been neglected. Recommendations are available, but comprehensive guidelines and standardized best practice measures are still necessary. ELECTRONIC SUPPLEMENTARY MATERIAL: The online version of this article (10.1186/s12911-018-0724-5) contains supplementary material, which is available to authorized users.
format Online
Article
Text
id pubmed-6330387
institution National Center for Biotechnology Information
language English
publishDate 2019
publisher BioMed Central
record_format MEDLINE/PubMed
spelling pubmed-63303872019-01-16 The state of research on cyberattacks against hospitals and available best practice recommendations: a scoping review Argaw, Salem T. Bempong, Nefti-Eboni Eshaya-Chauvin, Bruce Flahault, Antoine BMC Med Inform Decis Mak Research Article BACKGROUND: The health sector has quickly become a target for cyberattacks. Hospitals are especially sensitive to these sorts of attacks as any disruption in operations or even disclosure of patient personal information can have far-reaching consequences. The objective of this study was to map the available literature on cyberattacks on hospitals and to identify the different domains of research, while extracting the recommendations and guidelines put forth in the literature. METHODS: Four databases (PubMed, Web of Science, ProQuest, and Scopus) were searched using standardized and adapted search syntax in order to identify relevant manuscripts published between 1997 and 2017. These were screened by two reviewers and included or excluded based on inclusion and exclusion criteria. Data from articles were then extracted and analyzed. RESULTS: The search identified 818 records of which 97 were included. Of the 97, 32% were published in 2017 while around 40% of the articles were published prior to the last three years. Six domains of research emerged through the analysis, which are included here: context and trends in cybersecurity (27.8%), connected medical devices and equipment (29.9%), hospital information systems (14.4%), raising awareness and lessons learned (6.2%), information security methodology (15.4%), and specific types of attacks (6.2%). CONCLUSION: There is a generally growing interest in the research field, but the available literature remains limited in number. There are important aspects of cybersecurity (e.g. cloud storage and access management) as well as specific medical fields that rely on various medical devices that have been neglected. Recommendations are available, but comprehensive guidelines and standardized best practice measures are still necessary. ELECTRONIC SUPPLEMENTARY MATERIAL: The online version of this article (10.1186/s12911-018-0724-5) contains supplementary material, which is available to authorized users. BioMed Central 2019-01-11 /pmc/articles/PMC6330387/ /pubmed/30634962 http://dx.doi.org/10.1186/s12911-018-0724-5 Text en © The Author(s). 2019 Open AccessThis article is distributed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/by/4.0/), which permits unrestricted use, distribution, and reproduction in any medium, provided you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license, and indicate if changes were made. The Creative Commons Public Domain Dedication waiver (http://creativecommons.org/publicdomain/zero/1.0/) applies to the data made available in this article, unless otherwise stated.
spellingShingle Research Article
Argaw, Salem T.
Bempong, Nefti-Eboni
Eshaya-Chauvin, Bruce
Flahault, Antoine
The state of research on cyberattacks against hospitals and available best practice recommendations: a scoping review
title The state of research on cyberattacks against hospitals and available best practice recommendations: a scoping review
title_full The state of research on cyberattacks against hospitals and available best practice recommendations: a scoping review
title_fullStr The state of research on cyberattacks against hospitals and available best practice recommendations: a scoping review
title_full_unstemmed The state of research on cyberattacks against hospitals and available best practice recommendations: a scoping review
title_short The state of research on cyberattacks against hospitals and available best practice recommendations: a scoping review
title_sort state of research on cyberattacks against hospitals and available best practice recommendations: a scoping review
topic Research Article
url https://www.ncbi.nlm.nih.gov/pmc/articles/PMC6330387/
https://www.ncbi.nlm.nih.gov/pubmed/30634962
http://dx.doi.org/10.1186/s12911-018-0724-5
work_keys_str_mv AT argawsalemt thestateofresearchoncyberattacksagainsthospitalsandavailablebestpracticerecommendationsascopingreview
AT bempongneftieboni thestateofresearchoncyberattacksagainsthospitalsandavailablebestpracticerecommendationsascopingreview
AT eshayachauvinbruce thestateofresearchoncyberattacksagainsthospitalsandavailablebestpracticerecommendationsascopingreview
AT flahaultantoine thestateofresearchoncyberattacksagainsthospitalsandavailablebestpracticerecommendationsascopingreview
AT argawsalemt stateofresearchoncyberattacksagainsthospitalsandavailablebestpracticerecommendationsascopingreview
AT bempongneftieboni stateofresearchoncyberattacksagainsthospitalsandavailablebestpracticerecommendationsascopingreview
AT eshayachauvinbruce stateofresearchoncyberattacksagainsthospitalsandavailablebestpracticerecommendationsascopingreview
AT flahaultantoine stateofresearchoncyberattacksagainsthospitalsandavailablebestpracticerecommendationsascopingreview

Ejemplares similares