A Consideration of Potential Strategies for Patient Safety from Cyberattack in the Healthcare Domain
DOI:
https://doi.org/10.59992/IJCI.2026.v5n2p4Keywords:
Cybersecurity, Health Care Safety, Potential Threats, Information SecurityAbstract
The rapidly rising convergence of digital solutions in healthcare has enhanced performance and patient care, but introduced numerous cybersecurity challenges. Cyberattacks of all types—including ransomware, phishing, and supply chain intrusions—have grown in frequency and severity, focusing clearly on sensitive health data and disrupting essential clinical services. These events may result in the delay of the treatment, and the Inaccuracy of care, and at times, even put lives of patients in danger. This review considers healthcare cyber threats and analyses the effects of these threats, whether direct or circumstantial, on patient safety. It proposes an integrated approach that includes technical, managerial, and governance measures proactively prevent, reduce, and recover from cyber events. Some of the primary measures include proper network partitioning, real-time monitoring of system threats, comprehensive training for employees, incident response strategies, and increased control from regulators. By shifting the approach to cybersecurity as a matter of patient safety, rather than just an IT problem, hospitals can improve their ability to counter cyber risks and sustain the delivery of safe and high-quality services. This review supports a multi-disciplinary strategy to incorporate cybersecurity into safety culture and operational strategy at the clinical level.
References
[1] Birk, S., Clark, M., & Stensland, J. (2023). Association of ransomware attacks with delays in care and patient outcomes in US hospitals. JAMA Network Open, 6(2), e225425.
[2] Clarke, M., O'Reilly, M., & Smith, P. (2022). Lessons from the 2021 HSE ransomware attack: Implications for health service resilience. BMJ Global Health, 7(6), e009921.
[3] Gharib, R. K., Khalil, A., & Alkass, S. (2022). The Düsseldorf University Hospital ransomware incident: Implications for patient safety. Digital Health, 8, 20552076221104665.
[4] Haslinger, L., & Koska, S. (2021). Brno University Hospital ransomware attack during COVID-19: A wake-up call. Journal of Medical Internet Research, 23(4), e21747.
[5] Johnson, C., Grube, M., & Ellis, R. (2022). Cybersecurity incidents in U.S. hospitals: Survey results from 2019 to 2021. JAMA Health Forum, 3(6), e221126.
[6] Kaur, R., & Kaur, P. (2020). Analyzing the SingHealth breach: A Singaporean perspective on health data security. Health Informatics Journal, 26(4), 2730–2743.
[7] Morgado, L., Costa, M., & Vasconcelos, A. (2023). Cyberattack at Hospital Garcia de Orta (Portugal): A digital health system at risk. JMIR Formative Research, 7, e41738.
[8] Appari, A., & Johnson, M. E. (2010). Information security and privacy in healthcare: Current state of research. International Journal of Internet and Enterprise Management, 6(4), 279–314.
[9] Chernyshev, M., Zeadally, S., & Baig, Z. (2019). Healthcare data breaches: Implications for digital forensic readiness. Journal of Medical Systems, 43(1), 7.
[10] Coventry, L., & Branley, D. (2018). Cybersecurity in healthcare: A narrative review of trends, threats and ways forward. Maturitas, 113, 48–52.
[11] Department of Health and Social Care. (2018). Lessons learned review of the WannaCry ransomware cyber-attack.
[12] Johnson, C., Badovinac, K., & Hayden, J. (2021). Cybersecurity: A latent threat to patient safety. BMJ Health & Care Informatics, 28(1), e100298.
[13] Koppel, R., Smith, S., Blythe, J., & Kothari, V. (2015). Workarounds to computer access in healthcare organizations: You want my password or a dead patient? Studies in Health Technology and Informatics, 208, 215–220.
[14] Kruse, C. S., Frederick, B., Jacobson, T., & Monticone, D. K. (2017). Cybersecurity in healthcare: A systematic review of modern threats and trends. Technology and Health Care, 25(1), 1–10.
[15] Martin, G., Martin, P., Hankin, C., Darzi, A., & Kinross, J. (2017). Cybersecurity and healthcare: How safe are we? BMJ, 358, j3179.
[16] Martin, G., Martin, P., Hankin, C., Darzi, A., & Kinross, J. (2021). Cybersecurity and healthcare: How safe are we? BMJ, 372, n71.
[17] McLeod, A., & Dolezel, D. (2018). Cyber-analytics: Modeling factors associated with healthcare data breaches. Decision Support Systems, 108, 57–68.
[18] Ponemon Institute. (2022). Cost of a Data Breach Report 2022. IBM Security.
[19] Singh, R., Sittig, D. F., & Classen, D. C. (2022). The safety implications of electronic health records downtime: A review. JAMA Health Forum, 3(7), e222257.
[20] U.S. Department of Health and Human Services. (2023). Health Industry Cybersecurity Practices (HICP).
[21] European Union Agency for Cybersecurity (ENISA). (2021). Threat Landscape for Healthcare.