A Consideration of Potential Strategies for Patient Safety from Cyberattack in the Healthcare Domain

Authors

  • Noora Alallaq Author
  • Murthad Hussein Al-Yoonus Author
  • Muhmmad Al-Khiza’ay Author
  • Baobao Song Author

DOI:

https://doi.org/10.59992/IJCI.2026.v5n2p4

Keywords:

Cybersecurity, Health Care Safety, Potential Threats, Information Security

Abstract

The rapidly rising convergence of digital solutions in healthcare has enhanced performance and patient care, but introduced numerous cybersecurity challenges. Cyberattacks of all types—including ransomware, phishing, and supply chain intrusions—have grown in frequency and severity, focusing clearly on sensitive health data and disrupting essential clinical services. These events may result in the delay of the treatment, and the Inaccuracy of care, and at times, even put lives of patients in danger. This review considers healthcare cyber threats and analyses the effects of these threats, whether direct or circumstantial, on patient safety. It proposes an integrated approach that includes technical, managerial, and governance measures proactively prevent, reduce, and recover from cyber events. Some of the primary measures include proper network partitioning, real-time monitoring of system threats, comprehensive training for employees, incident response strategies, and increased control from regulators. By shifting the approach to cybersecurity as a matter of patient safety, rather than just an IT problem, hospitals can improve their ability to counter cyber risks and sustain the delivery of safe and high-quality services. This review supports a multi-disciplinary strategy to incorporate cybersecurity into safety culture and operational strategy at the clinical level.

Author Biographies

  • Noora Alallaq

    Department of Computer Networks, College of Computing and informatics, University of Al-Hamdaniya, Iraq

  • Murthad Hussein Al-Yoonus

    Department of Computer Networks, College of Computing and informatics, University of Al-Hamdaniya, Iraq

  • Muhmmad Al-Khiza’ay

    Department of Computer Networks, College of Computing and informatics, University of Al-Hamdaniya, Iraq

  • Baobao Song

    University of Technology Sydney, Australia

References

[1] Birk, S., Clark, M., & Stensland, J. (2023). Association of ransomware attacks with delays in care and patient outcomes in US hospitals. JAMA Network Open, 6(2), e225425.

[2] Clarke, M., O'Reilly, M., & Smith, P. (2022). Lessons from the 2021 HSE ransomware attack: Implications for health service resilience. BMJ Global Health, 7(6), e009921.

[3] Gharib, R. K., Khalil, A., & Alkass, S. (2022). The Düsseldorf University Hospital ransomware incident: Implications for patient safety. Digital Health, 8, 20552076221104665.

[4] Haslinger, L., & Koska, S. (2021). Brno University Hospital ransomware attack during COVID-19: A wake-up call. Journal of Medical Internet Research, 23(4), e21747.

[5] Johnson, C., Grube, M., & Ellis, R. (2022). Cybersecurity incidents in U.S. hospitals: Survey results from 2019 to 2021. JAMA Health Forum, 3(6), e221126.

[6] Kaur, R., & Kaur, P. (2020). Analyzing the SingHealth breach: A Singaporean perspective on health data security. Health Informatics Journal, 26(4), 2730–2743.

[7] Morgado, L., Costa, M., & Vasconcelos, A. (2023). Cyberattack at Hospital Garcia de Orta (Portugal): A digital health system at risk. JMIR Formative Research, 7, e41738.

[8] Appari, A., & Johnson, M. E. (2010). Information security and privacy in healthcare: Current state of research. International Journal of Internet and Enterprise Management, 6(4), 279–314.

[9] Chernyshev, M., Zeadally, S., & Baig, Z. (2019). Healthcare data breaches: Implications for digital forensic readiness. Journal of Medical Systems, 43(1), 7.

[10] Coventry, L., & Branley, D. (2018). Cybersecurity in healthcare: A narrative review of trends, threats and ways forward. Maturitas, 113, 48–52.

[11] Department of Health and Social Care. (2018). Lessons learned review of the WannaCry ransomware cyber-attack.

[12] Johnson, C., Badovinac, K., & Hayden, J. (2021). Cybersecurity: A latent threat to patient safety. BMJ Health & Care Informatics, 28(1), e100298.

[13] Koppel, R., Smith, S., Blythe, J., & Kothari, V. (2015). Workarounds to computer access in healthcare organizations: You want my password or a dead patient? Studies in Health Technology and Informatics, 208, 215–220.

[14] Kruse, C. S., Frederick, B., Jacobson, T., & Monticone, D. K. (2017). Cybersecurity in healthcare: A systematic review of modern threats and trends. Technology and Health Care, 25(1), 1–10.

[15] Martin, G., Martin, P., Hankin, C., Darzi, A., & Kinross, J. (2017). Cybersecurity and healthcare: How safe are we? BMJ, 358, j3179.

[16] Martin, G., Martin, P., Hankin, C., Darzi, A., & Kinross, J. (2021). Cybersecurity and healthcare: How safe are we? BMJ, 372, n71.

[17] McLeod, A., & Dolezel, D. (2018). Cyber-analytics: Modeling factors associated with healthcare data breaches. Decision Support Systems, 108, 57–68.

[18] Ponemon Institute. (2022). Cost of a Data Breach Report 2022. IBM Security.

[19] Singh, R., Sittig, D. F., & Classen, D. C. (2022). The safety implications of electronic health records downtime: A review. JAMA Health Forum, 3(7), e222257.

[20] U.S. Department of Health and Human Services. (2023). Health Industry Cybersecurity Practices (HICP).

[21] European Union Agency for Cybersecurity (ENISA). (2021). Threat Landscape for Healthcare.

Downloads

Published

2026-02-15

Issue

Section

Articles

How to Cite

Noora Alallaq, Murthad Hussein Al-Yoonus, Muhmmad Al-Khiza’ay, & Baobao Song. (2026). A Consideration of Potential Strategies for Patient Safety from Cyberattack in the Healthcare Domain. International Journal of Computers and Informatics, 5(2). https://doi.org/10.59992/IJCI.2026.v5n2p4