Cyber Security in Healthcare Organizations: A Systematic Review of Human Factors

Abstract

As healthcare providers continue to adopt digital technologies for better patient care, much of this digital transformation has come along with heightened cybersecurity risks. Famous instances of ransomware and WannaCry has shown the world how terrible consequences such incidents may bring to healthcare systems. Traditionally these attacks prey on IT infrastructure vulnerabilities, but as defenses improve, social engineering tactics targeting human weaknesses are becoming an increasing concern  As we are seeing a surge in advanced attacks used to simply disrupt healthcare services, it is time for us to discuss the rich offering that some health organizations provide their staff as awareness programs and training.This systematic review aimed to discover the common factors driving cybersecurity in healthcare organizations with a particular concern that going beyond an isolated cyber threat awareness. Therefore, it presents a synthesis of the recent literature on human behaviours causing security gaps which weaken cybersecurity strategies. This review also considers organizational risk assessment methodologies and associated cybersecurity policies. To the best of our knowledge, this is one of few reviews in a topic area that has attracted considerable research activity. Those articles that were relevant to each of the five designated research questions. summarises the seven search queries conducted over three repository domains in organizations strategies (query i), social engineering of engineers standards in Europe and x-European options (ii) and national cases illustrating economic PCSO character servitaisements disruptive effects from cyberattacks(iocs-disruption mapping study). Our review has several limitations but the most noteworthy is probably how we rated literature as of high, moderate or low relevance for answering our research questions. Gaps in existing literature particularly with respect to human factors and security within healthcare cybersecurity lead use of traditional areas of study for the more well-established cyber topics read across threats, risk assessment,and organizational strategies.