Abstract
The intersection of healthcare and technology has brought unprecedented advancements, improving patient care, and enhancing operational efficiency. However, this integration has also exposed the healthcare sector to significant cybersecurity challenges. With the increasing digitization of patient records and the reliance on interconnected systems, healthcare organizations are becoming attractive targets for malicious actors seeking to exploit vulnerabilities for financial gain or to disrupt critical healthcare services. Our main contribution is a cybersecurity maturity level specific to the healthcare sector with a focus on hospital; based on rigorous Research Science Design Methodology. In other words, this research aims to investigate and address the multifaceted cybersecurity issues within the healthcare sector, focusing on hospitals, analyzing their cybersecurity profiles, proposing effective ways to accelerate cyber risks assessment in order to safeguard patient data, maintain system integrity, and ensure the continuity of healthcare services.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Aarestrup, F.M., et al.: Towards a European health research and innovation cloud (HRIC). Genome Med. 12(1) (2020). https://doi.org/10.1186/s13073-020-0713-z
Appari, A., Johnson, M.E.: Information security and privacy in healthcare: current state of research. Int. J. Internet Enterp. Manag. 6(4), 279 (2010). https://doi.org/10.1504/IJIEM.2010.035624
Argaw, S.T., et al.: Cybersecurity of Hospitals: discussing the challenges and working towards mitigating the risks. BMC Med. Inform. Decis. Making 20(1) (2020). https://doi.org/10.1186/S12911-020-01161-7
Becker, J., Knackstedt, R., Pöppelbuß, J.: Developing maturity models for IT management. Bus. Inf. Syst. Eng. 1(3), 213–222 (2009). https://doi.org/10.1007/S12599-009-0044-5
Fernández-Alemán, J.L., Señor, I.C., Lozoya, P., Ángel, O., Toval, A.: Security and privacy in electronic health records: a systematic literature review. J. Biomed. Inform. 46(3), 541–562 (2013). https://doi.org/10.1016/J.JBI.2012.12.003
Gollhardt, T., Halsbenning, S., Hermann, A., Karsakova, A., Becker, J.: Development of a digital transformation maturity model for IT companies. In: Proceedings - 2020 IEEE 22nd Conference on Business Informatics, CBI 2020, vol. 1, pp. 94–103 (2020). https://doi.org/10.1109/CBI49978.2020.00018
Jalali, M.S., Kaiser, J.P.: Cybersecurity in hospitals: a systematic, organizational perspective. J. Med. Internet Res. 20(5) (2018). https://doi.org/10.2196/10059
Jofre, M., et al.: Cybersecurity and privacy risk assessment of point-of-care systems in healthcare—a use case approach. Appl. Sci. 11(15), 6699 (2021). https://doi.org/10.3390/APP11156699
Keele, S.: Guidelines for performing systematic literature reviews in software engineering. Technical report, Ver. 2.3 EBSE Technical Report. EBSE (2007)
Martin, G., Martin, P., Hankin, C., Darzi, A., Kinross, J.: Cybersecurity and healthcare: How safe are we? BMJ 358 (2017). https://doi.org/10.1136/bmj.j3179
Mettler, T.: Maturity assessment models: a design science research approach. Int. J. Soc. Syst. Sci. 3(1/2), 81 (2011). https://doi.org/10.1504/IJSSS.2011.038934
Muthuppalaniappan, M., Stevenson, K.: Healthcare cyber-attacks and the COVID-19 pandemic: an urgent threat to global health. Int. J. Qual. Health Care 33(1) (2021). https://doi.org/10.1093/INTQHC/MZAA117
Naconha, A.E.: A Cybersecurity Model for the Health Sector: A Case Study of Hospitals in Nairobi, Kenya, vol. 4, no. 1, p. 6 (2021). http://erepo.usiu.ac.ke/11732/6742
Zafar, H., Ko, M.S., Clark, J.G.: Security risk management in healthcare: a case study. Commun. Assoc. Inf. Syst. 34(1), 737–750 (2014). https://doi.org/10.17705/1cais.03437
Acknowledgments
This Ph.D. is organized by Ghent University (Belgium) under the supervision of Prof. Dr. Amy Van Looy and Prof. Dr. Geert Poels.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Ethics declarations
The authors have no competing interests to declare that are relevant to the content of this article.
Rights and permissions
Copyright information
© 2024 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Ahouanmenou, S. (2024). Towards a Cybersecurity Maturity Model Specific for the Healthcare Sector: Focus on Hospitals. In: Araújo, J., de la Vara, J.L., Santos, M.Y., Assar, S. (eds) Research Challenges in Information Science. RCIS 2024. Lecture Notes in Business Information Processing, vol 514. Springer, Cham. https://doi.org/10.1007/978-3-031-59468-7_16
Download citation
DOI: https://doi.org/10.1007/978-3-031-59468-7_16
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-59467-0
Online ISBN: 978-3-031-59468-7
eBook Packages: Computer ScienceComputer Science (R0)