Skip to main content
SpringerLink
Log in

Towards a Cybersecurity Maturity Model Specific for the Healthcare Sector: Focus on Hospitals

  • Conference paper
  • First Online:
Research Challenges in Information Science (RCIS 2024)

Part of the book series: Lecture Notes in Business Information Processing ((LNBIP,volume 514))

Included in the following conference series:

  • 87 Accesses

Abstract

The intersection of healthcare and technology has brought unprecedented advancements, improving patient care, and enhancing operational efficiency. However, this integration has also exposed the healthcare sector to significant cybersecurity challenges. With the increasing digitization of patient records and the reliance on interconnected systems, healthcare organizations are becoming attractive targets for malicious actors seeking to exploit vulnerabilities for financial gain or to disrupt critical healthcare services. Our main contribution is a cybersecurity maturity level specific to the healthcare sector with a focus on hospital; based on rigorous Research Science Design Methodology. In other words, this research aims to investigate and address the multifaceted cybersecurity issues within the healthcare sector, focusing on hospitals, analyzing their cybersecurity profiles, proposing effective ways to accelerate cyber risks assessment in order to safeguard patient data, maintain system integrity, and ensure the continuity of healthcare services.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 99.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 119.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Aarestrup, F.M., et al.: Towards a European health research and innovation cloud (HRIC). Genome Med. 12(1) (2020). https://doi.org/10.1186/s13073-020-0713-z

  2. Appari, A., Johnson, M.E.: Information security and privacy in healthcare: current state of research. Int. J. Internet Enterp. Manag. 6(4), 279 (2010). https://doi.org/10.1504/IJIEM.2010.035624

    Article  Google Scholar 

  3. Argaw, S.T., et al.: Cybersecurity of Hospitals: discussing the challenges and working towards mitigating the risks. BMC Med. Inform. Decis. Making 20(1) (2020). https://doi.org/10.1186/S12911-020-01161-7

  4. Becker, J., Knackstedt, R., Pöppelbuß, J.: Developing maturity models for IT management. Bus. Inf. Syst. Eng. 1(3), 213–222 (2009). https://doi.org/10.1007/S12599-009-0044-5

    Article  Google Scholar 

  5. Fernández-Alemán, J.L., Señor, I.C., Lozoya, P., Ángel, O., Toval, A.: Security and privacy in electronic health records: a systematic literature review. J. Biomed. Inform. 46(3), 541–562 (2013). https://doi.org/10.1016/J.JBI.2012.12.003

  6. Gollhardt, T., Halsbenning, S., Hermann, A., Karsakova, A., Becker, J.: Development of a digital transformation maturity model for IT companies. In: Proceedings - 2020 IEEE 22nd Conference on Business Informatics, CBI 2020, vol. 1, pp. 94–103 (2020). https://doi.org/10.1109/CBI49978.2020.00018

  7. Jalali, M.S., Kaiser, J.P.: Cybersecurity in hospitals: a systematic, organizational perspective. J. Med. Internet Res. 20(5) (2018). https://doi.org/10.2196/10059

  8. Jofre, M., et al.: Cybersecurity and privacy risk assessment of point-of-care systems in healthcare—a use case approach. Appl. Sci. 11(15), 6699 (2021). https://doi.org/10.3390/APP11156699

  9. Keele, S.: Guidelines for performing systematic literature reviews in software engineering. Technical report, Ver. 2.3 EBSE Technical Report. EBSE (2007)

    Google Scholar 

  10. Martin, G., Martin, P., Hankin, C., Darzi, A., Kinross, J.: Cybersecurity and healthcare: How safe are we? BMJ 358 (2017). https://doi.org/10.1136/bmj.j3179

  11. Mettler, T.: Maturity assessment models: a design science research approach. Int. J. Soc. Syst. Sci. 3(1/2), 81 (2011). https://doi.org/10.1504/IJSSS.2011.038934

    Article  Google Scholar 

  12. Muthuppalaniappan, M., Stevenson, K.: Healthcare cyber-attacks and the COVID-19 pandemic: an urgent threat to global health. Int. J. Qual. Health Care 33(1) (2021). https://doi.org/10.1093/INTQHC/MZAA117

  13. Naconha, A.E.: A Cybersecurity Model for the Health Sector: A Case Study of Hospitals in Nairobi, Kenya, vol. 4, no. 1, p. 6 (2021). http://erepo.usiu.ac.ke/11732/6742

  14. Zafar, H., Ko, M.S., Clark, J.G.: Security risk management in healthcare: a case study. Commun. Assoc. Inf. Syst. 34(1), 737–750 (2014). https://doi.org/10.17705/1cais.03437

Download references

Acknowledgments

This Ph.D. is organized by Ghent University (Belgium) under the supervision of Prof. Dr. Amy Van Looy and Prof. Dr. Geert Poels.

Author information

Authors and Affiliations

  1. Faculty of Economics and Business Administration, Department of Business Informatics and Operations Management, Ghent University, Ghent, Belgium

    Steve Ahouanmenou

Authors
  1. Steve Ahouanmenou
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Steve Ahouanmenou .

Editor information

Editors and Affiliations

  1. NOVA University Lisbon, Caparica, Portugal

    João Araújo

  2. University of Castilla La Mancha, Albacete, Albacete, Spain

    Jose Luis de la Vara

  3. University of Minho, Guimarães, Portugal

    Maribel Yasmina Santos

  4. Institut Mines-Télécom Business School, Evry, France

    Saïd Assar

Ethics declarations

The authors have no competing interests to declare that are relevant to the content of this article.

Rights and permissions

Reprints and permissions

Copyright information

© 2024 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Ahouanmenou, S. (2024). Towards a Cybersecurity Maturity Model Specific for the Healthcare Sector: Focus on Hospitals. In: Araújo, J., de la Vara, J.L., Santos, M.Y., Assar, S. (eds) Research Challenges in Information Science. RCIS 2024. Lecture Notes in Business Information Processing, vol 514. Springer, Cham. https://doi.org/10.1007/978-3-031-59468-7_16

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-59468-7_16

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-59467-0

  • Online ISBN: 978-3-031-59468-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation