Institute of Global Health Innovation, Imperial College London, London, United Kingdom.
Department of Primary Care and Public Health, Imperial College London, London, United Kingdom.
J Med Internet Res. 2024 Nov 20;26:e47311. doi: 10.2196/47311.
Health care organizations globally have seen a significant increase in the frequency of cyberattacks in recent years. Cyberattacks cause massive disruptions to health service delivery and directly impact patient safety through disruption and treatment delays. Given the increasing number of cyberattacks in low- and middle-income countries (LMICs), there is a need to explore the interventions put in place to plan for cyberattacks and develop cyber resilience.
This study aimed to describe cybersecurity interventions, defined as any intervention to improve cybersecurity in a health care organization, including but not limited to organizational strategy(ies); policy(ies); protocol(s), incident plan(s), or assessment process(es); framework(s) or guidelines; and emergency planning, implemented in LMICs to date and to evaluate their impact on the likelihood and impact of attacks. The secondary objective was to describe the main barriers and facilitators for the implementation of such interventions, where reported.
A systematic search of the literature published between January 2017 and July 2024 was performed on Ovid Medline, Embase, Global Health, and Scopus using a combination of controlled terms and free text. A search of the gray literature within the same time parameters was undertaken on the websites of relevant stakeholder organizations to identify possible additional studies that met the inclusion criteria. Findings from included papers were mapped against the dimensions of the Essentials of Cybersecurity in Health Care Organizations (ECHO) framework and presented as a narrative synthesis.
We included 20 studies in this review. The sample size of the majority of studies (13/20, 65%) was 1 facility to 5 facilities, and the studies were conducted in 14 countries. Studies were categorized into the thematic dimensions of the ECHO framework, including context; governance; organizational strategy; risk management; awareness, education, and training; and technical capabilities. Few studies (6/20, 30%) discussed cybersecurity intervention(s) as the primary focus of the paper; therefore, information on intervention(s) implemented had to be deduced. There was no attempt to report on the impact and outcomes in all papers except one. Facilitators and barriers identified were grouped and presented across national or regional, organizational, and individual staff levels.
This scoping review's findings highlight the limited body of research published on cybersecurity interventions implemented in health care organizations in LMICs and large heterogeneity across existing studies in interventions, research objectives, methods, and outcome measures used. Although complex and challenging, future research should specifically focus on the evaluation of cybersecurity interventions and their impact in order to build a robust evidence base to inform evidence-based policy and practice.
近年来,全球医疗保健组织遭遇的网络攻击频率显著增加。网络攻击严重扰乱了医疗服务的提供,并通过延误治疗直接影响了患者安全。鉴于中低收入国家(LMICs)遭受的网络攻击数量不断增加,有必要探索为应对网络攻击和增强网络弹性而实施的干预措施。
本研究旨在描述迄今为止在 LMICs 中实施的用于改善医疗保健组织网络安全的网络安全干预措施,包括但不限于组织战略(ies);政策(ies);协议(s)、事件计划(s)或评估流程(es);框架(s)或指南;以及应急计划,并评估它们对攻击的可能性和影响的影响。次要目标是描述报告中此类干预措施实施的主要障碍和促进因素。
对 Ovid Medline、Embase、Global Health 和 Scopus 进行了文献检索,检索时间为 2017 年 1 月至 2024 年 7 月,使用了受控术语和自由文本的组合。在同一时间范围内,对相关利益相关者组织的网站进行了灰色文献检索,以确定可能符合纳入标准的其他研究。纳入研究的结果与医疗保健组织网络安全要素(ECHO)框架的维度相对应,并以叙述性综述的形式呈现。
本综述共纳入 20 项研究。大多数研究(20 项中的 13 项,占 65%)的样本量为 1 个至 5 个设施,研究地点分布在 14 个国家。研究分为 ECHO 框架的主题维度,包括背景;治理;组织战略;风险管理;意识、教育和培训;以及技术能力。很少有研究(20 项中的 6 项,占 30%)将网络安全干预措施作为论文的主要重点;因此,必须推断所实施的干预措施的信息。除了一项研究外,其他研究都没有试图报告影响和结果。确定的促进因素和障碍按国家或地区、组织和个人工作人员层面进行了分组和呈现。
本范围界定审查的结果强调了在 LMIC 中实施的医疗保健组织网络安全干预措施方面发表的研究数量有限,以及现有研究在干预措施、研究目标、方法和使用的结果衡量标准方面的巨大异质性。尽管复杂且具有挑战性,但未来的研究应特别侧重于评估网络安全干预措施及其影响,以便为循证政策和实践提供一个稳健的证据基础。
