International Journal of Scientific & Technology Research

Home About Us Scope Editorial Board Blog/Latest News Contact Us
10th percentile
Powered by  Scopus
Scopus coverage:
Nov 2018 to May 2020


IJSTR >> Volume 10 - Issue 2, February 2021 Edition

International Journal of Scientific & Technology Research  
International Journal of Scientific & Technology Research

Website: http://www.ijstr.org

ISSN 2277-8616


[Full Text]



Monica Cruz, Lizzette Perez, Angel Ojeda



Cyberattacks, cybersecurity, patient’s health information, healthcare institutions, data theft, digital healthcare system



The aim of this article is to present a literature review of what organizations in healthcare business do to protect the patients’ private information, how breaches and vulnerabilities occurs, and the impact in healthcare institutions. The importance of reinforcement of information technology (IT) systems to protect it from cyberattacks. Forty-five articles related to the theme of cybersecurity, cyberattacks, healthcare institutions, HIPPA Privacy Rule, and patient’s health information from 2015 to 2020 was used to write this article. Cyberattacks are easy to execute in devices that have weak IT or security systems. Healthcare institutions have the obligation to invest in strong software’s to ensure the protection of patient’s health information. In this article, we are going to present what healthcare institutions do to protect the patient's information to avoid the implications involving data theft and how these institutions reinforce its’ IT systems to protect it from cyberattacks. How cybersecurity is affected, examples of cybersecurity threats, and the importance of preserving a patient’s health information will be discussed.



[1] Abraham, C., Chatterjee, D., et.al. (2019). Muddling through cybersecurity: Insights from the US healthcare industry. Business horizons, 62(4), 539-548.
[2] Al-Muhtadi, J., Shahzad, B., et.al. (2019). Cybersecurity and privacy issues for socially integrated mobile healthcare applications operating in a multi-cloud environment. Health informatics journal, 25(2), 315-329.
[3] Athinaiou, M. (2017). "Cyber security risk management for health-based critical infrastructures," 2017 11th International Conference on Research Challenges in Information Science (RCIS), Brighton, 2017, pp. 402-407
[4] Bassi, A., John, O., et.al. (2018). Current status and future directions of mHealth interventions for health system strengthening in India: systematic review. JMIR mHealth and uHealth, 6(10), e11440.
[5] Choi et al. (2015), Establishing the role of honest broker: bridging the gap between protecting personal health data and clinical research efficiency. PeerJ 3:e1506; DOI 10.7717/peerj.1506.
[6] Conaty-Buck, S. (2017). Cybersecurity and healthcare records. American Nurse Today, 12(9), p. 62-65.
[7] Craigen, D., et.al. (2014). Defining Cybersecurity. Tech Innovation MGMT, 13(15).
[8] Delerue, H., He, W. (2012). A review of social media security risks and mitigation techniques. J. Syst. Inform.Tech. 14, p.171-180.
[9] Doherty, N., & Fulford, H. (2006). Aligning the information security policy with the strategic information systems plan. Computers & Security, 25, 55-63.
[10] Fingas, J. (2019). 'SimBad' android adware was downloaded nearly 150 million times. Engadget, New York. Retrieved from https://search-proquest-com.librarylogin.suagm.edu/docview/2191158618?rfr_id=info%3Axri%2Fsid%3Aprimo&accountid=28867#
[11] Healthcare & Public Health Sector Coordinating Councils (2015). Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients. U.S. Department of Health and Human Services. Office of the Assistant Secretary for Preparedness and Response. Retrieved from https://www.phe.gov/Preparedness/planning/405d/Pages/default.aspx
[12] Howard, D., Harris, C. (2019). Cybersecurity: What leaders must know (Discussion). American Association for Physician Leadership. Physician Leadership Journal, Vol.6(4), p.49-53.
[13] Jalali, M. S., Razak, S., et.al. (2019). Health care and cybersecurity: bibliometric analysis of the literature. Journal of medical Internet research, 21(2), e12644.
[14] Kam, R. (2015) The human risk factor of a healthcare data breach - Community Blog, Heal. IT Exch. Retrieved from: https://searchhealthit.techtarget.com/healthitexchange/CommunityBlog/the-humanrisk-factor-of-a-healthcare-data-breach/ (accessed May 12, 2020).
[15] Kenealy, B. (2015, March 30). Health claims data tempts hackers; Rethink needed on sector's cyber security. Business Insurance, 49(7), 0017. Retrieved from https://link-gale-com.librarylogin.suagm.edu/apps/doc/A407953413/AONE?u=turabo&sid=AONE&xid=cd50bc95
[16] Kim, J.E. (2016). Implications of cybersecurity on organizations and Obama administration’s counter measures. Diplomatic Courier, p. 20-25.
[17] Kruse, C.S., Frederick, B., et.al. (2017). Cybersecurity in healthcare: A systematic review of modern threats and trends. Technology and health care: official journal of the European Society for Engineering and Medicine, 25 1, 1-10.
[18] Levin, D.Z., Christmann, P. (2006). Institutionalism, learning, and patterns of decoupling: The case of total quality management.
[19] Mago, M., Madyira, F. (2018) “Ransomware Software: Case of WannaCry,” International Research Journal of Advanced Engineering and Science, 3(1), pp. 258-261.
[20] Mariani, D. M. R., & Mohammed, S. (2015). Cybersecurity challenges and compliance issues within the US healthcare sector. International Journal of Business and Social Research, 5(02).
[21] Martin, G., Martin, P., et.al. (2017). Cybersecurity and healthcare: how safe are we? BMJ 358: j3179, p. 2-4 doi: 10.1136/bmj.j31
[22] McCoy, T. H., & Perlis, R. H. (2018). Temporal trends and characteristics of reportable health data breaches, 2010-2017. Jama, 320(12), 1282-1284.
[23] Michrandi Nasution, S., et.al. (2014). Integration of Kleptoware as Keyboard Keylogger for Input Recorder Using Teensy USB Development Board. Retrieved from https://ieeexplore-ieee-org.librarylogin.suagm.edu/stamp/stamp.jsp?tp=&arnumber=7065954
[24] Moes, T. (2020). ¿Qué es un rootkit? https://softwarelab.org/es/que-es-un-rootkit/
[25] National Audit Office, Investigation: WannaCry cyber-attack and the NHS, 2017. Retrieved from: https://www.nao.org.uk/wp-content/uploads/2017/10/Investigation-WannaCry-cyberattack-and-the-NHS-Summary.pdf (accessed May, 12, 2020).
[26] N.C.S. Centre, 10 Steps to Cybersecurity, 2016.
[27] Nieuwenhuizen, D. (2017). A behavioural-based approach to ransomware detection. MWR Labs Whitepaper. Retrieved from: https://labs.f-secure.com/assets/resourceFiles/mwri-behavioural-ransomware-detection-2017-04-5.pdf
[28] Nguyen-Duy, J. (2018). The Cybersecurity Regulations Healthcare, Financial Services, and Retail Industries Must Know About. Interconnecting Business & Cybersecurity. Retrieved from: https://www.csoonline.com/article/3298962/the-cybersecurity-regulations-healthcare-financial-services-and-retail-industries-must-know-about.htmlt
[29] Northcutt, S. (2016). Security Controls. SANS Tech Inst., http://www.sans.edu/research/security-laboratory/article/security-controls.
[30] Office for Civil Rights (2000). Summary of the HIPAA Privacy Rule. U.S. Department of Health and Human Services. Retrieved from https://www.hhs.gov/sites/default/files/privacysummary.pdf
[31] Perakslis, E. D., & Stanley, M. (2016). A cybersecurity primer for translational research. Science translational medicine, 8(322), 322ps2-322ps2.
[32] PWC Insurance, Insurance 2020 & beyond, 2015. www.pwc.com/insurance (accessed May 7 2020)
[33] Raja, A. (2019, May 20). Healthcare Cybersecurity in 2019: Lessons We’ve Learned. Atlantic.net. Retrieved from: https://www.atlantic.net/hipaa-compliant-hosting/healthcare-cybersecurity-in-2019-lessons-weve-learned/
[34] Ross, R. S., L. Feldman, G.A. Witte, Rethinking Security through Systems Security Engineering, ITL Bull. - December 2016. (2016). https://www.nist.gov/publications/rethinking-securitythrough-systems-security-engineering (accessed May 12, 2020).
[35] Ronquillo, J. G., Winterholler, E., et.al. (2018). Health IT, hacking, and cybersecurity: national trends in data breaches of protected health information. JAMIA Open, 1(1), 15-19.
[36] Rothrock, R. A., Kaplan, J., & Van der Oord, E. (2017, November 16). The board’s role in managing cybersecurity risks. MIT Sloan Management Review
[37] Sadakova, Y. (2015, June). Ask your insurance provider about cyber security. Benefits Canada, 39(6), S16. Retrieved from https://link-gale-com.librarylogin.suagm.edu/apps/doc/A422529102/AONE?u=turabo&sid=AONE&xid=7bd108bf
[38] Schaeffer, T., Brown, B., et.al. (2017). Cybersecurity: Common Risks. Strategic Finance, p. 54-61.
[39] Strauss, L. (2015). Protected Health Information in an Emergency. Journal of Health Care Compliance, p.59-60, 68.
[40] Tschider, C. A. (2017). Enhancing cybersecurity for the digital health marketplace. Annals Health L., 26, 1
[41] Wendling, P. (2015, May). Cyber thieves exploiting health care security gaps. OB GYN News, 50(5), 29. Retrieved from https://link-gale-com.librarylogin.suagm.edu/apps/doc/A417310151/AONE?u=turabo&sid=AONE&xid=2e62cac0
[42] Yang, H., & Garibaldi, J. M. (2015). Automatic detection of protected health information from clinic narratives. Journal of biomedical informatics, 58, S30-S38.