Information security and privacy in hospitals : a literature mapping and review of research gaps
- Author
- Steve Ahouanmenou (UGent) , Amy Van Looy (UGent) and Geert Poels (UGent)
- Organization
- Abstract
- Information security and privacy are matters of concern in every industry. The healthcare sector has lagged in terms of implementing cybersecurity measures. Therefore, hospitals are more exposed to cyber events due to the criticality of patient data. Currently, little is known about state-of-the-art research on information security and privacy in hospitals. The purpose of this study is to report the outcome of a systematic literature review on research about the application of information security and privacy in hospitals. A systematic literature review following the PRISMA methodology was conducted. To reference our sample according to cybersecurity domains, we benchmarked each article against two cybersecurity frameworks: ISO 27001 Annex A and the NIST framework core. Limited articles in our papers referred to the policies and compliance sections of ISO 27001. In addition, most of our sample is classified by the NIST function "Protect," meaning activities related to identity management, access control and data security. Furthermore, we have identified key domains where research in security and privacy are critical, such as big data, IOT, cloud computing, standards and regulations. The results indicate that although cybersecurity is a growing concern in hospitals, research is still weak in some areas. Considering the recrudescence of cyber-attacks in the healthcare sector, we call for more research in hospitals in managerial and non-technical domains of information security and privacy that are uncovered by our analysis.
- Keywords
- CARE, CYBERSECURITY, ISSUES, TECHNOLOGY, THREATS, Healthcare, cybersecurity, privacy, SLR, research agenda
Downloads
-
AAM.pdf
- full text (Accepted manuscript)
- |
- open access
- |
- |
- 1.45 MB
Citation
Please use this url to cite or link to this publication: http://hdl.handle.net/1854/LU-8748326
- MLA
- Ahouanmenou, Steve, et al. “Information Security and Privacy in Hospitals : A Literature Mapping and Review of Research Gaps.” INFORMATICS FOR HEALTH & SOCIAL CARE, vol. 48, no. 1, 2023, pp. 30–46, doi:10.1080/17538157.2022.2049274.
- APA
- Ahouanmenou, S., Van Looy, A., & Poels, G. (2023). Information security and privacy in hospitals : a literature mapping and review of research gaps. INFORMATICS FOR HEALTH & SOCIAL CARE, 48(1), 30–46. https://doi.org/10.1080/17538157.2022.2049274
- Chicago author-date
- Ahouanmenou, Steve, Amy Van Looy, and Geert Poels. 2023. “Information Security and Privacy in Hospitals : A Literature Mapping and Review of Research Gaps.” INFORMATICS FOR HEALTH & SOCIAL CARE 48 (1): 30–46. https://doi.org/10.1080/17538157.2022.2049274.
- Chicago author-date (all authors)
- Ahouanmenou, Steve, Amy Van Looy, and Geert Poels. 2023. “Information Security and Privacy in Hospitals : A Literature Mapping and Review of Research Gaps.” INFORMATICS FOR HEALTH & SOCIAL CARE 48 (1): 30–46. doi:10.1080/17538157.2022.2049274.
- Vancouver
- 1.Ahouanmenou S, Van Looy A, Poels G. Information security and privacy in hospitals : a literature mapping and review of research gaps. INFORMATICS FOR HEALTH & SOCIAL CARE. 2023;48(1):30–46.
- IEEE
- [1]S. Ahouanmenou, A. Van Looy, and G. Poels, “Information security and privacy in hospitals : a literature mapping and review of research gaps,” INFORMATICS FOR HEALTH & SOCIAL CARE, vol. 48, no. 1, pp. 30–46, 2023.
@article{8748326, abstract = {{Information security and privacy are matters of concern in every industry. The healthcare sector has lagged in terms of implementing cybersecurity measures. Therefore, hospitals are more exposed to cyber events due to the criticality of patient data. Currently, little is known about state-of-the-art research on information security and privacy in hospitals. The purpose of this study is to report the outcome of a systematic literature review on research about the application of information security and privacy in hospitals. A systematic literature review following the PRISMA methodology was conducted. To reference our sample according to cybersecurity domains, we benchmarked each article against two cybersecurity frameworks: ISO 27001 Annex A and the NIST framework core. Limited articles in our papers referred to the policies and compliance sections of ISO 27001. In addition, most of our sample is classified by the NIST function "Protect," meaning activities related to identity management, access control and data security. Furthermore, we have identified key domains where research in security and privacy are critical, such as big data, IOT, cloud computing, standards and regulations. The results indicate that although cybersecurity is a growing concern in hospitals, research is still weak in some areas. Considering the recrudescence of cyber-attacks in the healthcare sector, we call for more research in hospitals in managerial and non-technical domains of information security and privacy that are uncovered by our analysis.}}, author = {{Ahouanmenou, Steve and Van Looy, Amy and Poels, Geert}}, issn = {{1753-8157}}, journal = {{INFORMATICS FOR HEALTH & SOCIAL CARE}}, keywords = {{CARE,CYBERSECURITY,ISSUES,TECHNOLOGY,THREATS,Healthcare,cybersecurity,privacy,SLR,research agenda}}, language = {{eng}}, number = {{1}}, pages = {{30--46}}, title = {{Information security and privacy in hospitals : a literature mapping and review of research gaps}}, url = {{http://doi.org/10.1080/17538157.2022.2049274}}, volume = {{48}}, year = {{2023}}, }
- Altmetric
- View in Altmetric
- Web of Science
- Times cited: