Cybersecurity in Healthcare: Comparing Cybersecurity Maturity and Experiences Across Global Healthcare Organizations

Abstract

Health systems around the world are increasingly reliant on digital technology. Such reliance requires that healthcare organizations consider effective cybersecurity and digital resilience as a fundamental component of patient safety, with recent cyberattacks highlighting the risks to patients and targeted organizations. To better understand how well-prepared organizations are to meet this challenge we developed and administered a survey to examine the current cybersecurity landscape and preparedness level across global healthcare organizations. Cyber threats were a common concern for the 17 healthcare organizations who participated. The principal concerns highlighted were data security, including the manipulation or loss of electronic health records; loss of trust in the organization; and risks of service disruption. Cybersecurity maturity scoring showed that despite the majority of organizations having established cybersecurity practices, levels of awareness and education were universally poor. Policymakers should consider raising awareness and improving education/training on cybersecurity as a fundamental tenet of patient safety.Funding Statement: This work was supported by the World Innovation Summit for Health (WISH), Qatar Foundation. Infrastructure support for this research was provided by the NIHR Imperial Biomedical Research Centre (BRC).Declaration of Interests: The authors declare no conflicts of interest associated with this research.Ethics Approval Statement: The research protocol was reviewed and institutional; ethical approval was granted by the Imperial College London Joint Research Compliance Office (JRCO).