BACKGROUND Healthcare organizations globally have seen a significant increase in the frequency of cyber-attacks in recent years. Cyber-attacks cause massive disruption to health service delivery and directly impact patient safety through disruption and treatment delays. Given increasing cyber-attacks in low- and middle-income countries (LMICs), there is a need to explore the interventions put in place to plan for cyber-attacks and develop cyber-resilience. OBJECTIVE To describe cybersecurity interventions implemented in LMICs to date and to evaluate their impact on the likelihood and impact of attacks. Secondary objective was to describe the main barriers and facilitators for the implementation of such interventions, where reported. METHODS A systematic search of the literature published between January 2017 and September 2022 was performed on Ovid Medline, Embase, Global Health and Scopus, using a combination of controlled terms and free text. A search of grey literature within the same time parameters was undertaken on the websites of relevant stakeholder organizations to identify possible additional studies that meet the inclusion criteria. Findings from included papers were mapped against dimension areas of the Essentials of Cybersecurity for Healthcare Organizations (ECHO framework) and presented as a narrative synthesis. RESULTS Seventeen studies were included in this review. The sample size of the majority of studies (58.8%) was 1-5 facilities and the studies were conducted in 13 countries. Studies were categorized into the thematic dimensions of the ECHO framework, including Context; Governance; Organizational strategy; Risk management; Awareness, education, and training; and Technical capabilities. Few studies (29.4%) discussed cybersecurity intervention(s) as the primary focus of the paper and so information on intervention(s) implemented had to be deduced. There was no attempt to report on the impact and outcomes in all but one paper. Facilitators and barriers identified were grouped and presented across national/regional, organizational, and individual staff levels. CONCLUSIONS The scoping review findings highlight the limited body of research published on cybersecurity interventions implemented in healthcare organizations in LMICs and large heterogeneity across existing studies in interventions, research objectives, methods, and outcome measures used. The impact of cybersecurity interventions on likelihood and impact of cyber-attacks remains unclear. Future research should specifically focus on the evaluation of cybersecurity interventions and objectively evaluate their impact to build a robust evidence base to inform evidence-based policy and practice.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.