Health Care Cybersecurity Challenges and Solutions Under the Climate of COVID-19: Scoping Review

He, Ying; Aliyu, Aliyu; Evans, Mark; Luo, Cunjin

doi:10.2196/21747

Cited by 109 publications

(86 citation statements)

References 70 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The abrupt changes to teleworking made it challenging to immediately respond to such considerations' various technicalities for technical security controls. Various research has pinpointed the technical controls as a requirement of teleworking [7,13]. However, our research showed that in practice, technical security does not always stem from the organizational premises, but the chain of stakeholders' IT devices and infrastructure should be focused on too.…”

Section: Discussionmentioning

confidence: 76%

“…The COVID-19 pandemic significantly impacted employees' working habits, and those changes are likely to last long. The increased popularity of teleworking correlates with the alarming surge of cyberattacks, making it challenging for organizations to ensure information assets are well protected [9,10,13,14]. However, research in this area lacks empirical studies on how such challenges surfaced during the practice of managing information security during the teleworking shift of the COVID-19 pandemic.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Challenges of Managing Information Security during the Pandemic

Mannebäck

Padyab

2021

Challenges

View full text Add to dashboard Cite

The COVID-19 pandemic of 2019 surprised information security practitioners in the organizations due to the change imposed on employees’ work routines. Employees were asked to work from home, and therefore changes were necessary to reduce information security risks actively. The abrupt change of work environments brought many challenges to the practitioners, which caused them to make decisions regarding organizational information security. This article aims to uncover those challenges through an ethnography study within an organization during the fourteen months of teleworking. On an overarching level, we found four challenges to be of concern: technical security, regulations and policies, employee awareness of security issues, and, finally, preparedness for the new work environment of teleworking. We believe that the challenges brought by the analysis will inspire discussions about the future of research and practice regarding information security management in case of disasters.

show abstract

Section: Discussionmentioning

confidence: 76%

Section: Introductionmentioning

confidence: 99%

Challenges of Managing Information Security during the Pandemic

Mannebäck

Padyab

2021

Challenges

View full text Add to dashboard Cite

show abstract

“…This worsened when COVID-19 suddenly hit the world. Issues that require immediate attention have been exposed and have led to serious problems such as disrupted services, expensive payments to ransomware attackers, compromised health records being sold on the black market, and availability of essential health care services [ 26 , 27 ]. The big data that the healthcare sector holds has become a lucrative source for ransom and attackers are taking advantage of this pandemic.…”

Section: Introductionmentioning

confidence: 99%

Addressing the Challenges of Electronic Health Records Using Blockchain and IPFS

Pilares

Azam

Akbulut

et al. 2022

Sensors

View full text Add to dashboard Cite

Electronic Health Records (EHR) are the healthcare sector’s core digital strategy meant to improve the quality of care provided to patients. Despite the benefits afforded by this digital transformation initiative, adoption among healthcare organizations has been slower than desired. The sheer volume and sensitive nature of patient records compel these organizations to exercise a healthy amount of caution in implementing EHR. Cyberattacks have also increased the risks associated with non-optimal EHR implementations. An influx of high-profile data breaches has plagued the sector during the COVID-19 pandemic, which put the spotlight on EHR cybersecurity. One objective of this research project is to aid the acceleration of EHR adoption. Another objective is to ensure the robustness of the system to resist malicious attacks. For the former, a systematic review was used to unearth all the possible causes why the adoption of EHR has been anemic. In this paper, sixty-five existing proposed EHR solutions were analyzed and it was found that there are fourteen major challenges that need to be addressed to reduce friction and risk for health organizations. These were privacy, security, confidentiality, interoperability, access control, scalability, authentication, accessibility, availability, data storage, data ownership, data validity, data integrity, and ease of use. We propose EHRChain, a new framework that tackles all the listed challenges simultaneously to address the first objective while also being designed to achieve the second objective. It is enabled by dual-blockchains based on Hyperledger Sawtooth to allow patient data decentralization via a consortium blockchain and IPFS for distributed data storage.

show abstract

“…In addition, other researchers have presented reviews about the country-specific privacy-protection methods used in the COVID-19 era [28]- [30]. Furthermore, some surveys have been published on the quantification of privacy risks [31], as to the nature of digital solutions (e.g., centralized or decentralized) [32], on the (non)acceptability of digital apps [33], on emerging technologies' privacy issues in COVID-19 context [34], about privacy controversies towards aggressive use of information technology amid the pandemic [35], and on healthcare privacy challenges in COVID-19 period [36].…”

Section: Introductionmentioning

confidence: 99%

A Comprehensive Analysis of Privacy Protection Techniques Developed for COVID-19 Pandemic

Majeed

Hwang

2021

IEEE Access

View full text Add to dashboard Cite

Since the emergence of coronavirus disease-2019 (COVID-19) outbreak, every country has implemented digital solutions in the form of mobile applications, web-based frameworks, and/or integrated platforms in which huge amounts of personal data are collected for various purposes (e.g., contact tracing, suspect search, and quarantine monitoring). These systems not only collect basic data about individuals but, in most cases, very sensitive data like their movements, spatio-temporal activities, travel history, visits to churches/clubs, purchases, and social interactions. While collection and utilization of person-specific data in different contexts is essential to limiting the spread of COVID-19, it increases the chances of privacy breaches and personal data misuse. Recently, many privacy protection techniques (PPTs) have been proposed based on the person-specific data included in different data types (e.g., tables, graphs, matrixes, barcodes, and geospatial data), and epidemic containment strategies (ECSs) (contact tracing, quarantine monitoring, symptom reports, etc.) in order to minimize privacy breaches and to permit only the intended uses of such personal data. In this paper, we present an extensive review of the PPTs that have been recently proposed to address the diverse privacy requirements/concerns stemming from the COVID-19 pandemic. We describe the heterogeneous types of data collected to control this pandemic, and the corresponding PPTs, as well as the paradigm shifts in personal data handling brought on by this pandemic. We systemically map the recently proposed PPTs into various ECSs and data lifecycle phases, and present an in-depth review of existing PPTs and evaluation metrics employed for analysis of their suitability. We describe various PPTs developed during the COVID-19 period that leverage emerging technologies, such as federated learning, blockchain, privacy by design, and swarm learning, to name a few. Furthermore, we discuss the challenges of preserving individual privacy during a pandemic, the role of privacy regulations/laws, and promising future research directions. With this article, our aim is to highlight the recent PPTs that have been specifically proposed for the COVID-19 arena, and point out research gaps for future developments in this regard.

show abstract

Health Care Cybersecurity Challenges and Solutions Under the Climate of COVID-19: Scoping Review

Cited by 109 publications

References 70 publications

Challenges of Managing Information Security during the Pandemic

Challenges of Managing Information Security during the Pandemic

Addressing the Challenges of Electronic Health Records Using Blockchain and IPFS

A Comprehensive Analysis of Privacy Protection Techniques Developed for COVID-19 Pandemic

Contact Info

Product

Resources

About