A systematic literature review on cybersecurity threats to healthcare data and mitigation strategies

Abstract

The incidence of cyberattacks on healthcare institutions has seen a steady increase over the years, with a massive increase of 42% in 2020. More specifically, INTERPOL reported a substantial increase in ransomware attacks on healthcare institutions at the height of the Covid-19 pandemic. This increase can be attributed to the rise in the adoption of digital technologies, such as the Medical Internet of Things (MIoT), to support healthcare services. The sensitive nature of healthcare data and the volume of data handled by healthcare institutions make them attractive to cybercriminals. When compared to financial data, healthcare data has more value on the dark web. Because a cyberattack on healthcare data could have far-reaching consequences, healthcare institutions should have effective strategies to safeguard unauthorized access. This paper presents the results of a systematic literature review (SLR) that investigated the strategies that can be used to mitigate cybersecurity threats to healthcare data. Forty-one research papers retrieved from three databases were analyzed based on specific inclusion/exclusion criteria. Synthesis of the sources yielded three main themes, namely, (i) emerging technology trends that contribute to cybersecurity vulnerability in the healthcare sector, (ii) current cybersecurity challenges in the healthcare sector, and (iii) cybersecurity countermeasures and mitigation strategies. The research results showed that a holistic approach that incorporates people, technology and adherence to regulations is required to mitigate cybersecurity threats in the healthcare sector. The study has implications for policymakers, vendors/designers of healthcare technologies, and healthcare institution managers.