Background: Cybersecurity attacks in healthcare have increased in number and severity over the last decade. Healthcare targets are ten times more valuable than financial targets because of the potential for fraudulent medical claims. Medical providers and administrators must ensure their IT professionals constantly scan the internal and external environment for techniques to prevent, detect, respond, and report cyberattacks. This review provides a scan of the literature. Objectives: To review the literature for over 10 years for techniques for prevention, detection, response, and reporting of cyberattacks. An extended objective was to collect the effect on patient care that has been documented from cyberattacks. Methods: Following a published protocol and reporting standard, this systematic literature review queried four research databases for published works that described cybersecurity in healthcare. Grey literature was included. Results: Twenty-two articles provided 139 observations and 13 themes that described current techniques to secure the healthcare infrastructure. These articles stressed the importance of a trained workforce and a cyber-aware culture. Conclusion: IT professionals must adopt techniques that form proper organizational cyber resiliency and augment security through monitoring tools, standard IT maintenance and practice, encryption and Data Loss Prevention, risk-based management, Artificial Intelligence, Explainable AI, active AI, network segmentation, governance and leadership, disabling legacy protocols and systems that cannot be updated, post-event analysis, and big data.
Kruse et al. (Tue,) studied this question.