Influence of Human Factors on Cyber Security within Healthcare Organisations: A Systematic Review
This systematic review highlights the critical role of human factors in bolstering cybersecurity within the healthcare industry, especially in the face of increasing digital transformation. With the rapid adoption of digital technologies in healthcare, catalyzed by the COVID-19 pandemic, there’s an expedited shift towards digitalizing patient records and employing networked medical devices, thus elevating the risk of cyber threats. The review delves into how the integration of information and communication technology in healthcare is reshaping service delivery, while also acknowledging the heightened vulnerability to cyber crimes like ransomware attacks, which exploit both system and human weaknesses. It emphasizes the importance of cybersecurity awareness and training programs for healthcare professionals to mitigate risks associated with cyber threats, suggesting that human behavior plays a pivotal role in the efficacy of cyber defenses.
Furthermore, the review consolidates findings from various studies to underscore the necessity of organizational and national strategies in strengthening cybersecurity frameworks. It suggests that effective cybersecurity within healthcare hinges on comprehensive risk assessments, adoption of governance strategies, and significant investments in ICT infrastructure. However, the successful mitigation of cyber risks largely depends on the healthcare workforce’s awareness and response to cyber threats, underscoring the need for continuous education on cyber hygiene and risk management. The systematic review advocates for a unified approach in developing cybersecurity awareness programs and emphasizes the collaborative efforts required at both organizational and national levels to enhance cyber resilience in the healthcare sector. Future research directions include developing standardized training methodologies, objective evaluation metrics for training effectiveness, and a concerted effort to promote cyber hygiene practices across the healthcare industry.
