Mohammad S Jalali1, Bethany Russell1, Sabina Razak1, William J Gordon2,3,4. 1. MIT Sloan School of Management, Massachusetts Institute of Technology, Cambridge, Massachusetts, USA. 2. Division of General Internal Medicine, Department of Medicine, Brigham & Women's Hospital, Boston, Massachusetts, USA. 3. Partners Healthcare, Boston, Massachusetts, USA. 4. Harvard Medical School, Harvard University, Boston, Massachusetts, USA.
Abstract
Background: Connected medical devices and electronic health records have added important functionality to patient care, but have also introduced a range of cybersecurity concerns. When a healthcare organization suffers from a cybersecurity incident, its incident response strategies are critical to the success of its recovery. Objective: In this article, we identify gaps in research concerning cybersecurity response plans in healthcare. Through a systematic literature review, we develop aggregated strategies that professionals can use to construct better response strategies in their organizations. Methods: We reviewed journal articles on cyber incident response plans in healthcare published in PubMed and Web of Science. We sought to collect articles on the intersection of cybersecurity and healthcare that focused on incident response strategies. Results: We identified and reviewed 13 articles for cybersecurity response recommendations. We then extracted information such as research methods, findings, and implications. Finally, we synthesized the recommendations into a framework of eight aggregated response strategies (EARS) that fall under managerial and technological categories. Conclusions: We conducted a systematic review of the literature on cybersecurity response plans in healthcare and developed a novel framework for response strategies that could be deployed by healthcare organizations. More work is needed to evaluate incident response strategies in healthcare.
Background: Connected medical devices and electronic health records have added important functionality to patient care, but have also introduced a range of cybersecurity concerns. When a healthcare organization suffers from a cybersecurity incident, its incident response strategies are critical to the success of its recovery. Objective: In this article, we identify gaps in research concerning cybersecurity response plans in healthcare. Through a systematic literature review, we develop aggregated strategies that professionals can use to construct better response strategies in their organizations. Methods: We reviewed journal articles on cyber incident response plans in healthcare published in PubMed and Web of Science. We sought to collect articles on the intersection of cybersecurity and healthcare that focused on incident response strategies. Results: We identified and reviewed 13 articles for cybersecurity response recommendations. We then extracted information such as research methods, findings, and implications. Finally, we synthesized the recommendations into a framework of eight aggregated response strategies (EARS) that fall under managerial and technological categories. Conclusions: We conducted a systematic review of the literature on cybersecurity response plans in healthcare and developed a novel framework for response strategies that could be deployed by healthcare organizations. More work is needed to evaluate incident response strategies in healthcare.
Authors: Niraj Varma; Iwona Cygankiewicz; Mintu P Turakhia; Hein Heidbuchel; Yu-Feng Hu; Lin Yee Chen; Jean-Philippe Couderc; Edmond M Cronin; Jerry D Estep; Lars Grieten; Deirdre A Lane; Reena Mehra; Alex Page; Rod Passman; Jonathan P Piccini; Ewa Piotrowicz; Ryszard Piotrowicz; Pyotr G Platonov; Antonio Luiz Ribeiro; Robert E Rich; Andrea M Russo; David Slotwiner; Jonathan S Steinberg; Emma Svennberg Journal: Circ Arrhythm Electrophysiol Date: 2021-02-12
Authors: Niraj Varma; Iwona Cygankiewicz; Mintu P Turakhia; Hein Heidbuchel; Yufeng Hu; Lin Yee Chen; Jean-Philippe Couderc; Edmond M Cronin; Jerry D Estep; Lars Grieten; Deirdre A Lane; Reena Mehra; Alex Page; Rod Passman; Jonathan P Piccini; Ewa Piotrowicz; Ryszard Piotrowicz; Pyotr G Platonov; Antonio Luiz Ribeiro; Robert E Rich; Andrea M Russo; David Slotwiner; Jonathan S Steinberg; Emma Svennberg Journal: Cardiovasc Digit Health J Date: 2021-01-29
Authors: Mohammad S Jalali; Sabina Razak; William Gordon; Eric Perakslis; Stuart Madnick Journal: J Med Internet Res Date: 2019-02-15 Impact factor: 5.428