Skip to main page content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.

Https

The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

Access keys NCBI Homepage MyNCBI Homepage Main Content Main Navigation
. 2019 Jan 1;26(1):81-90.
doi: 10.1093/jamia/ocy148.

EARS to cyber incidents in health care

Mohammad S Jalali  1 Bethany Russell  1 Sabina Razak  1 William J Gordon  2   3   4
Affiliations

EARS to cyber incidents in health care

Mohammad S Jalali et al. J Am Med Inform Assoc. .

Abstract

Background: Connected medical devices and electronic health records have added important functionality to patient care, but have also introduced a range of cybersecurity concerns. When a healthcare organization suffers from a cybersecurity incident, its incident response strategies are critical to the success of its recovery.

Objective: In this article, we identify gaps in research concerning cybersecurity response plans in healthcare. Through a systematic literature review, we develop aggregated strategies that professionals can use to construct better response strategies in their organizations.

Methods: We reviewed journal articles on cyber incident response plans in healthcare published in PubMed and Web of Science. We sought to collect articles on the intersection of cybersecurity and healthcare that focused on incident response strategies.

Results: We identified and reviewed 13 articles for cybersecurity response recommendations. We then extracted information such as research methods, findings, and implications. Finally, we synthesized the recommendations into a framework of eight aggregated response strategies (EARS) that fall under managerial and technological categories.

Conclusions: We conducted a systematic review of the literature on cybersecurity response plans in healthcare and developed a novel framework for response strategies that could be deployed by healthcare organizations. More work is needed to evaluate incident response strategies in healthcare.

PubMed Disclaimer

Figures

Figure 1.
Figure 1.
Search method and inclusion process.
Figure 2.
Figure 2.
Eight aggregated response strategies (EARS) framework for cyber incidents. *This component is both managerial and technological. **This component is both pre- and post-incidental.
Figure 3.
Figure 3.
Quality assessment of study methods.
See this image and copyright information in PMC

References

    1. Gordon WJ, Fairhall A, Landman A.. Threats to information security—public health implications. N Engl J Med 2017; 3778: 707–9. - PubMed
    1. Perakslis ED. Cybersecurity in health care. N Engl J Med 2014; 3715: 395–7. - PubMed
    1. Larsen E, Fong A, Wernz C, et al. Implications of electronic health record downtime: an analysis of patient safety event reports. J Am Med Inform Assoc 2018; 252: 187–91. - PMC - PubMed
    1. Jalali MS, Razak S, Gordon W.. Health care and cybersecurity: a bibliometric analysis of the literature. JMIR Preprints. 31/10/2018:12644 DOI: 10.2196/preprints.12644. https://preprints.jmir.org/preprint/12644 - PMC - PubMed
    1. Werlinger R, Muldner K, Hawkey K, et al. Preparation, detection, and analysis: the diagnostic work of IT security incident response. Inform Manag Comp Security 2010; 181: 26–42.

Publication types

MeSH terms