Cybersecurity interventions in low- and middle-income country healthcare organizations: A scoping review (Preprint)

Abstract

Healthcare organizations globally have seen a significant increase in the frequency of cyber-attacks in recent years. Cyber-attacks cause massive disruption to health service delivery and directly impact patient safety through disruption and treatment delays. Given increasing cyber-attacks in low- and middle-income countries (LMICs), there is a need to explore the interventions put in place to plan for cyber-attacks and develop cyber-resilience.

To describe cybersecurity interventions implemented in LMICs to date and to evaluate their impact on the likelihood and impact of attacks. Secondary objective was to describe the main barriers and facilitators for the implementation of such interventions, where reported.

A systematic search of the literature published between January 2017 and September 2022 was performed on Ovid Medline, Embase, Global Health and Scopus, using a combination of controlled terms and free text. A search of grey literature within the same time parameters was undertaken on the websites of relevant stakeholder organizations to identify possible additional studies that meet the inclusion criteria. Findings from included papers were mapped against dimension areas of the Essentials of Cybersecurity for Healthcare Organizations (ECHO framework) and presented as a narrative synthesis.

Seventeen studies were included in this review. The sample size of the majority of studies (58.8%) was 1-5 facilities and the studies were conducted in 13 countries. Studies were categorized into the thematic dimensions of the ECHO framework, including Context; Governance; Organizational strategy; Risk management; Awareness, education, and training; and Technical capabilities. Few studies (29.4%) discussed cybersecurity intervention(s) as the primary focus of the paper and so information on intervention(s) implemented had to be deduced. There was no attempt to report on the impact and outcomes in all but one paper. Facilitators and barriers identified were grouped and presented across national/regional, organizational, and individual staff levels.

The scoping review findings highlight the limited body of research published on cybersecurity interventions implemented in healthcare organizations in LMICs and large heterogeneity across existing studies in interventions, research objectives, methods, and outcome measures used. The impact of cybersecurity interventions on likelihood and impact of cyber-attacks remains unclear. Future research should specifically focus on the evaluation of cybersecurity interventions and objectively evaluate their impact to build a robust evidence base to inform evidence-based policy and practice.