JMIR Publications

ABSTRACT

Background:

Over the past decade, clinical care has become globally dependent on information technology. The cybersecurity of healthcare information systems is now an essential component of safe, reliable, and effective healthcare delivery.

Objective:

The objective of this study is to provide an overview of the literature at the intersection of cybersecurity and healthcare delivery.

Methods:

A comprehensive search was conducted using PubMed and Web of Science (WoS) for English-language peer-reviewed articles. We carried out chronological analysis, domain clustering analysis, and text analysis of the included articles to generate a high-level concept map composed of specific words and the connections between them.

Results:

Our final sample included 472 English-language journal articles. Our review results revealed that the majority of articles are focused on technology: Technology-focused articles made up more than half of all the clusters, while only 32% were managerial. This focus on the technological aspects of cybersecurity suggests that non-technological variables (human-based and organizational aspects, strategy and management) may be understudied. Also, software development security, business continuity, and disaster recovery planning each accounted for 3% of the studied articles. Our results also show that physical security is lacking in research, with only 1% of the literature being categorized as such. Cyber vulnerabilities are not all digital. Many physical threats contribute to breaches, and these threats potentially affect the physical safety of patients.

Conclusions:

Our results revealed an overall increase in research in this area, and identified major gaps and opportunities for future work.