Explore our sister journals here.

Maintenance Notice

Due to necessary scheduled maintenance, the JMIR Publications website will be unavailable from Wednesday, July 01, 2020 at 8:00 PM to 10:00 PM EST. We apologize in advance for any inconvenience this may cause you.

Who will be affected?

Accepted for/Published in: JMIR Formative Research

Date Submitted: Aug 6, 2022
Date Accepted: May 10, 2023

The final, peer-reviewed published version of this preprint can be found here:

Economic Impact of a Hospital Cyberattack in a National Health System: Descriptive Case Study

Portela D, Nogueira Leite D, Almeida R, Cruz-Correia R

Economic Impact of a Hospital Cyberattack in a National Health System: Descriptive Case Study

JMIR Form Res 2023;7:e41738

DOI: 10.2196/41738

PMID: 37389934

PMCID: 10365569

Warning: This is an author submission that is not peer-reviewed or edited. Preprints - unless they show as "accepted" - should not be relied on to guide clinical practice or health-related behavior and should not be reported in news media as established information.

Cybersecurity economic impact estimation on the Portuguese National Health System

  • Diana Portela; 
  • Diogo Nogueira Leite; 
  • Rafael Almeida; 
  • Ricardo Cruz-Correia

ABSTRACT

Background:

Following the recent cyberattack on a mid-level hospital in Portugal (around five years later first major cyberattack on an institution of the National Health Service on a scale this group of scientists was dedicated to estimating the economic impact of cyberattacks on the Portuguese health system.

Objective:

In the absence of public information on the cyberattacks that occurred, we aim, while using public domain data, to (i) identify the data breaches on the Portugues National Health System since 2017 and (ii) estimate and measure its economic impact using an attack simulation as a case study.

Methods:

Facing unavailable public domain data to sustain such information as a pressing constraint, we hypothesize such attack to support our estimates for our calculations.

Results:

As a result, we estimated a daily cost impact which highlights that, for an institution with HGO (served population of ca. 350,000 people), postponing 50% of external consultations (amounting to a yearly contract value of €22,700,338.00) may have a daily cost impact of 45,400.66 € to the institution. We further developed an open source Economic Impact Simulator on healthcare cyber-attacks.

Conclusions:

Our study demonstrates the importance of adopting effective preventive and reactive strategies, such as contingency plans, as well as a superior investment in improving cybersecurity capabilities in this critical area.


 Citation

Please cite as:

Portela D, Nogueira Leite D, Almeida R, Cruz-Correia R

Economic Impact of a Hospital Cyberattack in a National Health System: Descriptive Case Study

JMIR Form Res 2023;7:e41738

DOI: 10.2196/41738

PMID: 37389934

PMCID: 10365569

Download PDF


Request queued. Please wait while the file is being generated. It may take some time.

© The authors. All rights reserved. This is a privileged document currently under peer-review/community review (or an accepted/rejected manuscript). Authors have provided JMIR Publications with an exclusive license to publish this preprint on it's website for review and ahead-of-print citation purposes only. While the final peer-reviewed paper may be licensed under a cc-by license on publication, at this stage authors and publisher expressively prohibit redistribution of this draft paper other than for review purposes.