Abstract
The aim of the research described in this paper was to develop a cyber security survey for the purpose of assessing the state of cyber security controls in a selection of healthcare organisations in South Australia. To achieve this aim, a gap analysis was conducted, using the collected data, that identified cyber security controls which had not been implemented satisfactorily, according to management. An acceptable level of cyber security is dependent on a specific set of controls that should have been implemented in order to maintain the Confidentiality, Integrity and Availability (CIA) of digital healthcare data and the risk appetite of the organisations. Specifically, in this case, healthcare management was concerned about the increasing number of cyber threats to Patient Health Information (PHI). In this era of a connected world, information is highly sought after and vulnerable to cyber security breaches. In this context, cyber security can be seen to be very similar to personal hygiene, such that, personal hygiene is only achieved if the appropriate practices, routines, actions, and behaviours are in place.
Keywords
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Andre, T.: Cybersecurity an enterprise risk issue. Healthc. Financ. Manag. 71(2), 40–46 (2017)
Australian Cyber Security Centre (ACSC) (2020). https://www.cyber.gov.au/acsc/view-all-content/advisories/2020-013-ransomware-targeting-australian-aged-care-and-healthcare-sectors
Coventry, L., Branley, D.: Cybersecurity in healthcare: a narrative review of trends, threats and ways forward. Maturitas 113, 48–52 (2018)
CyberCheck.me (2020). Cyber Guides. https://www.cybercheck.me/cyber-guides.html
Edith Cowan University (2020). Cyber Hints and Tips. https://www.ecu.edu.au/schools/science/research-activity/ecu-security-research-institute/cybercheckme/cyber-hints-and-tips.
Eddy, N.: Healthcare IT news (2019). https://www.healthcareit.com.au/article/healthcare-leads-data-breaches-security-issues-report-finds
Ehrenfeld, J.M.: Wannacry, cybersecurity and health information technology: a time to act. J. Med. Syst. 41(7), 104 (2017)
Jalali, M.S., Razak, S., Gordon, W., Perakslis, E., Madnick, S.: Health care and cybersecurity: bibliometric analysis of the literature. J. Med. Internet Res. 21(2), e12644 (2019)
Kiresuk, T.J., Lund, S.H.: Goal attainment scaling: a medical-correctional application. Med. L. 1, 227 (1982)
Kiresuk, T.J., Smith, A., Cardillo, J.E. (eds.): Goal Attainment Scaling: Applications, Theory, and Measurement. Psychology Press, London (2014)
Livingstone, T.: 9News (2020). https://www.9news.com.au/national/cyber-attacks-australia-sixth-most-hacked-country-in-world-new-data-reveals/4a762e06-9342-4c8a-a7af-1632a1d1042a
Love, A.J.: Internal Evaluation: Building Organizations from Within. Sage Publications, Newbury Park (1991)
OAIC. Notifiable Data Breaches Report: January–June 2020 (2021). https://www.oaic.gov.au/privacy/notifiable-data-breaches/notifiable-data-breaches-statistics/notifiable-data-breaches-report-january-june-2020/#malicious-or-criminal-attack-breaches-top-five-industry-sectors
Offner, K.L., Sitnikova, E., Joiner, K., MacIntyre, C.R.: Towards understanding cybersecurity capability in Australian healthcare organisations: a systematic review of recent trends, threats and mitigation. Intell. Natl. Secur. 35(4), 556–585 (2020)
Pattinson, M.R.: Evaluating Information System Security: An Application of Goal Attainment Scaling. Doctoral dissertation, Flinders University of South Australia, School of Commerce (2001)
Towell, R.: Fears that patients' personal medical information has been leaked in Medicare data breach. The Sydney Morning Herald (2016). https://www.smh.com.au/public-service/privacy-watchdog-called-after-health-department-data-breach-20160929-grr2m1.html
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 IFIP International Federation for Information Processing
About this paper
Cite this paper
Ravidas, D., Pattinson, M.R., Oliver, P. (2021). Cyber Security in Healthcare Organisations. In: Furnell, S., Clarke, N. (eds) Human Aspects of Information Security and Assurance. HAISA 2021. IFIP Advances in Information and Communication Technology, vol 613. Springer, Cham. https://doi.org/10.1007/978-3-030-81111-2_1
Download citation
DOI: https://doi.org/10.1007/978-3-030-81111-2_1
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-81110-5
Online ISBN: 978-3-030-81111-2
eBook Packages: Computer ScienceComputer Science (R0)