Cybersecurity risk analysis in healthcare institutions

Abstract Introduction The growing digitization of businesses and its increasing dependence on Internet infrastructure has boosted the concerns related to data privacy and confidentiality. Healthcare institutions have been challenged with specific issues, namely the sensitivity of data, the specifici...

Full description

Saved in:
Bibliographic Details
Published in:European journal of public health 2020-06, Vol.30 (Supplement_2)
Main Authors: Nunes, P, Antunes, M, Silva, C
Format: Article
Language:English
Subjects:
Attitudes
Computer networks
Confidentiality
Crime
Cybercrime
Cybersecurity
Gender
Health care
Health services
Information technology
Institutions
Internet
Medical personnel
Organizational aspects
Professionals
Public health
Risk analysis
Statistical analysis
Online Access:Request full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Abstract Introduction The growing digitization of businesses and its increasing dependence on Internet infrastructure has boosted the concerns related to data privacy and confidentiality. Healthcare institutions have been challenged with specific issues, namely the sensitivity of data, the specificity of networked equipment and the average information technology skills held by of healthcare professionals in Portugal. Objectives To understand the relationship level established by healthcare professionals with the information security by assessing attitudes and behaviours in cybersecurity; to identify risks and actions that may be taken to enhance the healthcare professional’s cybersecurity awareness. Methodology The study consists in translating, adjusting and applying two previously validated and published Likert-type response scales to assess health professionals' cybersecurity attitudes and behaviours in the Portuguese health environment. This is an observational, quantitative, cross-sectional and descriptive study in cybersecurity attitudes and behaviours in a healthcare institution in Portugal. Results The sample was composed by 56 professionals, 71% women and 29% men, divided in four professional groups, where a mean (±SD) of 31.59 (±14.211) points was achieved for the cybersecurity risky behaviour (RScB) scale and 66.41 (±6,26) points for the cybersecurity and cybercrime in business attitudes scale (ATC-IB). Conclusions There was no-significant statistical differences between the sociodemographic factors and the scores obtained on both scales. However, the points of the scales for the different domains evidences a statistical difference between ages, genders and professional groups by items, which are therefore important points for the development of future studies. The results showed a relationship between acquired behaviours and the attitudes of involvement with work and organizational commitment, establishing a bridge for the quantification in awareness.
ISSN:1101-1262
1464-360X
DOI:10.1093/eurpub/ckaa040.029