Cybersecurity and the Digital Health: An Investigation on the State of the Art and the Position of the Actors

A special issue of Healthcare (ISSN 2227-9032). This special issue belongs to the section "TeleHealth and Digital Healthcare".

Deadline for manuscript submissions: closed (15 February 2022) | Viewed by 57807

Printed Edition Available!
A printed edition of this Special Issue is available here.

Special Issue Editor

Centro Nazionale TISP, Istituto Superiore di Sanità, Rome, Italy
Interests: biomedical engineering; robotics; artificial intelligence; digital health; rehabilitation; smart technology; cybersecurity; mental health; animal-assisted therapy; social robotics; acceptance; diagnostic pathology and radiology; medical imaging; patient safety; healthcare quality; health assessment; chronic disease
Special Issues, Collections and Topics in MDPI journals

Special Issue Information

Dear Colleagues,

The strong demand for health data by cybercrime exposes hospital structures in particular to IT risks. The greater connectivity to existing IT networks has in fact exposed Administrations to new IT security vulnerabilities, as healthcare is an extremely interesting target for cybercrime for two fundamental reasons: on the one hand, it is a source rich in valuable data and on the other, very often, the defenses are weak. Data breach violations can be caused by accidental events (e.g., loss of a USB stick or unregulated access to data) or malicious, and can result in the theft of health information, attacks of ransomware to hospitals, denial of service attacks and attacks on implanted medical devices (such as pace-makers  or artificial pancreas) which can reduce patient confidence, paralyze health systems and threaten human life. Ultimately, cybersecurity is critical to patient safety, but has often been underestimated. This requires cyber security to become an integral part of patient safety through changes in human behavior, technology and processes as part of a holistic solution. Also because we must not forget that the health system is a complex system in which multiple factors, heterogeneous and dynamic, interact, including the plurality of health services, specialist skills and professional, technical-health and economic-administrative roles and the heterogeneity of the processes and results to be achieved. In general, the approach and sensitivity towards cybersecurity is taking place at different speeds, even in countries with high evolution as regards digital health, also based on the way health services are provided. Where health services are approached as an industry, like in the USA, there has been a faster response to the  cyber risks.

I invite you to contribute to this issue which has a broad spectrum ranging from the security of wearable microsystems to that of fixed networks; from the artificial wearable pancreas up to the Hospital net.

This Special Issue of Healthcare seeks commentaries, original research, short reports, and reviews on challenges in health systems focused in this field.

Dr. Daniele Giansanti
Guest Editor

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Healthcare is an international peer-reviewed open access semimonthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 2700 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • e-health
  • medical devices
  • m-health
  • cyber-risk
  • pacemaker
  • artificial-pancreas
  • Picture Archive and Communication System

Published Papers (14 papers)

Order results
Result details
Select all
Export citation of selected articles as:

Editorial

Jump to: Research, Review, Other

4 pages, 197 KiB  
Editorial
Cybersecurity and the Digital-Health: The Challenge of This Millennium
by Daniele Giansanti
Healthcare 2021, 9(1), 62; https://doi.org/10.3390/healthcare9010062 - 11 Jan 2021
Cited by 17 | Viewed by 4356
Abstract
The problem of computer security is as old as computers themselves and dates back decades [...] Full article

Research

Jump to: Editorial, Review, Other

19 pages, 9023 KiB  
Article
A Cybersecurity Culture Survey Targeting Healthcare Critical Infrastructures
by Fotios Gioulekas, Evangelos Stamatiadis, Athanasios Tzikas, Konstantinos Gounaris, Anna Georgiadou, Ariadni Michalitsi-Psarrou, Georgios Doukas, Michael Kontoulis, Yannis Nikoloudakis, Sergiu Marin, Ricardo Cabecinha and Christos Ntanos
Healthcare 2022, 10(2), 327; https://doi.org/10.3390/healthcare10020327 - 09 Feb 2022
Cited by 15 | Viewed by 4844
Abstract
Recent studies report that cybersecurity breaches noticed in hospitals are associated with low levels of personnel’s cybersecurity awareness. This work aims to assess the cybersecurity culture in healthcare institutions from middle- to low-income EU countries. The evaluation process was designed and performed via [...] Read more.
Recent studies report that cybersecurity breaches noticed in hospitals are associated with low levels of personnel’s cybersecurity awareness. This work aims to assess the cybersecurity culture in healthcare institutions from middle- to low-income EU countries. The evaluation process was designed and performed via anonymous online surveys targeting individually ICT (internet and communication technology) departments and healthcare professionals. The study was conducted in 2019 for a health region in Greece, with a significant number of hospitals and health centers, a large hospital in Portugal, and a medical clinic in Romania, with 53.6% and 6.71% response rates for the ICT and healthcare professionals, respectively. Its findings indicate the necessity of establishing individual cybersecurity departments to monitor assets and attitudes while underlying the importance of continuous security awareness training programs. The analysis of our results assists in comprehending the countermeasures, which have been implemented in the healthcare institutions, and consequently enhancing cybersecurity defense, while reducing the risk surface. Full article
Show Figures

Figure 1

17 pages, 1484 KiB  
Article
Fuzzy Cognitive Scenario Mapping for Causes of Cybersecurity in Telehealth Services
by Thiago Poleto, Victor Diogho Heuer de Carvalho, Ayara Letícia Bentes da Silva, Thárcylla Rebecca Negreiros Clemente, Maísa Mendonça Silva, Ana Paula Henriques de Gusmão, Ana Paula Cabral Seixas Costa and Thyago Celso Cavalcante Nepomuceno
Healthcare 2021, 9(11), 1504; https://doi.org/10.3390/healthcare9111504 - 05 Nov 2021
Cited by 8 | Viewed by 2529
Abstract
Hospital organizations have adopted telehealth systems to expand their services to a portion of the Brazilian population with limited access to healthcare, mainly due to the geographical distance between their communities and hospitals. The importance and usage of those services have recently increased [...] Read more.
Hospital organizations have adopted telehealth systems to expand their services to a portion of the Brazilian population with limited access to healthcare, mainly due to the geographical distance between their communities and hospitals. The importance and usage of those services have recently increased due to the COVID-19 state-level mobility interventions. These services work with sensitive and confidential data that contain medical records, medication prescriptions, and results of diagnostic processes. Understanding how cybersecurity impacts the development of telehealth strategies is crucial for creating secure systems for daily operations. In the application reported in this article, the Fuzzy Cognitive Maps (FCMs) translated the complexity of cybersecurity in telehealth services into intelligible and objective results in an expert-based cognitive map. The tool also allowed the construction of scenarios simulating the possible implications caused by common factors that affect telehealth systems. FCMs provide a better understanding of cybersecurity strategies using expert knowledge and scenario analysis, enabling the maturation of cybersecurity in telehealth services. Full article
Show Figures

Figure 1

21 pages, 4848 KiB  
Article
Hospitals’ Cybersecurity Culture during the COVID-19 Crisis
by Anna Georgiadou, Ariadni Michalitsi-Psarrou, Fotios Gioulekas, Evangelos Stamatiadis, Athanasios Tzikas, Konstantinos Gounaris, Georgios Doukas, Christos Ntanos, Luís Landeiro Ribeiro and Dimitris Askounis
Healthcare 2021, 9(10), 1335; https://doi.org/10.3390/healthcare9101335 - 07 Oct 2021
Cited by 9 | Viewed by 4887
Abstract
The coronavirus pandemic led to an unprecedented crisis affecting all aspects of the concurrent reality. Its consequences vary from political and societal to technical and economic. These side effects provided fertile ground for a noticeable cyber-crime increase targeting critical infrastructures and, more specifically, [...] Read more.
The coronavirus pandemic led to an unprecedented crisis affecting all aspects of the concurrent reality. Its consequences vary from political and societal to technical and economic. These side effects provided fertile ground for a noticeable cyber-crime increase targeting critical infrastructures and, more specifically, the health sector; the domain suffering the most during the pandemic. This paper aims to assess the cybersecurity culture readiness of hospitals’ workforce during the COVID-19 crisis. Towards that end, a cybersecurity awareness webinar was held in December 2020 targeting Greek Healthcare Institutions. Concepts of cybersecurity policies, standards, best practices, and solutions were addressed. Its effectiveness was evaluated via a two-step procedure. Firstly, an anonymous questionnaire was distributed at the end of the webinar and voluntarily answered by attendees to assess the comprehension level of the presented cybersecurity aspects. Secondly, a post-evaluation phishing campaign was conducted approximately four months after the webinar, addressing non-medical employees. The main goal was to identify security awareness weaknesses and assist in drafting targeted assessment campaigns specifically tailored to the health domain needs. This paper analyses in detail the results of the aforementioned approaches while also outlining the lessons learned along with the future scientific routes deriving from this research. Full article
Show Figures

Figure 1

22 pages, 1768 KiB  
Article
Privacy-Preserving Authentication Protocol for Wireless Body Area Networks in Healthcare Applications
by Hyunho Ryu and Hyunsung Kim
Healthcare 2021, 9(9), 1114; https://doi.org/10.3390/healthcare9091114 - 28 Aug 2021
Cited by 15 | Viewed by 1913
Abstract
Mobile healthcare service has become increasingly popular thanks to the significant advances in the wireless body area networks (WBANs). It helps medical professionals to collect patient’s healthcare data remotely and provides remote medical diagnosis. Since the health data are privacy-related, they should provide [...] Read more.
Mobile healthcare service has become increasingly popular thanks to the significant advances in the wireless body area networks (WBANs). It helps medical professionals to collect patient’s healthcare data remotely and provides remote medical diagnosis. Since the health data are privacy-related, they should provide services with privacy-preserving, which should consider security and privacy at the same time. Recently, some lightweight patient healthcare authentication protocols were proposed for WBANs. However, we observed that they are vulnerable to tracing attacks because the patient uses the same identifier in each session, which could leak privacy-related information on the patient. To defeat the weakness, this paper proposes a privacy-preserving authentication protocol for WBANs in healthcare service. The proposed protocol is only based on one-way hash function and with exclusive-or operation, which are lightweight operations than asymmetric cryptosystem operations. We performed two rigorous formal security proofs based on BAN logic and ProVerif tool. Furthermore, comparison results with the relevant protocols show that the proposed protocol achieves more privacy and security features than the other protocols and has suitable efficiency in computational and communicational concerns. Full article
Show Figures

Figure 1

13 pages, 284 KiB  
Article
Adolescents, Ambivalent Sexism and Social Networks, a Conditioning Factor in the Healthcare of Women
by Jose Luis Gil Bermejo, Cinta Martos Sánchez, Octavio Vázquez Aguado and E. Begoña García-Navarro
Healthcare 2021, 9(6), 721; https://doi.org/10.3390/healthcare9060721 - 12 Jun 2021
Cited by 4 | Viewed by 3292
Abstract
Even though gender equality being present in the social and political sphere, we still encounter aspects that are characteristic of sexism. Such aspects impact upon gender inequality and different types of violence towards women. The present article aims to examine the behaviour of [...] Read more.
Even though gender equality being present in the social and political sphere, we still encounter aspects that are characteristic of sexism. Such aspects impact upon gender inequality and different types of violence towards women. The present article aims to examine the behaviour of adolescents from Huelva with regards to ambivalent sexism towards women on social networks and their influence on health. Furthermore, we seek to uncover adolescent’s perceptions with regards to gender differences in the use of social networks, the relationship between sexism and women’s emotional well-being was observed. The study sample was formed by young people aged between 14 and 16 years who were residing in rural and urban zones in the south of Spain. A mixed methods approach was taken. At a quantitative level, a sample of 400 young people was recruited. These were administered a questionnaire about sexism which was composed of two scales and has been validated at a national and international level. At a qualitative level, the study counted on 33 young people who participated in in-depth discussions via interviews and discussion groups. The results showed that sexism emerges in adolescence in the analysed sample from the south of Spain. This favoured a digital gender gap and was reinforced through social networks such as Instagram and Snapchat. Rising awareness and a critical view of the aforementioned sexism was shown on the behalf of females, particularly those from urban backgrounds. Full article
21 pages, 1628 KiB  
Article
Health-ID: A Blockchain-Based Decentralized Identity Management for Remote Healthcare
by Ibrahim Tariq Javed, Fares Alharbi, Badr Bellaj, Tiziana Margaria, Noel Crespi and Kashif Naseer Qureshi
Healthcare 2021, 9(6), 712; https://doi.org/10.3390/healthcare9060712 - 10 Jun 2021
Cited by 34 | Viewed by 6943
Abstract
COVID-19 has made eHealth an imperative. The pandemic has been a true catalyst for remote eHealth solutions such as teleHealth. Telehealth facilitates care, diagnoses, and treatment remotely, making them more efficient, accessible, and economical. However, they have a centralized identity management system that [...] Read more.
COVID-19 has made eHealth an imperative. The pandemic has been a true catalyst for remote eHealth solutions such as teleHealth. Telehealth facilitates care, diagnoses, and treatment remotely, making them more efficient, accessible, and economical. However, they have a centralized identity management system that restricts the interoperability of patient and healthcare provider identification. Thus, creating silos of users that are unable to authenticate themselves beyond their eHealth application’s domain. Furthermore, the consumers of remote eHealth applications are forced to trust their service providers completely. They cannot check whether their eHealth service providers adhere to the regulations to ensure the security and privacy of their identity information. Therefore, we present a blockchain-based decentralized identity management system that allows patients and healthcare providers to identify and authenticate themselves transparently and securely across different eHealth domains. Patients and healthcare providers are uniquely identified by their health identifiers (healthIDs). The identity attributes are attested by a healthcare regulator, indexed on the blockchain, and stored by the identity owner. We implemented smart contracts on an Ethereum consortium blockchain to facilities identification and authentication procedures. We further analyze the performance using different metrics, including transaction gas cost, transaction per second, number of blocks lost, and block propagation time. Parameters including block-time, gas-limit, and sealers are adjusted to achieve the optimal performance of our consortium blockchain. Full article
Show Figures

Figure 1

18 pages, 1274 KiB  
Article
A Blockchain-Based Secret-Data Sharing Framework for Personal Health Records in Emergency Condition
by Ahmed Raza Rajput, Qianmu Li and Milad Taleby Ahvanooey
Healthcare 2021, 9(2), 206; https://doi.org/10.3390/healthcare9020206 - 14 Feb 2021
Cited by 45 | Viewed by 4936
Abstract
Blockchain technology is the most trusted all-in-one cryptosystem that provides a framework for securing transactions over networks due to its irreversibility and immutability characteristics. Blockchain network, as a decentralized infrastructure, has drawn the attention of various startups, administrators, and developers. This system preserves [...] Read more.
Blockchain technology is the most trusted all-in-one cryptosystem that provides a framework for securing transactions over networks due to its irreversibility and immutability characteristics. Blockchain network, as a decentralized infrastructure, has drawn the attention of various startups, administrators, and developers. This system preserves transactions from tampering and provides a tracking tool for tracing past network operations. A personal health record (PHR) system permits patients to control and share data concerning their health conditions by particular peoples. In the case of an emergency, the patient is unable to approve the emergency staff access to the PHR. Furthermore, a history record management system of the patient’s PHR is required, which exhibits hugely private personal data (e.g., modification date, name of user, last health condition, etc.). In this paper, we suggest a healthcare management framework that employs blockchain technology to provide a tamper protection application by considering safe policies. These policies involve identifying extensible access control, auditing, and tamper resistance in an emergency scenario. Our experiments demonstrated that the proposed framework affords superior performance compared to the state-of-the-art healthcare systems concerning accessibility, privacy, emergency access control, and data auditing. Full article
Show Figures

Figure 1

Review

Jump to: Editorial, Research, Other

33 pages, 2182 KiB  
Review
Communication Requirements in 5G-Enabled Healthcare Applications: Review and Considerations
by Haneya Naeem Qureshi, Marvin Manalastas, Aneeqa Ijaz, Ali Imran, Yongkang Liu and Mohamad Omar Al Kalaa
Healthcare 2022, 10(2), 293; https://doi.org/10.3390/healthcare10020293 - 02 Feb 2022
Cited by 18 | Viewed by 5871
Abstract
Fifth generation (5G) mobile communication technology can enable novel healthcare applications and augment existing ones. However, 5G-enabled healthcare applications demand diverse technical requirements for radio communication. Knowledge of these requirements is important for developers, network providers, and regulatory authorities in the healthcare sector [...] Read more.
Fifth generation (5G) mobile communication technology can enable novel healthcare applications and augment existing ones. However, 5G-enabled healthcare applications demand diverse technical requirements for radio communication. Knowledge of these requirements is important for developers, network providers, and regulatory authorities in the healthcare sector to facilitate safe and effective healthcare. In this paper, we review, identify, describe, and compare the requirements for communication key performance indicators in relevant healthcare use cases, including remote robotic-assisted surgery, connected ambulance, wearable and implantable devices, and service robotics for assisted living, with a focus on quantitative requirements. We also compare 5G-healthcare requirements with the current state of 5G capabilities. Finally, we identify gaps in the existing literature and highlight considerations for this space. Full article
Show Figures

Figure 1

27 pages, 4641 KiB  
Review
Pathway of Trends and Technologies in Fall Detection: A Systematic Review
by Rohit Tanwar, Neha Nandal, Mazdak Zamani and Azizah Abdul Manaf
Healthcare 2022, 10(1), 172; https://doi.org/10.3390/healthcare10010172 - 17 Jan 2022
Cited by 30 | Viewed by 6354
Abstract
Falling is one of the most serious health risk problems throughout the world for elderly people. Considerable expenses are allocated for the treatment of after-fall injuries and emergency services after a fall. Fall risks and their effects would be substantially reduced if a [...] Read more.
Falling is one of the most serious health risk problems throughout the world for elderly people. Considerable expenses are allocated for the treatment of after-fall injuries and emergency services after a fall. Fall risks and their effects would be substantially reduced if a fall is predicted or detected accurately on time and prevented by providing timely help. Various methods have been proposed to prevent or predict falls in elderly people. This paper systematically reviews all the publications, projects, and patents around the world in the field of fall prediction, fall detection, and fall prevention. The related works are categorized based on the methodology which they used, their types, and their achievements. Full article
Show Figures

Figure 1

13 pages, 2439 KiB  
Review
A Quantitative and Qualitative Review on the Main Research Streams Regarding Blockchain Technology in Healthcare
by Yong Sauk Hau and Min Cheol Chang
Healthcare 2021, 9(3), 247; https://doi.org/10.3390/healthcare9030247 - 01 Mar 2021
Cited by 4 | Viewed by 3188
Abstract
(1) Background: Blockchain technology has been gaining high popularity in the healthcare domain. This has brought about a spate of recent studies regarding blockchain technology in healthcare, creating high demand for quantitative or qualitative reviews on the main research streams thereof. In order [...] Read more.
(1) Background: Blockchain technology has been gaining high popularity in the healthcare domain. This has brought about a spate of recent studies regarding blockchain technology in healthcare, creating high demand for quantitative or qualitative reviews on the main research streams thereof. In order to contribute to satisfying the high demand, this research presents a quantitative and qualitative review on studies regarding blockchain technology in healthcare. (2) Methods: A quantitative review was performed by searching the Web of Science database for articles published until 10 March in 2020, and a qualitative review was conducted by using the content analysis based on the integrative view of Leavitt’s diamond model. (3) Results: The quantitative review identified five research streams. The number of articles about blockchain technology in healthcare has dramatically increased since 2016, with a compound annual growth rate of 254.4%. English is the most dominant language used in the articles, and the USA and China are the top two countries of origin of the articles, representing overwhelming portions. The IEEE Access, Journal of Medical Systems, Journal of Medical Internet Research, Applied Sciences Basel, and Sensors are the top five journals in terms of publication. The articles showed an L-shaped distribution in terms of their annual average numbers of citations. The qualitative review revealed two research streams. Most of the top 10 articles ranked by their annual average numbers of citations concentrated on developing or proposing new technological solutions using blockchain technology to effectively revolutionize the current methods of managing data in the healthcare domain. The majority of the top 10 articles pursued the convergence of blockchain technology with cloud technology or IoT. (4) Conclusions: This article illuminates the main research streams about blockchain technology in healthcare through a quantitative and qualitative review, providing implications for future research on blockchain technology. Full article
Show Figures

Figure 1

Other

3 pages, 190 KiB  
Comment
The Newfound Opportunities of Wearable Systems Based on Biofeedback in the Prevention of Falls. Comment on Tanwar et al. Pathway of Trends and Technologies in Fall Detection: A Systematic Review. Healthcare 2022, 10, 172
by Giovanni Morone, Giovanni Maccioni and Daniele Giansanti
Healthcare 2022, 10(5), 940; https://doi.org/10.3390/healthcare10050940 - 19 May 2022
Viewed by 970
Abstract
We are writing to you as the corresponding authors of the interesting systematic review study “Pathway of Trends and Technologies in Fall Detection: A Systematic Review” [...] Full article
11 pages, 6208 KiB  
Commentary
Digital Contact Tracing and COVID-19: Design, Deployment, and Current Use in Italy
by Noemi Scrivano, Rosario Alfio Gulino and Daniele Giansanti
Healthcare 2022, 10(1), 67; https://doi.org/10.3390/healthcare10010067 - 30 Dec 2021
Cited by 8 | Viewed by 2084
Abstract
The technological innovation of digital contact tracing (DCT) has certainly characterized the COVID-19 pandemic, as compared to the previous ones. Based on the first studies, considerable support was expected from smartphone applications (“apps”) for DCT. This commentary focuses on digital contact tracing. Its [...] Read more.
The technological innovation of digital contact tracing (DCT) has certainly characterized the COVID-19 pandemic, as compared to the previous ones. Based on the first studies, considerable support was expected from smartphone applications (“apps”) for DCT. This commentary focuses on digital contact tracing. Its contributions are threefold: (a) Recall the initial expectations of these technologies and the state of diffusion. (b) Deal with the introduction of the app “Immuni” in Italy, while also highlighting the initiatives undertaken at the government level. (c) Report the state of diffusion and use of this App. The commentary ends by proposing some reflections on the continuation of this investigation in Italy. Full article
Show Figures

Figure 1

11 pages, 848 KiB  
Opinion
Medical Apps and the Gray Zone in the COVID-19 Era: Between Evidence and New Needs for Cybersecurity Expansion
by Giovanni Maccioni and Daniele Giansanti
Healthcare 2021, 9(4), 430; https://doi.org/10.3390/healthcare9040430 - 07 Apr 2021
Cited by 8 | Viewed by 2178
Abstract
The study focuses on emerging problems caused by the spread of medical apps. Firstly, it reviews the current role of cybersecurity and identifies the potential need to widen the boundaries of cybersecurity in relation to these apps. Secondly, it focuses on the pivotal [...] Read more.
The study focuses on emerging problems caused by the spread of medical apps. Firstly, it reviews the current role of cybersecurity and identifies the potential need to widen the boundaries of cybersecurity in relation to these apps. Secondly, it focuses on the pivotal device behind the development of mHealth: the smartphone, and highlights its role and current potential for hosting wearable medical technology. Thirdly, it addresses emerging issues regarding these apps, which are in a gray zone. This is done through an analysis of the important positions of scholars, and by means of a survey report on the increased use of various categories of apps during the COVID-19 pandemic, highlighting an accentuation of the problem. The study ends by explaining the reflections and proposals that emerged after performing the analysis. Full article
Show Figures

Figure 1

Back to TopTop