Advancing Cybersecurity Use of Sensitive Data in Electronic Healthcare System: A Review of Privacy and Regulations
Main Article Content
Abstract
Addressing cybersecurity challenges in electronic health system is imperative in ensuring trustworthiness of distributed healthcare information systems, thereby safeguarding sensitive patient information and optimizing healthcare service delivery. The use of data-driven technologies presents a promising opportunity for significant advances in information management required for an improved healthcare privacy protection for patients care, offering opportunities toward increased database accessibility in healthcare information system. This not only guarantees adherence to legal frameworks but also lays the groundwork for the ethical and accountable application of distributed systems in the medical field. To gain a thorough grasp of the requirements for cybersecurity in healthcare workforce groups, this paper applied a methodology that relied on a survey questionnaire. After that, it uses a risk-based methodology to estimate the risk of different cybersecurity and data privacy threats related to the stakeholder, determines the best ways to mitigate those cybersecurity risks, and suggests subsets of human-centric policies to manage each cybersecurity risk in the distributed healthcare setting. The results we obtained indicate that the effective management of individual cybersecurity risks across various healthcare organizations and diverse employee groups are facilitated by the adoption of a risk-based strategy for information privacy and cybersecurity risks protection.
Article Details
Upon receipt of accepted manuscripts, authors will be invited to complete a copyright license to publish the paper. At least the corresponding author must send the copyright form signed for publication. It is a condition of publication that authors grant an exclusive licence to the the INFOCOMP Journal of Computer Science. This ensures that requests from third parties to reproduce articles are handled efficiently and consistently and will also allow the article to be as widely disseminated as possible. In assigning the copyright license, authors may use their own material in other publications and ensure that the INFOCOMP Journal of Computer Science is acknowledged as the original publication place.
References
[1] S. Ahmed and M. Khan, "Securing the Internet of Things (IoT): A comprehensive study on the intersection of cybersecurity, privacy, and connectivity in the IoT ecosystem," AI, IoT and the Fourth Industrial Revolution Review, vol. 13, pp. 1-17, 2023.
[2] O. Layode, H. N. N. Naiho, G. S. Adeleke, E. O. Udeh, and T. T. Labake, "The role of cybersecurity in facilitating sustainable healthcare solutions: Overcoming challenges to protect sensitive data," International Medical Science Research Journal, vol. 4, pp. 668-693, 2024.
[3] N. U. Prince, M. A. Al Mamun, A. O. Olajide, O. U. Khan, A. B. Akeem, and A. I. Sani, "IEEE Standards and Deep Learning Techniques for Securing Internet of Things (IoT) Devices Against Cyber Attacks," Journal of Computational Analysis and Applications, vol. 33, 2024.
[4] D. Markopoulou, "Cyber-insurance in EU policy-making: Regulatory options, the market's challenges and the US example," Computer Law & Security Review, vol. 43, p. 105627, 2021.
[5] S. K. Shandilya, A. Datta, Y. Kartik, and A. Nagar, "Advancing Security and Resilience," in Digital Resilience: Navigating Disruption and Safeguarding Data Privacy, ed: Springer, 2024, pp. 459-529.
[6] U. O. Matthew, V. C. Onumaku, L. O. Fatai, T. S. Adekunle, A. O. Waliu, C. C. Ndukwu, et al., "E-Healthcare Data Warehouse Design and Data Mining Using ML Approach," in Reshaping Healthcare with Cutting-Edge Biomedical Advancements, ed: IGI Global, 2024, pp. 317-338.
[7] A. Onyebuchi, U. O. Matthew, J. S. Kazaure, N. U. Okafor, O. D. Okey, P. I. Okochi, et al., "Business demand for a cloud enterprise data warehouse in electronic healthcare computing: Issues and developments in e-healthcare cloud computing," International Journal of Cloud Applications and Computing (IJCAC), vol. 12, pp. 1-22, 2022.
[8] U. O. Mathew, D. Z. Rodriguez, R. L. Rosa, M. S. Ayub, and P. Adasme, "Advancing Healthcare 5.0 through Federated Learning: Opportunity for Security Enforcement using Blockchain," in 2024 International Conference on Software, Telecommunications and Computer Networks (SoftCOM), 2024, pp. 1-6.
[9] A. Onyebuchi, U. O. Matthew, J. S. Kazaure, G. N. Ebong, C. C. Ndukwu, A. C. Nwanakwaugwu, et al., "Cloud-Based IoT Data Warehousing Technology for E-Healthcare: A Comprehensive Guide to E-Health Grids," in Pioneering Smart Healthcare 5.0 with IoT, Federated Learning, and Cloud Security, ed: IGI Global, 2024, pp. 111-129.
[10] M. J. Rahim, M. I. I. Rahim, A. Afroz, and O. Akinola, "Cybersecurity Threats in Healthcare IT: Challenges, Risks, and Mitigation Strategies," Journal of Artificial Intelligence General science (JAIGS) ISSN: 3006-4023, vol. 6, pp. 438-462, 2024.
[11] S. T. Argaw, J. R. Troncoso-Pastoriza, D. Lacey, M.-V. Florin, F. Calcavecchia, D. Anderson, et al., "Cybersecurity of Hospitals: discussing the challenges and working towards mitigating the risks," BMC medical informatics and decision making, vol. 20, pp. 1-10, 2020.
[12] O. Di Fede, G. La Mantia, M. G. Cimino, and G. Campisi, "Protection of patient data in digital Oral and general health care: A scoping review with respect to the current regulations," Oral, vol. 3, pp. 155-165, 2023.
[13] E. Isibor, "Regulation of Healthcare Data Security: Legal Obligations in A Digital Age," Available at SSRN 4957244, 2024.
[14] A. Odeh, E. Abdelfattah, and W. Salameh, "Privacy-Preserving Data Sharing in Telehealth Services," Applied Sciences, vol. 14, p. 10808, 2024.
[15] E. Mwangi, "Exploring IoT Embedded Systems Along The Line Of Identity Access Management For Enhanced Health Data Security," Authorea Preprints, 2024.
[16] K. Begum, A. Dhamodhiran, and N. Gokul, "Health care data privacy and Compliance: Navigating Regulatory landscape," Central Asian Journal of Medical and Natural Science, vol. 4, pp. 596-608, 2023.
[17] S. Sirur, J. R. Nurse, and H. Webb, "Are we there yet? Understanding the challenges faced in complying with the General Data Protection Regulation (GDPR)," in Proceedings of the 2nd international workshop on multimedia privacy and security, 2018, pp. 88-95.
[18] G. A. Pimenta Rodrigues, A. L. Marques Serrano, A. N. Lopes Espiñeira Lemos, E. D. Canedo, F. L. L. d. Mendonça, R. de Oliveira Albuquerque, et al., "Understanding Data Breach from a Global Perspective: Incident Visualization and Data Protection Law Review," Data, vol. 9, p. 27, 2024.
[19] O. Olukoya, "Assessing frameworks for eliciting privacy & security requirements from laws and regulations," Computers & Security, vol. 117, p. 102697, 2022.
[20] A. Kavak, "Privacy of Information and Data: Policies, Threats, and Solutions," in Creating and Sustaining an Information Governance Program, ed: IGI Global, 2024, pp. 155-187.
[21] S. K. Shandilya, A. Datta, Y. Kartik, and A. Nagar, "Navigating the Regulatory Landscape," in Digital Resilience: Navigating Disruption and Safeguarding Data Privacy, ed: Springer, 2024, pp. 127-240.
[22] D. S. Chavan and T. M. Kanade, "Blockchain and Cybersecurity Revolutionizing Healthcare in the Digital era," in Ensuring Security and End-to-End Visibility Through Blockchain and Digital Twins, ed: IGI Global, 2024, pp. 72-101.
[23] G. Nissar, R. A. Khan, S. Mushtaq, S. A. Lone, and A. H. Moon, "IoT in healthcare: a review of services, applications, key technologies, security concerns, and emerging trends," Multimedia Tools and Applications, pp. 1-62, 2024.
[24] U. O. Matthew, J. S. Kazaure, O. Amaonwu, U. A. Adamu, I. M. Hassan, A. A. Kazaure, et al., "Role of internet of health things (IoHTs) and innovative internet of 5G medical robotic things (IIo-5GMRTs) in COVID-19 global health risk management and logistics planning," in Intelligent Data Analysis for COVID-19 Pandemic, ed: Springer, 2021, pp. 27-53.
[25] A. Adegoke, "Digital Rights and Privacy in Nigeria," Paradigm Initiative, vol. 4, 2020.
[26] S. Nifakos, K. Chandramouli, C. K. Nikolaou, P. Papachristou, S. Koch, E. Panaousis, et al., "Influence of human factors on cyber security within healthcare organisations: A systematic review," Sensors, vol. 21, p. 5119, 2021.
[27] M. K. S. Uddin and K. M. R. Hossan, "A Review of Implementing AI-Powered Data Warehouse Solutions to Optimize Big Data Management and Utilization," Academic Journal on Business Administration, Innovation & Sustainability, vol. 4, p. 10.69593, 2024.
[28] M. Sharma, C. Puri, and P. Kumar, "A Review: Transformative Impact of Data Visualization Across Various Industries," in 2024 8th International Conference on I-SMAC (IoT in Social, Mobile, Analytics and Cloud)(I-SMAC), 2024, pp. 799-804.
[29] A. C. B. Monteiro, R. P. França, R. Arthur, and Y. Iano, "An overview of medical Internet of Things, artificial intelligence, and cloud computing employed in health care from a modern panorama," The Fusion of Internet of Things, Artificial Intelligence, and Cloud Computing in Health Care, pp. 3-23, 2021.
[30] N. A. Nasarudin, F. Al Jasmi, R. O. Sinnott, N. Zaki, H. Al Ashwal, E. A. Mohamed, et al., "A review of deep learning models and online healthcare databases for electronic health records and their use for health prediction," Artificial Intelligence Review, vol. 57, p. 249, 2024.
[31] F. Gou, J. Liu, C. Xiao, and J. Wu, "Research on artificial-intelligence-assisted medicine: a survey on medical artificial intelligence," Diagnostics, vol. 14, p. 1472, 2024.
[32] C. Prince, N. Omrani, and F. Schiavone, "Online privacy literacy and users' information privacy empowerment: the case of GDPR in Europe," Information Technology & People, vol. 37, pp. 1-24, 2024.
[33] D. Lee and S. N. Yoon, "Application of artificial intelligence-based technologies in the healthcare industry: Opportunities and challenges," International journal of environmental research and public health, vol. 18, p. 271, 2021.
[34] D. O. T. Oyekunle, U. Okwudili Matthew, D. Preston, and D. Boohene, "Trust beyond technology algorithms: A theoretical exploration of consumer trust and behavior in technological consumption and AI projects," Journal of Computer and Communications, vol. 12, p. 10.4236, 2024.
[35] I. Hesso, R. Kayyali, D.-R. Dolton, K. Joo, L. Zacharias, A. Charalambous, et al., "Cancer care at the time of the fourth industrial revolution: an insight to healthcare professionals’ perspectives on cancer care and artificial intelligence," Radiation Oncology, vol. 18, p. 167, 2023.
[36] R. Gupta, A. Sharma, and T. Alam, "Building Predictive Models with Machine Learning," in Data Analytics and Machine Learning: Navigating the Big Data Landscape, ed: Springer, 2024, pp. 39-59.
[37] S. Asif, Y. Wenhui, S.-. ur-Rehman, Q.-. ul-ain, K. Amjad, Y. Yueyang, et al., "Advancements and Prospects of Machine Learning in Medical Diagnostics: Unveiling the Future of Diagnostic Precision," Archives of Computational Methods in Engineering, pp. 1-31, 2024.
[38] N. Tyagi and B. Bhushan, "Natural Language Processing (NLP) Based Innovations for Smart Healthcare Applications in Healthcare 4.0," in Enabling Technologies for Effective Planning and Management in Sustainable Smart Cities, ed: Springer, 2023, pp. 123-150.
[39] A. Chaurasia, "Algorithmic precision medicine: Harnessing artificial intelligence for healthcare optimization," Asian Journal of Biotechnology and Bioresource Technology, vol. 9, pp. 28-43, 2023.
[40] J. Verma, "Unleashing the power of artificial intelligence: Exploring multidisciplinary frontiers for innovation and impact," in Artificial Intelligence for Intelligent Systems, ed: CRC Press, 2025, pp. 3-26.
[41] S. A. Alowais, S. S. Alghamdi, N. Alsuhebany, T. Alqahtani, A. I. Alshaya, S. N. Almohareb, et al., "Revolutionizing healthcare: the role of artificial intelligence in clinical practice," BMC medical education, vol. 23, p. 689, 2023.
[42] Z. Ahmed, K. Mohamed, S. Zeeshan, and X. Dong, "Artificial intelligence with multi-functional machine learning platform development for better healthcare and precision medicine," Database, vol. 2020, p. baaa010, 2020.
[43] A. Sitapati, H. Kim, B. Berkovich, R. Marmor, S. Singh, R. El‐Kareh, et al., "Integrated precision medicine: the role of electronic health records in delivering personalized treatment," Wiley Interdisciplinary Reviews: Systems Biology and Medicine, vol. 9, p. e1378, 2017.
[44] K. Patel, "Ethical reflections on data-centric AI: balancing benefits and risks," International Journal of Artificial Intelligence Research and Development, vol. 2, pp. 1-17, 2024.
[45] A. Khatoon, A. Ullah, and K. N. Qureshi, "AI Models and Data Analytics," Next Generation AI Language Models in Research: Promising Perspectives and Valid Concerns, p. 45, 2024.
[46] K. J. Rolla, "Trends and Futuristic Applications of Big Data and Electronic Health Record Data in Empowering Constructive Clinical Decision Support Systems," Bio-Science Research Bulletin (Life sciences), pp. 78-91, 2024.
[47] H. Herath, H. Herath, B. Madhusanka, and L. Guruge, "Data Protection Challenges in the Processing of Sensitive Data," in Data Protection: The Wake of AI and Machine Learning, ed: Springer, 2024, pp. 155-179.
[48] H. Tao, M. Z. A. Bhuiyan, M. A. Rahman, G. Wang, T. Wang, M. M. Ahmed, et al., "Economic perspective analysis of protecting big data security and privacy," Future Generation Computer Systems, vol. 98, pp. 660-671, 2019.
[49] M. Webster, Do No Harm: protecting connected medical devices, healthcare, and data from hackers and adversarial nation states: John Wiley & Sons, 2021.
[50] V. Karthikeyan, G. Kirubakaran, K. Gopalakrishnan, and S. S. Raj, "Creative Strategies to Protect Patients’ Health Records and Confidentiality Using Blockchain Technology," Blockchain‐Enabled Solutions for the Pharmaceutical Industry, pp. 275-318, 2025.
[51] Z. Wenhua, F. Qamar, T.-A. N. Abdali, R. Hassan, S. T. A. Jafri, and Q. N. Nguyen, "Blockchain technology: security issues, healthcare applications, challenges and future trends," Electronics, vol. 12, p. 546, 2023.
[52] Z. Mahmood and V. Jusas, "Blockchain-enabled: Multi-layered security federated learning platform for preserving data privacy," Electronics, vol. 11, p. 1624, 2022.
[53] Z. Alkhalil, C. Hewage, L. Nawaf, and I. Khan, "Phishing attacks: A recent comprehensive study and a new anatomy," Frontiers in Computer Science, vol. 3, p. 563060, 2021.
[54] L. Wasserman and Y. Wasserman, "Hospital cybersecurity risks and gaps: Review (for the non-cyber professional)," Frontiers in Digital Health, vol. 4, p. 862221, 2022.
[55] P. K. Yeng, M. A. Fauzi, B. Yang, and P. Nimbe, "Investigation into phishing risk behaviour among healthcare staff," Information, vol. 13, p. 392, 2022.
[56] W. Priestman, T. Anstis, I. G. Sebire, S. Sridharan, and N. J. Sebire, "Phishing in healthcare organisations: Threats, mitigation and approaches," BMJ health & care informatics, vol. 26, 2019.
[57] S. Huda, M. R. Islam, J. Abawajy, V. N. V. Kottala, and S. Ahmad, "A Cyber Risk Assessment Approach to Federated Identity Management Framework-Based Digital Healthcare System," Sensors, vol. 24, p. 5282, 2024.