Bibliometric Analysis of Information Security Management in Healthcare

Year 2024, Volume: 6 Issue: 3, 409 - 432, 25.12.2024

Yusuf Yalçın İleri , Muhammed Yusuf Aydamak

Abstract

The study aims to assess academic researches on information security management in
healthcare organizations along with their temporal trends on spesific topics, such as top-cited
journals, publications or authors. We conducted a bibliometric analysis for this purpose. We
analyzed publications in the Web of Science database spanning 1982-2023 via VOSviewer
program. The research comprised two dimensions: performance analyses, which considered
metrics such as the (journals, countries, publications, citations) and bibliometric analyses,
which encompassed (co-authorship, keywords co-occurrence and their temporal period
distribution).The analysis revealed a recent upwing in both the number of publications and
citations within the field. The USA emerged as a fronrunner in term of both publications
quantity and citations count. Notably, IEEE demonstrated notable effectiveness in ratio of
citations to publications. De Montfort University stood out as the institution with the highest
number of publications, while the most frequently cited contributions originated from Hong
Kong University and Salerno University. Additionally, Christian Esposito emerged as the
most influential author in the field based on citation metrics. In light of the study’s findings,
it is evident that the field of information security management in healthcare organiations is
experiencing growth. To further enhance this domain, it is recommended that future research
endeavors focus on addressing multifaceted aspects such as legal, ethical and organizational
considerations, which include personnel perception and digital literacy. These inclusive
studies are likely to make substantial contributions to the field, fostering a more
comprehensive understanding o information security in healthcare organizations.

Keywords

Information Systems, Computer Security, Health Information Systems, Confidentiality, Medical Informatics

Sağlıkta Bilgi Güvenliği Yönetiminin Bibliyometrik Analizi

Abstract

Çalışmada sağlık kurumlarında bilgi güvenliği yönetimi konusunda yapılan akademik
çalışmaların incelenmesi ve değerlendirilmesi amaçlanmaktadır. Bu açıdan çalışmada sağlık
kurumlarında bilgi güvenliği yönetimi alanında en fazla atıf ve yayını olan dergiler, yayınlar,
yazarlar ve kurumlar, alandaki eş yazarlık ve anahtar kelimelerin eş birliktelikleri ile birlikte
dönemsel değişimleri araştırılmıştır. Bu amaç doğrultusunda bibliyometrik bir çalışma
yapılmıştır. Web of Science veri tabanında 1982-2023 aralığında yapılan yayınlar VOSviewer
programı kullanılarak analiz edilmiştir. Araştırma performans analizleri (dergiler, ülkeler,
yayınlar, atıflar vb.) ve bibliyometrik analizler (eş yazarlık, anahtar kelimeler eş birliktelik ve
dönem dağılımı) olarak iki boyut altında yürütülmüşür. Çalışmada elde edilen verilerin analiz
sonucunda alanda yayın ve atıf sayılarının son dönemde yoğunlaştığı tespit edilmiştir. Yayın
ve atıf sayısı açısından ABD öncü pozisyondadır. Alanda atıf/yayın sayısı etkililiğinde
IEEE’nin öne çıktığı; en fazla yayının De Montfort Üniversitesi’nce yapıldığı; en fazla atıfın
Hong Kong Üniversitesi ve Salerno Üniversitesi’nde olduğu ve alanın en etkili yazarının
Christian Esposito olduğu görülmüştür. Çalışmada sonuç olarak bilgi güvenliği konusunun
hukuki, etik ve örgütsel (personel algısı, dijital okuryazarlık vb.) perspektiflerini ele alan
çalışmaların yapılmasının alana katkı sağlayacağı değerlendirilmektedir.

Keywords

Bilgi Sistemleri, Bilgisayar Güvenliği, Sağlık Bilgi Sistemleri, Gizlilik, Tıbbi Bilişim.

References

• Abouelmehdi, K., Beni-Hessane, A. & Khaloufi, H. (2018). Big healthcare data: preserving security and privacy. Journal of Big Data, 5(1). https://doi.org/10.1186/s40537-017-0110-7
• Altındiş, S. (2012). Sağlık hizmetlerinde bilgi yönetimi. SD Platform, Sağlık Düşüncesi ve Tıp Kültürü Dergisi, 23, 90-91. https://medipol.com.tr/medium/Publication-File-123.vsf
• Anand, A. & Singh, A. K. (2020). An improved dwt-svd domain watermarking for medical information security. Computer Communications, 152, 72-80. https://doi.org/10.1016/j.comcom.2020.01.038
• Arslankara, V. B. & Usta, E. (2020). Lise Öğrencilerinde Sanal Risk Algısı: Problemli İnternet Kullanımı ve Eleştirel Düşünme Bağlamında Bir Araştırma. Necmettin Erbakan Üniversitesi Ahmet Keleşoğlu Eğitim Fakültesi Dergisi (AKEF), 2(1), 134-153. https://dergipark.org.tr/tr/download/article-file/1173051
• Bahar, A., Özgürbüz, N., Erdem, D. T. & Dulkara, G. H. (2022). Hemşirelik ve Ebelik Öğrencilerinin Hasta Mahremiyeti Bilincine İlişkin Bilgi ve Tutumlarının İncelenmesi. Necmettin Erbakan Üniversitesi Genel Sağlık Bilimleri Dergisi, 4(2), 118-129. https://dergipark.org.tr/tr/download/article-file/2298374
• Baran, S. & Şener, E. (2019). Hastanelerde bilgi güvenliği yönetimi: nitel bir araştırma. Süleyman Demirel Üniversitesi Vizyoner Dergisi, 10(23), 108-125. https://doi.org/10.21076/vizyoner.444451
• Bundesamt für Sicherheit in der Informationstechnik. (2020, September 17). Newsletter SICHER • INFORMIERT vom 09.09.2021. https://www.bsi.bund.de/SharedDocs/Newsletter/DE/BuergerCERT-Newsletter/16_Sicher-Informiert_09-09-2021.html
• Cahit Arf Bilgi Merkezi. (t.y.). Bibliyometrik Analiz Sıkça Sorulan Sorular: Bibliyometri Nedir? https://cabim.ulakbim.gov.tr/bibliyometrik-analiz/bibliyometrik-analiz-sikca-sorulan-sorular/
• Chen, C. (2017). Science mapping: a systematic review of the literature. Journal of Data and Information Science, 2(2), 1–40. https://doi.org/10.1515/jdis-2017-0006
• Dehling, T., Gao, F., Schneider, S. & Sunyaev, A. (2015). Exploring the far side of mobile health: information security and privacy of mobile health apps on iOS and Android. JMIR mHealth and uHealth, 3(1), e8. https://doi.org/10.2196/mhealth.3672
• Deniz, M. Ö. (2023). Kişisel Verilerin İşlenmesi Sözleşmesinin Türleri ve Hukuki Nitelikleri. Necmettin Erbakan Üniversitesi Hukuk Fakültesi Dergisi (NEÜHFD), 6(1), 97-114. https://dergipark.org.tr/tr/download/article-file/2637108
• Donthu, N., Kumar, S., Mukherjee, D., Pandey, N. & Lim, W. M. (2021). How to conduct a bibliometric analysis: an overview and guidelines. Journal of Business Research, 133, 285–296. https://doi.org/10.1016/j.jbusres.2021.04.070
• Esposito, C., De Santis, A., Tortora, G., Chang, H. & Choo, K. K. R. (2018). Blockchain: a panacea for healthcare cloud-based data security and privacy?. IEEE Cloud Computing, 5(1),31-37. http://dx.doi.org/10.1109/MCC.2018.011791712
• Hedström, K., Kolkowska, E., Karlsson, F. & Allen, J. P. (2011). Value conflicts for information security management. The Journal of Strategic Information Systems, 20(4), 373-384. https://doi.org/10.1016/j.jsis.2011.06.001
• Hou, Q., Mao, G., Zhao, L. & Du H, Zuo J. (2015). Mapping the scientific research on life cycle assessment: a bibliometric analysis. International Journal of Life Cycle Assessment, 20, 541–555. http://dx.doi.org/10.1007/s11367-015-0846-2
• İleri, Y. Y. & Kara, B. (2022). Covid-19 pandemi sürecinde kullanılan güncel sağlık bilişim uygulamaları ve yenilikçi teknolojiler: insanlığa katkıları ve temel kaygılar. Sağlık ve Toplum, 32(1), 33–52. https://l24.im/FphtX İleri, Y. Y. (2018). Sağlık yönetim bilişim sistemleri. Çizgi Kitabevi.
• Karaarslan, E., Ergin, A. M., Turğut, N. & Kılıç, Ö. (2015, Aralık 1-3). Elektronik sağlık kayıtlarının gizlilik ve mahremiyeti [Konferans Sunumu]. İnet-Tr’15, XX. Türkiye’de İnternet Konferansı, İstanbul, Türkiye. http://inet-tr.org.tr/inetconf20/kitap/inet15-EKaraarslan-AMErgin-NTurgut-OKilic.pdf
• Kılcan, B. & Gülbudak, B. (2019). E-Okuryazarlığa Yönelik Tutum Ölçeğinin Geliştirilmesi: Geçerlik ve Güvenirlik Çalışmaları. Ahmet Keleşoğlu Eğitim Fakültesi Dergisi (AKEF), 1(1), 59-71. https://doi.org/10.38151/akef.573786 Kişisel Verileri Koruma Kurumu. (t.y.). Kamuoyu duyurusu (veri ihlali bildirimi) – Beytıp Sağlık Hizmetleri Ltd. Şti. https://www.kvkk.gov.tr/Icerik/7556/Kamuoyu-Duyurusu-Veri-Ihlali-Bildirimi-Beytip-Saglik-Hizmetleri-Ltd-Sti-
• Koppel, R. (2012). Patient safety and health information technology: learning from our mistakes. https://psnet.ahrq.gov/perspective/patient-safety-and-health-information-technology-learning-our-mistakes
• Li, M., Lou, W. & Ren, K. (2010). Data security and privacy in wireless body area networks. IEEE Wireless Communications, 17(1), 51–58. http://dx.doi.org/10.1109/MWC.2010.5416350
• Lundgren B. & Möller N. (2019). Defining information security. Science and Engineering Ethics, 25, 419–441. https://doi.org/10.1007/s11948-017-9992-1
• Luxton, D. D., Kayl, R. A. & Mishkind, M. C. (2012). mHealth data security: the need for hipaa-compliant standardization. Telemedicine and e-Health, 18(4), 284-288. https://doi.org/10.1089/tmj.2011.0180
• Martínez, M. A., Cobo, M. J., Herrera, M. & Herrera-Viedma, E. (2015). Analyzing the scientific evolution of social work using science mapping. Research on Social Work Practice, 25(2), 257–277. https://doi.org/10.1177/1049731514522101
• Martín-Martín, A., Thelwall, M., Orduna-Malea, E. & Delgado López-Cózar. (2021). E. Google scholar, microsoft academic, scopus, dimensions, web of science, and opencitations’ cocı: a multidisciplinary comparison of coverage via citations. Scientometrics, 126, 871-906. https://doi.org/10.1007/s11192-020-03690-4
• Moody, G. D., Siponen, M. & Pahnila, S. (2018). Toward a unified model of information security policy compliance. MIS Quarterly: Management Information Systems, 42(1), 285–311. https://misq.umn.edu/skin/frontend/default/misq/pdf/appendices/2018/V42I1Appendices/14_13853_RA_MoodyAppendices.pdf
• Peikari, H. R., Ramayah, T., Shah, M. H. & Lo. M. C. (2018). Patients’ perception of the information security management in health centers: the role of organizational and human factors. BMC Medical Informatics and Decision Making, 18, 102. https://doi.org/10.1186/s12911-018-0681-z
• Pfleeger, S. L. & Caputo, D. D. (2012). Leveraging behavioral science to mitigate cyber security risk. Computers & Security, 31(4), 597-611. https://doi.org/10.1016/j.cose.2011.12.010
• Polat, Z. A., Saraçoğlu, A. & Duman, H. (2019). Harita dergisi’nin bibliyometrik analizi. Harita Dergisi, 161, 46–56. https://www.harita.gov.tr/uploads/files/articles/harita-dergisinin-bibliyometrik-analizi-1191.pdf
• Sari, P. K., Handayani, P. W., Hidayanto, A. N., Yazid, S. & Aji, R. F. (2022). Information security behavior in health information systems: a review of research trends and antecedent factors. Healthcare (Switzerland), 10(12), 2531. https://doi.org/10.3390/healthcare10122531
• Silomon, J. (2020, September 30). The Düsseldorf cyber incident. https://ifsh.de/en/news-detail/the-duesseldorf-cyber-incident
• Smart, W. (2018). Lessons learned review of the WannaCry Ransomware Cyber Attack. United Kingdom Department of Health and Social Care. https://www.england.nhs.uk/wp-content/uploads/2018/02/lessons-learned-review-wannacry-ransomware-cyber-attack-cio-review.pdf
• SPIEGEL Netzwelt. (2020, September 17). Ermittlungen wegen fahrlässiger Tötung eingeleitet. https://l24.im/87V0Fbu
• T.C. Kalkınma Bakanlığı. (2018). On Birinci Kalkınma Planı (2019-2023) Bilgi ve İletişim Teknolojileri Özel İhtisas Komisyonu Raporu. T.C. Kalkınma Bakanlığı. https://www.sbb.gov.tr/wp-content/uploads/2022/07/On_Birinci_Kalkinma_Plani-2019-2023.pdf
• Tidy, J. (2020, September 18). Police launch homicide inquiry after German hospital hack. https://www.bbc.com/news/technology-54204356
• Tsohou, A., Karyda, M. & Kokolakis, S. (2015). Analyzing the role of cognitive and cultural biases in the internalization of information security policies: recommendations for information security awareness programs. Computers & Security, 52, 128-141. https://doi.org/10.1016/j.cose.2015.04.006
• Ture, N., Tunc, Y. & Aksoy, C. (2022). Awareness Among Otorhinolaryngologists of Literature Resources: Survey Research. Selcuk Medical Journal, 38(3), 114-120. https://dx.doi.org/10.30733/std.2022.01561
• Universitätsklinikum Düsseldorf. (2020a, September 10). Krankenhaus derzeit nur sehr eingeschränkt erreichbar – Patientenversorgung eingeschränkt. https://l24.im/NDdyQ
• Universitätsklinikum Düsseldorf. (2020b, September 11). Update 16 Uhr - Uniklinik Düsseldorf: Massiver Netzwerkausfall. https://www.uniklinik-duesseldorf.de/ueber-uns/pressemitteilungen/detail/update-16-uhr-uniklinik-duesseldorf-massiver-netzwerkausfall
• Universitätsklinikum Düsseldorf. (2020c, September 14). Update 14.9. / 13:30 Uhr - Uniklinik Düsseldorf: IT-Ausfall hält an. https://www.uniklinik-duesseldorf.de/ueber-uns/pressemitteilungen/detail/update-149-1330-uhr-uniklinik-duesseldorf-it-ausfall-haelt-an
• Universitätsklinikum Düsseldorf. (2020d, September 17). IT-Ausfall an der Uniklinik Düsseldorf. https://www.uniklinik-duesseldorf.de/ueber-uns/pressemitteilungen/detail/it-ausfall-an-der-uniklinik-duesseldorf
• Universitätsklinikum Düsseldorf. (2020e, September 18). Update 18.9.–IT-Ausfall an der Uniklinik Düsseldorf. https://www.uniklinik-duesseldorf.de/ueber-uns/pressemitteilungen/detail/update-189-it-ausfall-an-der-uniklinik-duesseldorf
• Universitätsklinikum Düsseldorf. (2020f, September 23). Uniklinik Düsseldorf wieder bereit für Notfälle. Universitätsklinikum Düsseldorf. https://www.uniklinik-duesseldorf.de/ueber-uns/pressemitteilungen/detail/uniklinik-duesseldorf-wieder-bereit-fuer-notfaelle
• Universitätsklinikum Düsseldorf. (2020g, October 12). Wieder normale Patientenzahlen nach IT-Ausfall. Universitätsklinikum Düsseldorf. https://www.uniklinik-duesseldorf.de/ueber-uns/pressemitteilungen/detail/wieder-normale-patientenzahlen-nach-it-ausfall
• van Eck, N. J. & Waltman, L. (2010). Software survey: vosviewer, a computer program for bibliometric mapping. Scientometrics, 84, 523–538. https://doi.org/10.1007/s11192-009-0146-3
• Varol, Ş., Orhan, F., Tuncer, S. & Akyüz, S. (2016). Sağlık kurumlarında bilgi güvenliği bağlamında biyometrik sistemler. Sağlık Akademisyenleri Dergisi, 3(4), 155–162. https://dergipark.org.tr/tr/pub/sagakaderg/issue/46735/586227
• Yeng, P. K., Fauzi, M. A., Sun, L. & Yang, B. (2022). Assessing the legal aspects of information security requirements for health care in 3 countries: scoping review and framework development. JMIR Human Factors. 2022; 9(2), e30050. https://doi.org/10.2196/30050
• Yıldız, B. & Gejam, E. H. Y. (2022). Cyber-physical systems and cyber security: a bibliometric analysis. OPUS Journal of Society Research, 19(45), 35–49. https://doi.org/10.26466/opusjsr.1063227
• Zupic, I. & Čater, T. (2015). Bibliometric methods in management and organization. Organizational Research Methods, 18(3), 429–472. https://doi.org/10.1177/1094428114562629
• Wilkowska, W. & Ziefle, M. (2012). Privacy and data security in e-health: requirements from the user’s perspective. Health Informatics Journal, 18(3), 191-201. https://doi.org/10.1177/1460458212442933