Digital Health, COVID-19 Pandemic, and Cybersecurity Issues

The article focuses on a wide range of cybersecurity issues related to the use of digital technologies in healthcare. Many countries are increasingly adopting digital innovations into their national health systems and therefore raise their cybersecurity risks. The number of cyberattacks on health care organizations is steadily increasing; and the COVID-19 pandemic, which has required more frequent use of digital technologies to address public health challenges, has also influenced the proliferation of criminal cyberattacks. The aim of the study was to describe the main types of criminal, mostly digital, risks for digital health and identify the most important ways to counteract them. The article includes an analysis of international and national regulatory documents, foreign scientific literature, reports of organizations dealing with cybersecurity issues. In preparing it, the authors used general and specific scientific methods including analysis, synthesis, formal and legal analysis, historical method, interdisciplinary research, and expert assessment. The authors conclude that the increasing use of digital technologies in health care, especially in the context of the COVID19 pandemic, expands the number of targets for cybercriminals. Three main types of digital health criminal risks are identified: attacks on health care organizations, attacks on devices used for medical purposes, including those associated with the Internet of Medical Things, and the theft and disclosure of digitally stored confidential medical information. The latter group of acts is committed by both outsiders and employees of healthcare organizations. The vast majority of registered cybercrimes are profit motivated ones, and the most common cybercrime is extortion with the use of malicious software (ransomware). To counter criminal risks for digital health, the authors propose a set of actions divided into three groups such as legal, technical, and educational. According to the authors, international and national criminal law should immediately respond to digital criminal threats to healthcare systems, in particular by making relevant international agreements and by including the manner in which such crimes are committed into criminal laws as an aggravating circumstance. In addition, the authors note the formation of a special direction in cybersecurity research and practice - healthcare cybersecurity - which requires the development of an appropriate industry, with respective hardware, software, informational and educational products that would be aimed at eliminating and reducing the risks for digital health.