Uncovering Security Vulnerabilities in Electronic Medical Record Systems: A Comprehensive Review of Threats and Recommendations for Enhancement

Authors

DOI:

https://doi.org/10.26555/jiteki.v10i1.28192

Keywords:

Electronic Medical Record Systems, Security Vulnerabilities, Threats, Recommendations for Enhancement, Cybersecurity

Abstract

Cybersecurity is a critical concern for healthcare organizations in the digital era, as patient data privacy faces significant risks from numerous vulnerabilities. Given the escalating cyberattacks in healthcare, understanding EMR system vulnerabilities has become imperative. This study aimed to find the main weaknesses in Electronic Health Record (EHR) systems and suggest proven methods to improve security and keep patient information private. Utilizing a cross-sectional analysis, we assessed the effectiveness of current security protocols against identified threats. We systematically reviewed 25 recent, high-quality articles (from 2020 to 2023) on EMR vulnerabilities, selected based on their relevance and the efficacy of their proposed solutions. Our analysis revealed that system architecture flaws and credential misuse represented the most significant threats, with hacking incidents most frequently targeting these weaknesses. The analysis identified six key threat categories to EMR security: compromised access, system architecture flaws, data sharing challenges, hacking, credential misuse, and non-compliance with regulations. This framework introduced a multi-layered defense strategy, unique in incorporating both technical and behavioral security measures. The study provided a novel framework combining technological and management safeguards, offering a fresh perspective on modern EMR vulnerabilities. The detailed threat categorization gave healthcare organizations a strategic basis for improved security planning and resource allocation. The actionable insights from this study could greatly enhance EMR security protocols in healthcare settings, potentially reducing data breaches and improving patient trust. Further research was warranted to test the effectiveness of the proposed framework across various healthcare environments.

Author Biographies

Dian Wijayanti, Universitas Teknologi Yogyakarta

Dian Wijayanti. The author is a postgraduate student pursuing a master's degree in information technology at Universitas Teknologi Yogyakarta and has worked as an information technology staff at the Sleman Regional General Hospital for the past year. 

Erik Iman Heri Ujianto, Universitas Teknologi Yogyakarta

Dr. Erik Iman Heri Ujianto, S.T., M. Kom. received his master’s in computer sciences and Doctor from Computer Sciences at Gadjah Mada University, Yogyakarta. He was currently working as an Associate Professor at Universitas Teknologi Yogyakarta also. He is a researcher in college; his topic of research is information security.

Rianto Rianto, Universitas Teknologi Yogyakarta

Dr. Ir. Rianto, S. Kom., M. Eng., IPM. was awarded the Erasmus+ scholarship in 2018 and completed the Information Technology Doctoral at Gunadarma University in Jakarta, Indonesia, in 2021. He got a master's in Information Technology from Gadjah Mada University in 2008. In addition to serving as a lecturer in the Data Science Department, Rianto writes books and contributes to national and international publications—his research interests are Natural Language Processing, Artificial Intelligence, and Machine Learning.

Downloads

Published

2024-02-17

Issue

Section

Articles