{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,3]],"date-time":"2026-05-03T23:46:36Z","timestamp":1777851996414,"version":"3.51.4"},"reference-count":22,"publisher":"SAGE Publications","issue":"3","license":[{"start":{"date-parts":[[2010,9,1]],"date-time":"2010-09-01T00:00:00Z","timestamp":1283299200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/journals.sagepub.com\/page\/policies\/text-and-data-mining-license"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Health Informatics J"],"published-print":{"date-parts":[[2010,9]]},"abstract":"<jats:p>This article attempts to investigate the various types of threats that exist in healthcare information systems (HIS). A study has been carried out in one of the government-supported hospitals in Malaysia.The hospital has been equipped with a Total Hospital Information System (THIS). The data collected were from three different departments, namely the Information Technology Department (ITD), the Medical Record Department (MRD), and the X-Ray Department, using in-depth structured interviews. The study identified 22 types of threats according to major threat categories based on ISO\/IEC 27002 (ISO 27799:2008). The results show that the most critical threat for the THIS is power failure followed by acts of human error or failure and other technological factors. This research holds significant value in terms of providing a complete taxonomy of threat categories in HIS and also an important component in the risk analysis stage.<\/jats:p>","DOI":"10.1177\/1460458210377468","type":"journal-article","created":{"date-parts":[[2010,10,1]],"date-time":"2010-10-01T12:59:24Z","timestamp":1285937964000},"page":"201-209","source":"Crossref","is-referenced-by-count":52,"title":["Security threats categories in healthcare information systems"],"prefix":"10.1177","volume":"16","author":[{"given":"Ganthan","family":"Narayana Samy","sequence":"first","affiliation":[{"name":"Universiti Teknologi Malaysia, Malaysia,"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Rabiah","family":"Ahmad","sequence":"additional","affiliation":[{"name":"Universiti Teknologi Malaysia, Malaysia"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Zuraini","family":"Ismail","sequence":"additional","affiliation":[{"name":"Universiti Teknologi Malaysia, Malaysia"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"179","published-online":{"date-parts":[[2010,10,1]]},"reference":[{"key":"atypb1","doi-asserted-by":"publisher","DOI":"10.1177\/1460458209337433"},{"key":"atypb2","volume-title":"Analytics report: security of patient data","author":"Healthcare Information and Management Systems Society (HIMSS).","year":"2008"},{"key":"atypb3","volume-title":"28th Annual International Conference of the IEEE on Engineering in Medical and Biology Society (EMBS)","author":"Maglogiannis I."},{"key":"atypb4","doi-asserted-by":"publisher","DOI":"10.1109\/MITP.2008.34"},{"key":"atypb5","unstructured":"Narayana Samy G., Ahmad R., Ismail Z. Security threats in healthcare information systems: a preliminary study. In: Bath PA, Day K and Norris T (eds) Proceedings of 13th International Symposium on Health Information Management Research, Auckland, New Zealand October 2008, pp. 233-234. ISBN 978-0-473-14173-8."},{"key":"atypb6","doi-asserted-by":"publisher","DOI":"10.1145\/1104004.1104010"},{"key":"atypb7","volume-title":"Health informatics: information security management in health using ISO\/IEC 27002 (ISO27799:2008)","year":"2008"},{"key":"atypb8","volume-title":"security techniques: code of practice for information security management BS ISO\/IEC 27002:2005 BS 7799-1:2005","author":"Information technology","year":"2008"},{"key":"atypb9","volume-title":"Information security risk analysis","author":"Thomas RP","year":"2005"},{"key":"atypb10","first-page":"487","volume":"38","author":"Jung B.","year":"2001","journal-title":"Inf Man"},{"key":"atypb11","first-page":"146","volume":"3347","author":"Bhargava B.","year":"2004","journal-title":"ICDCIT"},{"key":"atypb12","first-page":"480","volume":"44","author":"Jen Yeh Q.","year":"2007","journal-title":"Inf Man"},{"key":"atypb13","first-page":"348","author":"Farahmand F.","year":"2009","journal-title":"ACM"},{"key":"atypb14","doi-asserted-by":"publisher","DOI":"10.1145\/859670.859675"},{"key":"atypb15","doi-asserted-by":"publisher","DOI":"10.1016\/j.jsis.2007.05.003"},{"key":"atypb16","doi-asserted-by":"publisher","DOI":"10.1016\/j.jbi.2005.10.003"},{"key":"atypb17","volume-title":"Business research methods","author":"Cooper DR","year":"2008"},{"key":"atypb18","volume-title":"Principles of information security","author":"Whitman EM","year":"2005"},{"key":"atypb19","volume-title":"Information technology for the health professions","author":"Burke L.","year":"2005"},{"key":"atypb20","volume-title":"The executive guide to information security: threats, challenges, and solutions","author":"Egan M.","year":"2005"},{"key":"atypb21","doi-asserted-by":"publisher","DOI":"10.1016\/j.ijmedinf.2006.06.002"},{"key":"atypb22","unstructured":"Risk management AS\/NZS 4360:1999. Strathfield, NSW: Standards Association of Australia ; 1999."}],"container-title":["Health Informatics Journal"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/journals.sagepub.com\/doi\/pdf\/10.1177\/1460458210377468","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/journals.sagepub.com\/doi\/pdf\/10.1177\/1460458210377468","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,4,29]],"date-time":"2026-04-29T22:28:50Z","timestamp":1777501730000},"score":1,"resource":{"primary":{"URL":"https:\/\/journals.sagepub.com\/doi\/10.1177\/1460458210377468"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2010,9]]},"references-count":22,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2010,9]]}},"alternative-id":["10.1177\/1460458210377468"],"URL":"https:\/\/doi.org\/10.1177\/1460458210377468","relation":{},"ISSN":["1460-4582","1741-2811"],"issn-type":[{"value":"1460-4582","type":"print"},{"value":"1741-2811","type":"electronic"}],"subject":[],"published":{"date-parts":[[2010,9]]}}}