{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,4]],"date-time":"2026-05-04T10:53:21Z","timestamp":1777892001273,"version":"3.51.4"},"reference-count":26,"publisher":"JMIR Publications Inc.","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["JMIR Form Res"],"abstract":"<jats:sec>\n                    <jats:title>Background<\/jats:title>\n                    <jats:p>Over the last decade, the frequency and size of cyberattacks in the health care industry have increased, ranging from breaches of processes or networks to encryption of files that restrict access to data. These attacks may have multiple consequences for patient safety, as they can, for example, target electronic health records, access to critical information, and support for critical systems, thereby causing delays in hospital activities. The effects of cybersecurity breaches are not only a threat to patients\u2019 lives but also have financial consequences due to causing inactivity in health care systems. However, publicly available information on these incidents quantifying their impact is scarce.<\/jats:p>\n                  <\/jats:sec>\n                  <jats:sec>\n                    <jats:title>Objective<\/jats:title>\n                    <jats:p>We aim, while using public domain data from Portugal, to (1) identify data breaches in the public national health system since 2017 and (2) measure the economic impact using a hypothesized scenario as a case study.<\/jats:p>\n                  <\/jats:sec>\n                  <jats:sec>\n                    <jats:title>Methods<\/jats:title>\n                    <jats:p>We retrieved data from multiple national and local media sources on cybersecurity from 2017 until 2022 and built a timeline of attacks. In the absence of public information on cyberattacks, reported drops in activity were estimated using a hypothesized scenario for affected resources and percentages and duration of inactivity. Only direct costs were considered for estimates. Data for estimates were produced based on planned activity through the hospital contract program. We use sensitivity analysis to illustrate how a midlevel ransomware attack might impact health institutions\u2019 daily costs (inferring a potential range of values based on assumptions). Given the heterogeneity of our included parameters, we also provide a tool for users to distinguish such impacts of different attacks on institutions according to different contract programs, served population size, and proportion of inactivity.<\/jats:p>\n                  <\/jats:sec>\n                  <jats:sec>\n                    <jats:title>Results<\/jats:title>\n                    <jats:p>From 2017 to 2022, we were able to identify 6 incidents in Portuguese public hospitals using public domain data (there was 1 incident each year and 2 in 2018). Financial impacts were obtained from a cost point of view, where estimated values have a minimum-to-maximum range of \u20ac115,882.96 to \u20ac2,317,659.11 (a currency exchange rate of \u20ac1=US $1.0233 is applicable). Costs of this range and magnitude were inferred assuming different percentages of affected resources and with different numbers of working days while considering the costs of external consultation, hospitalization, and use of in- and outpatient clinics and emergency rooms, for a maximum of 5 working days.<\/jats:p>\n                  <\/jats:sec>\n                  <jats:sec>\n                    <jats:title>Conclusions<\/jats:title>\n                    <jats:p>To enhance cybersecurity capabilities at hospitals, it is important to provide robust information to support decision-making. Our study provides valuable information and preliminary insights that can help health care organizations better understand the costs and risks associated with cyber threats and improve their cybersecurity strategies. Additionally, it demonstrates the importance of adopting effective preventive and reactive strategies, such as contingency plans, as well as enhanced investment in improving cybersecurity capabilities in this critical area while aiming to achieve cyber-resilience.<\/jats:p>\n                  <\/jats:sec>","DOI":"10.2196\/41738","type":"journal-article","created":{"date-parts":[[2023,5,10]],"date-time":"2023-05-10T22:56:27Z","timestamp":1683759387000},"page":"e41738","source":"Crossref","is-referenced-by-count":12,"title":["Economic Impact of a Hospital Cyberattack in a National Health System: Descriptive Case Study"],"prefix":"10.2196","volume":"7","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-7913-7461","authenticated-orcid":false,"given":"Diana","family":"Portela","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-3163-8694","authenticated-orcid":false,"given":"Diogo","family":"Nogueira-Leite","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0009-0004-1070-3081","authenticated-orcid":false,"given":"Rafael","family":"Almeida","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-3764-5158","authenticated-orcid":false,"given":"Ricardo","family":"Cruz-Correia","sequence":"additional","affiliation":[]}],"member":"1010","published-online":{"date-parts":[[2023,6,30]]},"reference":[{"key":"ref1","author":"Laudon, KC","year":"2020","journal-title":"Management Information Systems: Managing the Digital Firm, 16th edition"},{"key":"ref2","doi-asserted-by":"publisher","DOI":"10.1016\/S2213-2600(21)00284-8"},{"key":"ref3","doi-asserted-by":"publisher","DOI":"10.2196\/10059"},{"key":"ref4","doi-asserted-by":"publisher","DOI":"10.1016\/S2589-7500(19)30005-6"},{"key":"ref5","doi-asserted-by":"publisher","DOI":"10.5455\/aim.2020.28.265-271"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.1097\/01.NAJ.0000734084.73803.d3"},{"key":"ref7","unstructured":"Healthcare data breach statisticsThe HIPAA Journal2023-06-08https:\/\/www.hipaajournal.com\/healthcare-data-breach-statistics\/"},{"key":"ref8","unstructured":"Tentativas de ataque a hospitais de norte a sul continuaram mesmo ap\u00f3s alerta no Garcia de OrtaDi\u00e1rio de Not\u00edcias20222023-06-08https:\/\/www.dn.pt\/sociedade\/tentativas-de-ataque-a-hospitais-de-norte-a-sul-continuaram-mesmo-apos-alerta-no-garcia-de-orta-14835607.html"},{"key":"ref9","unstructured":"Piratas inform\u00e1ticos atacam hospital Garcia de OrtaSAPO20172023-06-08https:\/\/sol.sapo.pt\/artigo\/549734\/piratas-informaticos-atacam-hospital-garcia-de-orta-"},{"key":"ref10","unstructured":"MaiaATrigueir\u00e3oSHospital Garcia de Orta alvo de ataque inform\u00e1tico. No Litoral Alentejano houve uma tentativa de ciberataquePublico20222023-06-08https:\/\/www.publico.pt\/2022\/04\/26\/sociedade\/noticia\/hospital-garcia-orta-alvo-ataque-informatico-2003841"},{"key":"ref11","unstructured":"SPMSCircular Normativa n.\u00ba 01\u2014SPMS: Medidas excepcionais ciber-seguran\u00e7aServi\u00e7os Partilhados do Minist\u00e9rio da Sa\u00fade20172023-06-08http:\/\/spms.min-saude.pt\/wp-content\/uploads\/2017\/05\/Circular-Normativa-n%C2%BA1-SPMS-medidas-ciber-seguran%C3%A7a-v.2.pdf"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.20344\/amp.17857"},{"key":"ref13","doi-asserted-by":"crossref","DOI":"10.1007\/978-3-030-41215-9","author":"Magnuson, JA","year":"2020","journal-title":"Public Health Informatics and Information Systems"},{"issue":"5","key":"ref14","first-page":"100","volume":"67","author":"Claunch, D","year":"2013","journal-title":"Healthc Financ Manage"},{"key":"ref15","doi-asserted-by":"publisher","DOI":"10.1016\/S0140-6736(21)01968-1"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.1016\/j.maturitas.2018.04.008"},{"key":"ref17","doi-asserted-by":"publisher","DOI":"10.1186\/s12911-020-01161-7"},{"key":"ref18","doi-asserted-by":"publisher","DOI":"10.2196\/21747"},{"key":"ref19","unstructured":"Acordo Modificativo ao Contrato-Programa 2021ACSS20212023-06-08https:\/\/www.acss.min-saude.pt\/wp-content\/uploads\/2016\/10\/Acordo-Modificativo-2021-HGO.pdf"},{"key":"ref20","unstructured":"Reabertas urg\u00eancias de obstret\u00edcia do Garcia de Orta ap\u00f3s noite encerradas por escassez de m\u00e9dicos 2022TSF20222023-06-08https:\/\/www.tsf.pt\/portugal\/sociedade\/reabriram-as-urgencias-do-hospital-garcia-de-orta-apos-escassez-de-medicos-14928563.html"},{"key":"ref21","unstructured":"Economic impact simulator2023-06-26https:\/\/cyberimpact.dianaportela.pt\/"},{"key":"ref22","unstructured":"KosuticDThe impact of cybersecurity on competitive advantage20212023-06-08Grenoble Ecole de Managementhttps:\/\/www.researchgate.net\/profile\/Dejan-Kosutic-2\/publication\/357826918_The_Impact_of_Cybersecurity_on_Competitive_Advantage\/links\/61e143d270db8b034c92052e\/The-Impact-of-Cybersecurity-on-Competitive-Advantage.pdf"},{"key":"ref23","doi-asserted-by":"publisher","DOI":"10.1016\/j.csa.2023.100016"},{"key":"ref24","doi-asserted-by":"publisher","DOI":"10.1007\/s42979-022-01239-1"},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.3389\/fdgth.2022.862221"},{"key":"ref26","unstructured":"PhD Programme in Health Data ScienceHEADS2023-06-26https:\/\/heads.med.up.pt\/en\/"}],"container-title":["JMIR Formative Research"],"original-title":[],"language":"en","deposited":{"date-parts":[[2023,6,30]],"date-time":"2023-06-30T09:02:30Z","timestamp":1688115750000},"score":1,"resource":{"primary":{"URL":"https:\/\/formative.jmir.org\/2023\/1\/e41738"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,6,30]]},"references-count":26,"URL":"https:\/\/doi.org\/10.2196\/41738","relation":{"has-preprint":[{"id-type":"doi","id":"10.2196\/preprints.41738","asserted-by":"object"}]},"ISSN":["2561-326X"],"issn-type":[{"value":"2561-326X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2023,6,30]]}}}