FEATURES OF INFORMATION SECURITY IN THE HEALTHCARE SECTOR
DOI:
https://doi.org/10.34132/pard2026.31.05Keywords:
information, information security, healthcare, digitalization, cyberattackAbstract
The article examines the role of information security in healthcare in the context of active digitalization of medical processes. It is shown that the introduction of electronic medical records, telemedicine and automated management systems not only improves the quality of medical services, the efficiency of institutions and the availability of medical care, but also creates new risks of leakage, modification or distortion of sensitive information, which requires special attention to cyber protection and standardization of information processes. The features of medical information, which are characterized by high confidentiality, accuracy and criticality for the life and health of patients, are revealed. The need for proper data protection is emphasized to prevent errors in diagnosis, improper treatment, violation of ethical standards and loss of patients' trust in medical institutions. Special attention is paid to the protection of personal data and ensuring the integrity of medical records in the digital environment. The main directions of information security organization in medical institutions are considered: multi-level authentication, access control, backup, data encryption and personal data protection. Key threats to medical information systems are identified – cyberattacks, phishing, malware, technical failures and the human factor, which require a comprehensive approach to risk management and integration of technological, organizational and regulatory measures. Based on the analysis, practical recommendations for increasing the level of information security are formulated: improving data protection policies, using modern encryption technologies and secure information storage, constant monitoring of system operation, creating internal incident response protocols, implementing multi-level user authentication and regular training of personnel on cybersecurity. Implementation of these measures ensures stable, reliable and secure operation of medical information systems, increases the efficiency of medical institutions and strengthens patients' trust in modern digital healthcare.
References
1. Hromadska, N., Andriiash, V. (2020). Efektyvnist pryiniattia derzhavno-upravlinskykh rishen: osoblyvosti vykorystannia politychnoho analizu [The effectiveness of state management decision-making: features of the use of political analysis]. Publichne upravlinnia ta rehionalnyi rozvytok. № 8. Retrieved from [in Ukrainian].
2. Hulchak, Yu. P. (2020). Zakhyst informatsiinykh resursiv medychnykh informatsiinykh system [Protection of information resources of medical information systems]. Informatsiini tekhnolohii: nauka, tekhnika, tekhnolohiia, osvita, zdorovia : tezy dop. KhXVIII mizhnar. nauk.-prakt. konf. MicroCAD-2020, (Kharkiv, 28-30 zhovt. 2020 r.) : u 5 ch. / za red. prof. Sokola Ye. I. Kharkiv : NTU «KhPI». Ch. 2. Retrieved from: [in Ukrainian].
3. Dolbnieva, D. V., Honcharuk, S.M. (2016). Neobkhidnist ta osnovni napriamky vdoskonalennia poriadku formuvannia ta vykorystannia resursnoho potentsialu okhorony zdorovia v Ukraini [The need and main directions for improving the procedure for the formation and use of health care resource potential in Ukraine]. Problemy ekonomiky. № 3. Retrieved from . [in Ukrainian].
4. Kiberbezpeka v medytsyni: chomu likarni staly uliublenoiu mishenniu khakeriv (2025). [Cybersecurity in medicine: why hospitals have become a favorite target of hackers] Retrieved from [in Ukrainian].
5. Kobrusieva, Ye. A. (2025). Informatsiina bezpeka elektronnykh system okhorony zdorovia: teoretychni ta praktychni aspekty [Information security of electronic health care systems: theoretical and practical aspects]. Yurydychnyi naukovyi elektronnyi zhurnal. № 1. Retrieved from [in Ukrainian].
6. Kupershtein, L.M., Yasinska, Ya.O. (2025). Doslidzhennia polityky informatsiinoi bezpeky u rozrizi normatyvnoi dokumentatsii [Research on information security policy in the context of regulatory documentation]. Retrieved from [in Ukrainian].
7. Liashuk, A. (2023). Zahrozy i vyklyky dlia systemy kiberbezpeky informatsiinykh system ta reiestriv sfery okhorony zdorovia [Hreats and challenges for the cybersecurity system of information systems and registries in the healthcare sector]. Publichne upravlinnia: kontseptsii, paradyhma, rozvytok, udoskonalennia. № 6. Retrieved from [in Ukrainian].
8. Mintser, O. P., Voronenko Yu. V., Babintseva, L. Yu., Banchuk, M. V., Krasnov, V. V., Martseniuk, V. P., Denysenko, S. V., Azarkhov, O. Yu., Shupiatskyi, I. M. (2012). Kontseptsiia informatyzatsii okhorony zdorovia Ukrainy [Concept of healthcare informatization in Ukraine]. Medychna informatyka ta inzheneriia. № 3. Retrieved from [in Ukrainian].
9. Mintsyfra ta Derzhspetszviazku vdoskonaliuiut sferu informatyzatsii (2025). [The Ministry of Digital and the State Service for Special Communications Improve the Sphere of Informatization]. Retrieved from [in Ukrainian].
10. Nazirova, T. O., Kostenko, O. B. (2017). Ohliad modelei rozvytku eHealth ta naiavnykh medychnykh informatsiinykh system. Problemy stvorennia yedynoho medyko-informatsiinoho prostoru [Review of eHealth Development Models and Existing Medical Information Systems. Problems of Creating a Unified Medical Information Space]. Naukovyi visnyk NLTU Ukrainy. Vyp. 27(10). Retrieved from [in Ukrainian].
11. Pro osnovni zasady zabezpechennia kiberbezpeky Ukrainy : Zakon Ukrainy vid 05.10.2017 № 2163-VIII [On the Basic Principles of Ensuring Cybersecurity in Ukraine: Law of Ukraine] Retrieved from [in Ukrainian].
12. Iakobchuk, V., Ivaniuk, O., Krut, V. (2024). Upravlinnia informatsiinymy tekhnolohiiamy v sferi okhorony zdorovia v umovakh voiennoho stanu [Management of Information Technologies in the Sphere of Healthcare under Martial Law]. Ekonomichnyi prostir. № 195. Retrieved from [in Ukrainian].
13. Wanna Cry: zapytannia i vidpovidi pro hlobalnu kiberataku (2024). [WannaCry: Questions and Answers about the Global Cyberattack]. Retrieved from [in Ukrainian].
14. Natalia Dragomyretska, Yuliana Palagnyuk, Victoria Andriyash, Iryna Matvieienko, Dmytro Samofalov (2022). The introduction of modern technologies in public administration in the context of globalization. International journal of computer science and network security. vol. 22. no. 2. pp. 334-340 [in English].
15. Budzin, V., Shtyrov, О. (2023). Administratyvno-pravovi ta instytutsiini aspekty kontroliu ta nahliadu v realizatsii derzhavnoi polityky okhorony zdorovia na suchasnomu etapi transformatsii. [Administrative-legal and institutional aspects of control and supervision in the implementation of the state policy of health protection at the current stage of transformations]. Publichne upravlinnia i administruvannia v Ukraini. Vyp. 38. Retrieved from: https://doi.org/10.32782/ pma2663-5240-2023.38.7 [in Ukrainian].
16. Myroslav Kryshtanovych, Viktoria Andriyash, Hanna Bondar, Yuriy Kushnir, Kateryna Ozarko (2022). Public Administration Mechanisms for Ensuring Cybersecurity in Modern Conditions of Socio-Economic Development. International journal of computer science and network security. vol. 22. no. 3. pp. 606-610 [in English].
.png)
.png)
