Media Framing and Portrayals of Ransomware Impacts on Informatics, Employees, and Patients: Systematic Media Literature Review.

IF 6 2区医学 Q1 HEALTH CARE SCIENCES & SERVICES Journal of Medical Internet Research Pub Date : 2025-04-08 DOI:10.2196/59231

Atiya Avery, Elizabeth White Baker, Brittany Wright, Ishmael Avery, Dream Gomez

{"title":"Media Framing and Portrayals of Ransomware Impacts on Informatics, Employees, and Patients: Systematic Media Literature Review.","authors":"Atiya Avery, Elizabeth White Baker, Brittany Wright, Ishmael Avery, Dream Gomez","doi":"10.2196/59231","DOIUrl":null,"url":null,"abstract":"Background: Ransomware attacks on health care provider information systems have the potential to impact patient mortality and morbidity, and event details are relayed publicly through news stories. Despite this, little research exists on how these events are depicted in the media and the subsequent impacts of these events.Objective: This study used collaborative qualitative analysis to understand how news media frames and portrays the impacts of ransomware attacks on health informatic systems, employees, and patients.Methods: We developed and implemented a systematic search protocol across academic news databases, which included (1) the Associated Press Newswires, (2) Newspaper Source, and (3) Access World News (Newsbank), using the search string \"(hospital OR healthcare OR clinic OR medical) AND (ransomware OR denial of service OR cybersecurity).\" In total, 4 inclusion and 4 exclusion criteria were applied as part of the search protocol. For articles included in the study, we performed an inductive and deductive analysis of the news articles, which included their article characteristics, impact portrayals, media framings, and discussions of the core functions outlined in the National Institute of Standards and Technologies (NIST) Cybersecurity Framework 2.0.Results: The search returned 2195 articles, among which 48 news articles published from 2009 to 2023 were included in the study. First, an analysis of the geographic prevalence showed that the United States (34/48, 71%), followed to a lesser extent by India (4/48, 8%) and Canada (3/48, 6%), featured more prominently in our sample. Second, there were no apparent year-to-year patterns in the occurrence of reported events of ransomware attacks on health care provider information systems. Third, ransomware attacks on health care provider information systems appeared to cascade from a single point of failure. Fourth, media frames regarding \"human interest\" and \"responsibility\" were equally representative in the sample. The \"response\" function of the NIST Cybersecurity Framework 2.0 was noted in 36 of the 48 (75%) articles. Finally, we noted that 17 (14%) of the articles assessed for eligibility were excluded from this study as they promoted a product or service or spoke hypothetically about ransomware events among health care providers.Conclusions: Organizational response represented a substantial aspect of the news articles in our corpus. To address the perception of health care providers' management of ransomware attacks, they should take measures to influence perceptions of (1) health care service continuity, despite a lack of availability of health informatics; (2) responsibility for the patient experience; and (3) acknowledgment of the strain on health care practitioners and patients through a public declaration of support and gratitude. Furthermore, the media portrayals revealed a prevalence of single points of failure in the health informatics system, thus providing guidance for the implementation of safety protocols that could significantly reduce cascading impacts.","PeriodicalId":16337,"journal":{"name":"Journal of Medical Internet Research","volume":"27 ","pages":"e59231"},"PeriodicalIF":6.0000,"publicationDate":"2025-04-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.ncbi.nlm.nih.gov/pmc/articles/PMC12015346/pdf/","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Medical Internet Research","FirstCategoryId":"3","ListUrlMain":"https://doi.org/10.2196/59231","RegionNum":2,"RegionCategory":"医学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"HEALTH CARE SCIENCES & SERVICES","Score":null,"Total":0}

引用次数: 0

Abstract

Background: Ransomware attacks on health care provider information systems have the potential to impact patient mortality and morbidity, and event details are relayed publicly through news stories. Despite this, little research exists on how these events are depicted in the media and the subsequent impacts of these events.

Objective: This study used collaborative qualitative analysis to understand how news media frames and portrays the impacts of ransomware attacks on health informatic systems, employees, and patients.

Methods: We developed and implemented a systematic search protocol across academic news databases, which included (1) the Associated Press Newswires, (2) Newspaper Source, and (3) Access World News (Newsbank), using the search string "(hospital OR healthcare OR clinic OR medical) AND (ransomware OR denial of service OR cybersecurity)." In total, 4 inclusion and 4 exclusion criteria were applied as part of the search protocol. For articles included in the study, we performed an inductive and deductive analysis of the news articles, which included their article characteristics, impact portrayals, media framings, and discussions of the core functions outlined in the National Institute of Standards and Technologies (NIST) Cybersecurity Framework 2.0.

Results: The search returned 2195 articles, among which 48 news articles published from 2009 to 2023 were included in the study. First, an analysis of the geographic prevalence showed that the United States (34/48, 71%), followed to a lesser extent by India (4/48, 8%) and Canada (3/48, 6%), featured more prominently in our sample. Second, there were no apparent year-to-year patterns in the occurrence of reported events of ransomware attacks on health care provider information systems. Third, ransomware attacks on health care provider information systems appeared to cascade from a single point of failure. Fourth, media frames regarding "human interest" and "responsibility" were equally representative in the sample. The "response" function of the NIST Cybersecurity Framework 2.0 was noted in 36 of the 48 (75%) articles. Finally, we noted that 17 (14%) of the articles assessed for eligibility were excluded from this study as they promoted a product or service or spoke hypothetically about ransomware events among health care providers.

Conclusions: Organizational response represented a substantial aspect of the news articles in our corpus. To address the perception of health care providers' management of ransomware attacks, they should take measures to influence perceptions of (1) health care service continuity, despite a lack of availability of health informatics; (2) responsibility for the patient experience; and (3) acknowledgment of the strain on health care practitioners and patients through a public declaration of support and gratitude. Furthermore, the media portrayals revealed a prevalence of single points of failure in the health informatics system, thus providing guidance for the implementation of safety protocols that could significantly reduce cascading impacts.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

勒索软件对信息学、员工和患者影响的媒体框架和描述：系统的媒体文献综述。

背景：勒索软件对医疗保健提供者信息系统的攻击有可能影响患者的死亡率和发病率，事件细节通过新闻报道公开传播。尽管如此，关于媒体如何描述这些事件以及这些事件的后续影响的研究很少。目的：本研究使用协作定性分析来了解新闻媒体如何构建和描述勒索软件攻击对卫生信息系统、员工和患者的影响。方法：我们开发并实现了一个跨学术新闻数据库的系统搜索协议，其中包括(1)美联社通讯社，(2)报纸来源，(3)Access World news (Newsbank)，使用搜索字符串“（医院或医疗保健或诊所或医疗）和（勒索软件或拒绝服务或网络安全）”。共有4个纳入标准和4个排除标准作为搜索协议的一部分。对于研究中包含的文章，我们对新闻文章进行了归纳和演绎分析，其中包括他们的文章特征，影响描述，媒体框架，以及对国家标准与技术研究所（NIST）网络安全框架2.0中概述的核心功能的讨论。结果：检索到2195篇文章，其中2009 - 2023年发表的48篇新闻文章被纳入研究。首先，对地理患病率的分析表明，美国（34/ 48,71%），其次是印度（4/ 48,8%）和加拿大（3/ 48,6%），在我们的样本中更为突出。其次，在报告的勒索软件攻击医疗保健提供者信息系统的事件中，没有明显的逐年模式。第三，勒索软件对医疗保健提供商信息系统的攻击似乎是从单点故障开始的。第四，关于“人类利益”和“责任”的媒体框架在样本中同样具有代表性。48篇文章中有36篇（75%）提到了NIST网络安全框架2.0的“响应”功能。最后，我们注意到17篇（14%）被评估为合格的文章被排除在本研究之外，因为它们宣传了一种产品或服务，或者对医疗保健提供者中的勒索软件事件进行了假设。结论：组织反应代表了我们语料库中新闻文章的实质性方面。为了解决医疗服务提供者对勒索软件攻击管理的看法，他们应该采取措施影响以下观念：(1)尽管缺乏可用的卫生信息，但医疗服务的连续性；(2)对患者体验负责；(3)通过公开表示支持和感激，承认医护人员和患者所承受的压力。此外，媒体报道揭示了卫生信息系统中单点故障的普遍存在，从而为实施可显著减少级联影响的安全协议提供了指导。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

Journal of Medical Internet Research 医学-卫生保健

CiteScore

14.40

自引率

5.40%

发文量

654

审稿时长

1 months

期刊介绍： The Journal of Medical Internet Research (JMIR) is a highly respected publication in the field of health informatics and health services. With a founding date in 1999, JMIR has been a pioneer in the field for over two decades. As a leader in the industry, the journal focuses on digital health, data science, health informatics, and emerging technologies for health, medicine, and biomedical research. It is recognized as a top publication in these disciplines, ranking in the first quartile (Q1) by Impact Factor. Notably, JMIR holds the prestigious position of being ranked #1 on Google Scholar within the "Medical Informatics" discipline.