Abstract
Healthcare organisations have become increasingly reliant on digital technologies ever since the COVID-19 pandemic. The increasing adoption of digital technologies in healthcare, while improving patient care and operational efficiency, has exposed healthcare organisations to increased risks of cyberattacks. The healthcare organisations also face heightened risks from ransomware, phishing, data breaches, and denial-of-service attacks among others because of this heavy reliance. This study aims to investigate and understand the impact of cyberattacks in the South African healthcare sector. In addition, the study aims to explore the growing threat of cyberattacks on information security and business continuity in the healthcare sector, focusing on the period between 2020 and 2024. The consequences of these attacks on patient data, operational disruptions, and financial losses are extreme, particularly in light of the COVID-19 pandemic, which aggravated vulnerabilities surrounding healthcare.
The study sought to make use of qualitative content analysis and document analysis on publicly available information, to investigate real-world incidents involving major South African healthcare giants, such as Life Healthcare Group, Dis-Chem, and the National Health Laboratory Service (NHLS). Key findings from this study reveal that outdated information technology (IT) systems, insufficient cybersecurity protocols, inadequate staff training, and a lack of robust business continuity plans are critical weaknesses. Furthermore, the analysis identifies gaps between internal cybersecurity measures and both national regulations, such as the Protection of Personal Information Act (POPIA) and the National Cybersecurity Policy Framework (NCPF), as well as international standards like the International Organisation for Standardization (ISO) 27001 and the National Institute of Standards and Technology Cybersecurity Framework (NIST).
The study offers actionable recommendations for strengthening cybersecurity in South Africa’s healthcare sector. These include implementing comprehensive cybersecurity training programmes, enhancing incident response mechanisms, and improving alignment with international cybersecurity frameworks. Additionally, the study emphasises the importance of business continuity planning to ensure healthcare services can recover from cyber incidents, thereby protecting sensitive patient data and maintaining service delivery.