{"id":"https://openalex.org/W4408291950","doi":"https://doi.org/10.1007/s10207-025-01009-z","title":"A risk and conformity assessment framework to ensure security and resilience of healthcare systems and medical supply chain","display_name":"A risk and conformity assessment framework to ensure security and resilience of healthcare systems and medical supply chain","publication_year":2025,"publication_date":"2025-03-10","ids":{"openalex":"https://openalex.org/W4408291950","doi":"https://doi.org/10.1007/s10207-025-01009-z"},"language":"en","primary_location":{"id":"doi:10.1007/s10207-025-01009-z","is_oa":true,"landing_page_url":"https://doi.org/10.1007/s10207-025-01009-z","pdf_url":"https://link.springer.com/content/pdf/10.1007/s10207-025-01009-z.pdf","source":{"id":"https://openalex.org/S164062316","display_name":"International Journal of Information Security","issn_l":"1615-5262","issn":["1615-5262","1615-5270"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"journal"},"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"International Journal of Information Security","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"hybrid","oa_url":"https://link.springer.com/content/pdf/10.1007/s10207-025-01009-z.pdf","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5091076851","display_name":"Kitty Kioskli","orcid":"https://orcid.org/0000-0003-0143-0216"},"institutions":[{"id":"https://openalex.org/I4210139822","display_name":"National Trust","ror":"https://ror.org/03md96v89","country_code":"GB","type":"nonprofit","lineage":["https://openalex.org/I4210139822"]},{"id":"https://openalex.org/I110002522","display_name":"University of Essex","ror":"https://ror.org/02nkf1q06","country_code":"GB","type":"education","lineage":["https://openalex.org/I110002522"]}],"countries":["GB"],"is_corresponding":true,"raw_author_name":"Kitty Kioskli","raw_affiliation_strings":["School of Computer Science and Electronic Engineering, Institute for Analytics and Data Science (IADS), University of Essex, Essex, UK","Trustilio BV, Amsterdam, Netherlands"],"affiliations":[{"raw_affiliation_string":"School of Computer Science and Electronic Engineering, Institute for Analytics and Data Science (IADS), University of Essex, Essex, UK","institution_ids":["https://openalex.org/I110002522"]},{"raw_affiliation_string":"Trustilio BV, Amsterdam, Netherlands","institution_ids":["https://openalex.org/I4210139822"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5060696669","display_name":"Elisavet Grigoriou","orcid":"https://orcid.org/0000-0002-7322-6954"},"institutions":[{"id":"https://openalex.org/I4210123512","display_name":"eBOS Technologies (Cyprus)","ror":"https://ror.org/036178197","country_code":"CY","type":"company","lineage":["https://openalex.org/I4210123512"]}],"countries":["CY"],"is_corresponding":false,"raw_author_name":"Elisavet Grigoriou","raw_affiliation_strings":["eBOS Technologies Ltd, Nicosia, Cyprus"],"affiliations":[{"raw_affiliation_string":"eBOS Technologies Ltd, Nicosia, Cyprus","institution_ids":["https://openalex.org/I4210123512"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5058734055","display_name":"Shareeful Islam","orcid":"https://orcid.org/0000-0003-0885-1881"},"institutions":[{"id":"https://openalex.org/I51216347","display_name":"Anglia Ruskin University","ror":"https://ror.org/0009t4v78","country_code":"GB","type":"education","lineage":["https://openalex.org/I51216347"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Shareeful Islam","raw_affiliation_strings":["School of Computing and Information Science, Anglia Ruskin University, Cambridge, UK"],"affiliations":[{"raw_affiliation_string":"School of Computing and Information Science, Anglia Ruskin University, Cambridge, UK","institution_ids":["https://openalex.org/I51216347"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5044359173","display_name":"Andrianos M. Yiorkas","orcid":null},"institutions":[{"id":"https://openalex.org/I4210123512","display_name":"eBOS Technologies (Cyprus)","ror":"https://ror.org/036178197","country_code":"CY","type":"company","lineage":["https://openalex.org/I4210123512"]}],"countries":["CY"],"is_corresponding":false,"raw_author_name":"Andrianos M. Yiorkas","raw_affiliation_strings":["eBOS Technologies Ltd, Nicosia, Cyprus"],"affiliations":[{"raw_affiliation_string":"eBOS Technologies Ltd, Nicosia, Cyprus","institution_ids":["https://openalex.org/I4210123512"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5074385564","display_name":"Loizos Christofi","orcid":null},"institutions":[{"id":"https://openalex.org/I4210123512","display_name":"eBOS Technologies (Cyprus)","ror":"https://ror.org/036178197","country_code":"CY","type":"company","lineage":["https://openalex.org/I4210123512"]}],"countries":["CY"],"is_corresponding":false,"raw_author_name":"Loizos Christofi","raw_affiliation_strings":["eBOS Technologies Ltd, Nicosia, Cyprus"],"affiliations":[{"raw_affiliation_string":"eBOS Technologies Ltd, Nicosia, Cyprus","institution_ids":["https://openalex.org/I4210123512"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5014613493","display_name":"Haralambos Mouratidis","orcid":"https://orcid.org/0000-0002-2599-0712"},"institutions":[{"id":"https://openalex.org/I4210150367","display_name":"BH Consulting (Ireland)","ror":"https://ror.org/04sbmz064","country_code":"IE","type":"company","lineage":["https://openalex.org/I4210150367"]},{"id":"https://openalex.org/I110002522","display_name":"University of Essex","ror":"https://ror.org/02nkf1q06","country_code":"GB","type":"education","lineage":["https://openalex.org/I110002522"]}],"countries":["GB","IE"],"is_corresponding":false,"raw_author_name":"Haralambos Mouratidis","raw_affiliation_strings":["School of Computer Science and Electronic Engineering, Institute for Analytics and Data Science (IADS), University of Essex, Essex, UK","Security Labs Consulting, Cork, Ireland"],"affiliations":[{"raw_affiliation_string":"School of Computer Science and Electronic Engineering, Institute for Analytics and Data Science (IADS), University of Essex, Essex, UK","institution_ids":["https://openalex.org/I110002522"]},{"raw_affiliation_string":"Security Labs Consulting, Cork, Ireland","institution_ids":["https://openalex.org/I4210150367"]}]}],"institutions":[],"countries_distinct_count":3,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5091076851"],"corresponding_institution_ids":["https://openalex.org/I110002522","https://openalex.org/I4210139822"],"apc_list":{"value":2590,"currency":"EUR","value_usd":3190},"apc_paid":{"value":2590,"currency":"EUR","value_usd":3190},"fwci":39.2115,"has_fulltext":false,"cited_by_count":12,"citation_normalized_percentile":{"value":0.99735683,"is_in_top_1_percent":true,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":98,"max":100},"biblio":{"volume":"24","issue":"2","first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T13690","display_name":"Quality and Safety in Healthcare","score":0.993399977684021,"subfield":{"id":"https://openalex.org/subfields/3607","display_name":"Medical Laboratory Technology"},"field":{"id":"https://openalex.org/fields/36","display_name":"Health Professions"},"domain":{"id":"https://openalex.org/domains/4","display_name":"Health Sciences"}},"topics":[{"id":"https://openalex.org/T13690","display_name":"Quality and Safety in Healthcare","score":0.993399977684021,"subfield":{"id":"https://openalex.org/subfields/3607","display_name":"Medical Laboratory Technology"},"field":{"id":"https://openalex.org/fields/36","display_name":"Health Professions"},"domain":{"id":"https://openalex.org/domains/4","display_name":"Health Sciences"}},{"id":"https://openalex.org/T11864","display_name":"Supply Chain Resilience and Risk Management","score":0.9883999824523926,"subfield":{"id":"https://openalex.org/subfields/1408","display_name":"Strategy and Management"},"field":{"id":"https://openalex.org/fields/14","display_name":"Business, Management and Accounting"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},{"id":"https://openalex.org/T10809","display_name":"Occupational Health and Safety Research","score":0.9372000098228455,"subfield":{"id":"https://openalex.org/subfields/3614","display_name":"Radiological and Ultrasound Technology"},"field":{"id":"https://openalex.org/fields/36","display_name":"Health Professions"},"domain":{"id":"https://openalex.org/domains/4","display_name":"Health Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/conformity","display_name":"Conformity","score":0.7585077881813049},{"id":"https://openalex.org/keywords/resilience","display_name":"Resilience (materials science)","score":0.6799470782279968},{"id":"https://openalex.org/keywords/supply-chain","display_name":"Supply chain","score":0.6131073832511902},{"id":"https://openalex.org/keywords/health-care","display_name":"Health care","score":0.5735549926757812},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.5692627429962158},{"id":"https://openalex.org/keywords/risk-analysis","display_name":"Risk analysis (engineering)","score":0.5596907734870911},{"id":"https://openalex.org/keywords/supply-chain-risk-management","display_name":"Supply chain risk management","score":0.4520752429962158},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4272160828113556},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.33098161220550537},{"id":"https://openalex.org/keywords/supply-chain-management","display_name":"Supply chain management","score":0.28813502192497253},{"id":"https://openalex.org/keywords/political-science","display_name":"Political science","score":0.1077350378036499}],"concepts":[{"id":"https://openalex.org/C142172996","wikidata":"https://www.wikidata.org/wiki/Q221284","display_name":"Conformity","level":2,"score":0.7585077881813049},{"id":"https://openalex.org/C2779585090","wikidata":"https://www.wikidata.org/wiki/Q3457762","display_name":"Resilience (materials science)","level":2,"score":0.6799470782279968},{"id":"https://openalex.org/C108713360","wikidata":"https://www.wikidata.org/wiki/Q1824206","display_name":"Supply chain","level":2,"score":0.6131073832511902},{"id":"https://openalex.org/C160735492","wikidata":"https://www.wikidata.org/wiki/Q31207","display_name":"Health care","level":2,"score":0.5735549926757812},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.5692627429962158},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.5596907734870911},{"id":"https://openalex.org/C192639820","wikidata":"https://www.wikidata.org/wiki/Q1114469","display_name":"Supply chain risk management","level":5,"score":0.4520752429962158},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4272160828113556},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.33098161220550537},{"id":"https://openalex.org/C44104985","wikidata":"https://www.wikidata.org/wiki/Q492886","display_name":"Supply chain management","level":3,"score":0.28813502192497253},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.1077350378036499},{"id":"https://openalex.org/C97355855","wikidata":"https://www.wikidata.org/wiki/Q11473","display_name":"Thermodynamics","level":1,"score":0.0},{"id":"https://openalex.org/C162853370","wikidata":"https://www.wikidata.org/wiki/Q39809","display_name":"Marketing","level":1,"score":0.0},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.0},{"id":"https://openalex.org/C48840187","wikidata":"https://www.wikidata.org/wiki/Q689042","display_name":"Service management","level":4,"score":0.0},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1007/s10207-025-01009-z","is_oa":true,"landing_page_url":"https://doi.org/10.1007/s10207-025-01009-z","pdf_url":"https://link.springer.com/content/pdf/10.1007/s10207-025-01009-z.pdf","source":{"id":"https://openalex.org/S164062316","display_name":"International Journal of Information Security","issn_l":"1615-5262","issn":["1615-5262","1615-5270"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"journal"},"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"International Journal of Information Security","raw_type":"journal-article"},{"id":"pmh:oai:figshare.com:article/29118095","is_oa":true,"landing_page_url":null,"pdf_url":null,"source":{"id":"https://openalex.org/S4377196282","display_name":"Figshare","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I4210132348","host_organization_name":"Figshare (United Kingdom)","host_organization_lineage":["https://openalex.org/I4210132348"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"Journal contribution"}],"best_oa_location":{"id":"doi:10.1007/s10207-025-01009-z","is_oa":true,"landing_page_url":"https://doi.org/10.1007/s10207-025-01009-z","pdf_url":"https://link.springer.com/content/pdf/10.1007/s10207-025-01009-z.pdf","source":{"id":"https://openalex.org/S164062316","display_name":"International Journal of Information Security","issn_l":"1615-5262","issn":["1615-5262","1615-5270"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"journal"},"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"International Journal of Information Security","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":true,"grobid_xml":false},"content_urls":{"pdf":"https://content.openalex.org/works/W4408291950.pdf"},"referenced_works_count":38,"referenced_works":["https://openalex.org/W1914744273","https://openalex.org/W2037889871","https://openalex.org/W2803056769","https://openalex.org/W2943017035","https://openalex.org/W2952298682","https://openalex.org/W2999561085","https://openalex.org/W3025038642","https://openalex.org/W3025397287","https://openalex.org/W3040855861","https://openalex.org/W3041133507","https://openalex.org/W3080654259","https://openalex.org/W3104393478","https://openalex.org/W3128172745","https://openalex.org/W3130946860","https://openalex.org/W3131069091","https://openalex.org/W3136062869","https://openalex.org/W3141537781","https://openalex.org/W3160137267","https://openalex.org/W3164999323","https://openalex.org/W3178637652","https://openalex.org/W3208172691","https://openalex.org/W4210758929","https://openalex.org/W4214938478","https://openalex.org/W4220991365","https://openalex.org/W4226467542","https://openalex.org/W4253802431","https://openalex.org/W4285213258","https://openalex.org/W4288079612","https://openalex.org/W4293090301","https://openalex.org/W4307983286","https://openalex.org/W4319431800","https://openalex.org/W4319719830","https://openalex.org/W4320492850","https://openalex.org/W4362558902","https://openalex.org/W4365146673","https://openalex.org/W4378695978","https://openalex.org/W4389236919","https://openalex.org/W4397007188"],"related_works":["https://openalex.org/W2057686421","https://openalex.org/W2015686463","https://openalex.org/W2260567777","https://openalex.org/W2145181404","https://openalex.org/W4283832168","https://openalex.org/W2259073436","https://openalex.org/W3133357750","https://openalex.org/W2128270257","https://openalex.org/W2141283470","https://openalex.org/W2037522875"],"abstract_inverted_index":{"In":[0],"recent":[1],"years,":[2],"the":[3,14,17,23,86,108,141,182,222],"healthcare":[4,31,64,87,111,146,278],"sector":[5],"has":[6],"undergone":[7],"a":[8,92,120,233,247],"significant":[9],"digital":[10,52],"transformation,":[11],"driven":[12],"by":[13,118],"rise":[15],"of":[16,19,26,110,145,184,195],"Internet":[18],"Medical":[20],"Things":[21],"and":[22,45,80,97,101,106,123,127,143,166,181,205,252,271],"exponential":[24],"use":[25],"connected":[27,68],"medical":[28,69],"devices":[29,70],"in":[30,85,154,276],"service":[32,65],"delivery.":[33,66],"This":[34,113,229],"transformation":[35],"offers":[36],"numerous":[37],"benefits,":[38],"including":[39],"enhanced":[40],"patient":[41],"data":[42,173],"collection,":[43],"processing,":[44],"informed":[46],"treatment":[47],"decisions.":[48],"Despite":[49],"these":[50,99,116],"advantages,":[51],"adoption":[53,84],"brings":[54],"several":[55],"security":[56,142,159,163,196,210,219],"challenges":[57],"that":[58],"pose":[59],"considerable":[60],"risks":[61,100],"to":[62,77,95,104,139,209,240,264],"overall":[63],"Additionally,":[67,188],"must":[71],"comply":[72],"with":[73,236],"sector-specific":[74],"regulatory":[75,238],"requirements":[76],"ensure":[78,192],"trustworthiness":[79],"facilitate":[81],"their":[82],"broader":[83],"sector.":[88],"There":[89],"is,":[90],"therefore,":[91],"pressing":[93],"need":[94],"understand":[96],"manage":[98],"compliance":[102],"issues":[103],"secure":[105],"strengthen":[107],"resilience":[109,144],"systems.":[112,147],"work":[114,245],"addresses":[115],"needs":[117],"introducing":[119],"novel":[121],"Risk":[122],"Conformity":[124],"Assessment":[125],"Framework":[126],"Certification":[128,215],"Scheme,":[129],"implemented":[130],"within":[131],"an":[132],"agile":[133],"Information":[134],"Security":[135],"Management":[136],"System":[137],"context":[138],"enhance":[140,268],"The":[148,212],"framework":[149],"leverages":[150],"Artificial":[151],"Intelligence":[152],"(AI)":[153],"risk":[155,161,186],"management":[156],"practices,":[157],"improving":[158],"assessments,":[160],"prediction,":[162],"control":[164],"implementation,":[165],"continuous":[167,199],"monitoring.":[168],"AI":[169,200],"algorithms":[170],"analyze":[171],"large":[172],"volumes":[174],"from":[175],"various":[176],"sources,":[177],"enabling":[178],"efficient":[179,226],"processing":[180],"identification":[183],"potential":[185,253],"patterns.":[187],"AI-driven":[189],"automation":[190],"tools":[191],"consistent":[193],"deployment":[194],"controls,":[197],"while":[198],"monitoring":[201],"detects":[202],"abnormal":[203],"activities":[204],"enables":[206],"rapid":[207],"response":[208],"incidents.":[211],"proposed":[213],"Cybersecurity":[214],"Scheme":[216],"incorporates":[217],"AI-based":[218],"assessments":[220],"into":[221],"certification":[223],"process,":[224],"facilitating":[225],"conformity":[227],"assurance.":[228],"scheme":[230],"also":[231],"promotes":[232],"collaborative":[234],"approach":[235],"relevant":[237],"bodies":[239],"achieve":[241],"compliance.":[242],"While":[243],"this":[244],"introduces":[246],"conceptual":[248],"framework,":[249],"its":[250,266,269,273],"implementation":[251],"refinements":[254],"remain":[255],"subjects":[256],"for":[257],"future":[258],"research.":[259],"Further":[260],"studies":[261],"are":[262],"necessary":[263],"validate":[265],"effectiveness,":[267],"components,":[270],"evaluate":[272],"practical":[274],"application":[275],"real-world":[277],"environments.":[279]},"counts_by_year":[{"year":2026,"cited_by_count":6},{"year":2025,"cited_by_count":6}],"updated_date":"2026-04-15T08:11:43.952461","created_date":"2025-10-10T00:00:00"}