{"id":"https://openalex.org/W7140198607","doi":"https://doi.org/10.1016/j.procs.2026.03.047","title":"Digital Fortresses: Software Security Practices in Healthcare Settings","display_name":"Digital Fortresses: Software Security Practices in Healthcare Settings","publication_year":2026,"publication_date":"2026-01-01","ids":{"openalex":"https://openalex.org/W7140198607","doi":"https://doi.org/10.1016/j.procs.2026.03.047"},"language":"en","primary_location":{"id":"doi:10.1016/j.procs.2026.03.047","is_oa":true,"landing_page_url":"https://doi.org/10.1016/j.procs.2026.03.047","pdf_url":null,"source":{"id":"https://openalex.org/S120348307","display_name":"Procedia Computer Science","issn_l":"1877-0509","issn":["1877-0509"],"is_oa":true,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320990","host_organization_name":"Elsevier BV","host_organization_lineage":["https://openalex.org/P4310320990"],"host_organization_lineage_names":["Elsevier BV"],"type":"journal"},"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Procedia Computer Science","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"diamond","oa_url":"https://doi.org/10.1016/j.procs.2026.03.047","any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":null,"display_name":"Sileshi Demesie Yalew","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Sileshi Demesie Yalew","raw_affiliation_strings":["Addis Ababa Institute of Technology, Addis Ababa University, King George VI St, 1000 Addis Ababa, Ethiopia"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Addis Ababa Institute of Technology, Addis Ababa University, King George VI St, 1000 Addis Ababa, Ethiopia","institution_ids":[]}]},{"author_position":"middle","author":{"id":null,"display_name":"Abraham Asfawosen Getahun","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Abraham Asfawosen Getahun","raw_affiliation_strings":["Addis Ababa Institute of Technology, Addis Ababa University, King George VI St, 1000 Addis Ababa, Ethiopia"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Addis Ababa Institute of Technology, Addis Ababa University, King George VI St, 1000 Addis Ababa, Ethiopia","institution_ids":[]}]},{"author_position":"middle","author":{"id":null,"display_name":"Parisa Aasi","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Parisa Aasi","raw_affiliation_strings":["Mays Business School, Texas A & M, 210 Olsen Blvd, College Station, TX 77843, United States"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Mays Business School, Texas A & M, 210 Olsen Blvd, College Station, TX 77843, United States","institution_ids":[]}]},{"author_position":"last","author":{"id":null,"display_name":"Gideon Mekonnen Jonathan","orcid":null},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Gideon Mekonnen Jonathan","raw_affiliation_strings":["Department of Computer and Systems Sciences (DSV), Stockholm University, Borgarfjordsgatan 12, 164 55 Kista, Sweden"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Computer and Systems Sciences (DSV), Stockholm University, Borgarfjordsgatan 12, 164 55 Kista, Sweden","institution_ids":[]}]}],"institutions":[],"countries_distinct_count":0,"institutions_distinct_count":4,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.67823041,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":"278","issue":null,"first_page":"751","last_page":"758"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.5878000259399414,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.5878000259399414,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.03579999879002571,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11614","display_name":"Cloud Data Security Solutions","score":0.03060000017285347,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/health-care","display_name":"Health care","score":0.5817000269889832},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.5293999910354614},{"id":"https://openalex.org/keywords/healthcare-system","display_name":"Healthcare system","score":0.478300005197525},{"id":"https://openalex.org/keywords/security-policy","display_name":"Security policy","score":0.424699991941452},{"id":"https://openalex.org/keywords/data-breach","display_name":"Data breach","score":0.3749000132083893},{"id":"https://openalex.org/keywords/software-security-assurance","display_name":"Software security assurance","score":0.37049999833106995},{"id":"https://openalex.org/keywords/best-practice","display_name":"Best practice","score":0.3686000108718872}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6477000117301941},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5849999785423279},{"id":"https://openalex.org/C160735492","wikidata":"https://www.wikidata.org/wiki/Q31207","display_name":"Health care","level":2,"score":0.5817000269889832},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.5293999910354614},{"id":"https://openalex.org/C2988170871","wikidata":"https://www.wikidata.org/wiki/Q11000047","display_name":"Healthcare system","level":3,"score":0.478300005197525},{"id":"https://openalex.org/C154908896","wikidata":"https://www.wikidata.org/wiki/Q2167404","display_name":"Security policy","level":2,"score":0.424699991941452},{"id":"https://openalex.org/C165609540","wikidata":"https://www.wikidata.org/wiki/Q1172486","display_name":"Data breach","level":2,"score":0.3749000132083893},{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.37049999833106995},{"id":"https://openalex.org/C56739046","wikidata":"https://www.wikidata.org/wiki/Q192060","display_name":"Knowledge management","level":1,"score":0.36970001459121704},{"id":"https://openalex.org/C184356942","wikidata":"https://www.wikidata.org/wiki/Q830382","display_name":"Best practice","level":2,"score":0.3686000108718872},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.3239000141620636},{"id":"https://openalex.org/C529173508","wikidata":"https://www.wikidata.org/wiki/Q638608","display_name":"Software development","level":3,"score":0.303600013256073},{"id":"https://openalex.org/C10511746","wikidata":"https://www.wikidata.org/wiki/Q899388","display_name":"Data security","level":3,"score":0.2897999882698059},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.2797999978065491},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.2727999985218048},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.271699994802475},{"id":"https://openalex.org/C103377522","wikidata":"https://www.wikidata.org/wiki/Q3493999","display_name":"Security information and event management","level":4,"score":0.26899999380111694},{"id":"https://openalex.org/C126082660","wikidata":"https://www.wikidata.org/wiki/Q4252370","display_name":"Digital transformation","level":2,"score":0.26570001244544983},{"id":"https://openalex.org/C195094911","wikidata":"https://www.wikidata.org/wiki/Q14167904","display_name":"Process management","level":1,"score":0.25529998540878296},{"id":"https://openalex.org/C114869243","wikidata":"https://www.wikidata.org/wiki/Q133735","display_name":"Security through obscurity","level":5,"score":0.2517000138759613}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1016/j.procs.2026.03.047","is_oa":true,"landing_page_url":"https://doi.org/10.1016/j.procs.2026.03.047","pdf_url":null,"source":{"id":"https://openalex.org/S120348307","display_name":"Procedia Computer Science","issn_l":"1877-0509","issn":["1877-0509"],"is_oa":true,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320990","host_organization_name":"Elsevier BV","host_organization_lineage":["https://openalex.org/P4310320990"],"host_organization_lineage_names":["Elsevier BV"],"type":"journal"},"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Procedia Computer Science","raw_type":"journal-article"}],"best_oa_location":{"id":"doi:10.1016/j.procs.2026.03.047","is_oa":true,"landing_page_url":"https://doi.org/10.1016/j.procs.2026.03.047","pdf_url":null,"source":{"id":"https://openalex.org/S120348307","display_name":"Procedia Computer Science","issn_l":"1877-0509","issn":["1877-0509"],"is_oa":true,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320990","host_organization_name":"Elsevier BV","host_organization_lineage":["https://openalex.org/P4310320990"],"host_organization_lineage_names":["Elsevier BV"],"type":"journal"},"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Procedia Computer Science","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":20,"referenced_works":["https://openalex.org/W1913969462","https://openalex.org/W2016188438","https://openalex.org/W2048063069","https://openalex.org/W2294407885","https://openalex.org/W2529133275","https://openalex.org/W2549564909","https://openalex.org/W2596685047","https://openalex.org/W2736368095","https://openalex.org/W2998982058","https://openalex.org/W3088923709","https://openalex.org/W3090473955","https://openalex.org/W3111132843","https://openalex.org/W3217067040","https://openalex.org/W4229053199","https://openalex.org/W4312546924","https://openalex.org/W4322625095","https://openalex.org/W4378906827","https://openalex.org/W4387457408","https://openalex.org/W4394781239","https://openalex.org/W4405569873"],"related_works":[],"abstract_inverted_index":{"As":[0],"the":[1,19,29,34,74,112,132],"healthcare":[2,97,139],"systems":[3,72,98],"increasingly":[4],"embrace":[5],"digital":[6],"platforms,":[7],"robust":[8],"software":[9,26,118],"security":[10,27,51,119],"has":[11],"become":[12],"of":[13,33,65,87,135],"paramount":[14],"importance.":[15],"This":[16],"study":[17],"investigates":[18],"institutional,":[20],"technical,":[21],"and":[22,36,46,56,90,106,127,129],"cultural":[23],"practices":[24,52],"influencing":[25],"within":[28],"sector":[30],"in":[31,137,142],"one":[32],"low-":[35],"middle-income":[37],"countries":[38],"(LMICs).":[39],"Drawing":[40],"on":[41],"data":[42],"across":[43],"in-house,":[44],"third-party,":[45],"cloud-based":[47,71],"systems,":[48],"we":[49],"found":[50],"were":[53],"inconsistently":[54],"applied":[55],"often":[57],"lacked":[58],"formal":[59],"governance.":[60],"Only":[61],"23.84":[62],"per":[63],"cent":[64],"responses":[66],"indicated":[67],"adequate":[68],"security,":[69],"with":[70],"showing":[73],"weakest":[75],"safeguards.":[76],"Our":[77],"findings":[78,110],"highlight":[79],"widespread":[80],"vulnerabilities":[81],"stemming":[82],"from":[83],"limited":[84],"awareness,":[85],"lack":[86],"policy":[88,126],"frameworks,":[89],"insufficient":[91],"organisational":[92],"support.":[93],"These":[94],"issues":[95],"expose":[96],"to":[99,131],"significant":[100],"cyber":[101],"threats,":[102],"jeopardising":[103],"patient":[104],"safety":[105],"operational":[107],"resilience.":[108],"The":[109],"underscore":[111],"need":[113],"for":[114,124],"a":[115],"contextually":[116],"tailored":[117],"assessment":[120],"framework,":[121],"offering":[122],"insights":[123],"national":[125],"practice,":[128],"contribute":[130],"under-researched":[133],"area":[134],"cybersecurity":[136],"low-resource":[138],"settings,":[140],"particularly":[141],"sub-Saharan":[143],"Africa.":[144]},"counts_by_year":[],"updated_date":"2026-04-25T08:17:42.794288","created_date":"2026-03-25T00:00:00"}