Media Framing and Portrayals of Ransomware Impacts on Informatics, Employees, and Patients: Systematic Media Literature Review
BackgroundRansomware attacks on health care provider information systems have the potential to impact patient mortality and morbidity, and event details are relayed publicly through news stories. Despite this, little research exists on how these events are depicted in the med...
Saved in:
| Main Authors: | , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
JMIR Publications
2025-04-01
|
| Series: | Journal of Medical Internet Research |
| Online Access: | https://www.jmir.org/2025/1/e59231 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1850214273159004160 |
|---|---|
| author | Atiya Avery Elizabeth White Baker Brittany Wright Ishmael Avery Dream Gomez |
| author_facet | Atiya Avery Elizabeth White Baker Brittany Wright Ishmael Avery Dream Gomez |
| author_sort | Atiya Avery |
| collection | DOAJ |
| description |
BackgroundRansomware attacks on health care provider information systems have the potential to impact patient mortality and morbidity, and event details are relayed publicly through news stories. Despite this, little research exists on how these events are depicted in the media and the subsequent impacts of these events.
ObjectiveThis study used collaborative qualitative analysis to understand how news media frames and portrays the impacts of ransomware attacks on health informatic systems, employees, and patients.
MethodsWe developed and implemented a systematic search protocol across academic news databases, which included (1) the Associated Press Newswires, (2) Newspaper Source, and (3) Access World News (Newsbank), using the search string “(hospital OR healthcare OR clinic OR medical) AND (ransomware OR denial of service OR cybersecurity).” In total, 4 inclusion and 4 exclusion criteria were applied as part of the search protocol. For articles included in the study, we performed an inductive and deductive analysis of the news articles, which included their article characteristics, impact portrayals, media framings, and discussions of the core functions outlined in the National Institute of Standards and Technologies (NIST) Cybersecurity Framework 2.0.
ResultsThe search returned 2195 articles, among which 48 news articles published from 2009 to 2023 were included in the study. First, an analysis of the geographic prevalence showed that the United States (34/48, 71%), followed to a lesser extent by India (4/48, 8%) and Canada (3/48, 6%), featured more prominently in our sample. Second, there were no apparent year-to-year patterns in the occurrence of reported events of ransomware attacks on health care provider information systems. Third, ransomware attacks on health care provider information systems appeared to cascade from a single point of failure. Fourth, media frames regarding “human interest” and “responsibility” were equally representative in the sample. The “response” function of the NIST Cybersecurity Framework 2.0 was noted in 36 of the 48 (75%) articles. Finally, we noted that 17 (14%) of the articles assessed for eligibility were excluded from this study as they promoted a product or service or spoke hypothetically about ransomware events among health care providers.
ConclusionsOrganizational response represented a substantial aspect of the news articles in our corpus. To address the perception of health care providers’ management of ransomware attacks, they should take measures to influence perceptions of (1) health care service continuity, despite a lack of availability of health informatics; (2) responsibility for the patient experience; and (3) acknowledgment of the strain on health care practitioners and patients through a public declaration of support and gratitude. Furthermore, the media portrayals revealed a prevalence of single points of failure in the health informatics system, thus providing guidance for the implementation of safety protocols that could significantly reduce cascading impacts. |
| format | Article |
| id | doaj-art-3cc9ea2f8a024d00b0db9cfeaa2e46d2 |
| institution | OA Journals |
| issn | 1438-8871 |
| language | English |
| publishDate | 2025-04-01 |
| publisher | JMIR Publications |
| record_format | Article |
| series | Journal of Medical Internet Research |
| spelling | doaj-art-3cc9ea2f8a024d00b0db9cfeaa2e46d22025-08-20T02:08:57ZengJMIR PublicationsJournal of Medical Internet Research1438-88712025-04-0127e5923110.2196/59231Media Framing and Portrayals of Ransomware Impacts on Informatics, Employees, and Patients: Systematic Media Literature ReviewAtiya Averyhttps://orcid.org/0000-0002-6698-3738Elizabeth White Bakerhttps://orcid.org/0000-0002-5535-6827Brittany Wrighthttps://orcid.org/0009-0005-7182-9080Ishmael Averyhttps://orcid.org/0000-0002-7112-7661Dream Gomezhttps://orcid.org/0009-0004-2433-9786 BackgroundRansomware attacks on health care provider information systems have the potential to impact patient mortality and morbidity, and event details are relayed publicly through news stories. Despite this, little research exists on how these events are depicted in the media and the subsequent impacts of these events. ObjectiveThis study used collaborative qualitative analysis to understand how news media frames and portrays the impacts of ransomware attacks on health informatic systems, employees, and patients. MethodsWe developed and implemented a systematic search protocol across academic news databases, which included (1) the Associated Press Newswires, (2) Newspaper Source, and (3) Access World News (Newsbank), using the search string “(hospital OR healthcare OR clinic OR medical) AND (ransomware OR denial of service OR cybersecurity).” In total, 4 inclusion and 4 exclusion criteria were applied as part of the search protocol. For articles included in the study, we performed an inductive and deductive analysis of the news articles, which included their article characteristics, impact portrayals, media framings, and discussions of the core functions outlined in the National Institute of Standards and Technologies (NIST) Cybersecurity Framework 2.0. ResultsThe search returned 2195 articles, among which 48 news articles published from 2009 to 2023 were included in the study. First, an analysis of the geographic prevalence showed that the United States (34/48, 71%), followed to a lesser extent by India (4/48, 8%) and Canada (3/48, 6%), featured more prominently in our sample. Second, there were no apparent year-to-year patterns in the occurrence of reported events of ransomware attacks on health care provider information systems. Third, ransomware attacks on health care provider information systems appeared to cascade from a single point of failure. Fourth, media frames regarding “human interest” and “responsibility” were equally representative in the sample. The “response” function of the NIST Cybersecurity Framework 2.0 was noted in 36 of the 48 (75%) articles. Finally, we noted that 17 (14%) of the articles assessed for eligibility were excluded from this study as they promoted a product or service or spoke hypothetically about ransomware events among health care providers. ConclusionsOrganizational response represented a substantial aspect of the news articles in our corpus. To address the perception of health care providers’ management of ransomware attacks, they should take measures to influence perceptions of (1) health care service continuity, despite a lack of availability of health informatics; (2) responsibility for the patient experience; and (3) acknowledgment of the strain on health care practitioners and patients through a public declaration of support and gratitude. Furthermore, the media portrayals revealed a prevalence of single points of failure in the health informatics system, thus providing guidance for the implementation of safety protocols that could significantly reduce cascading impacts.https://www.jmir.org/2025/1/e59231 |
| spellingShingle | Atiya Avery Elizabeth White Baker Brittany Wright Ishmael Avery Dream Gomez Media Framing and Portrayals of Ransomware Impacts on Informatics, Employees, and Patients: Systematic Media Literature Review Journal of Medical Internet Research |
| title | Media Framing and Portrayals of Ransomware Impacts on Informatics, Employees, and Patients: Systematic Media Literature Review |
| title_full | Media Framing and Portrayals of Ransomware Impacts on Informatics, Employees, and Patients: Systematic Media Literature Review |
| title_fullStr | Media Framing and Portrayals of Ransomware Impacts on Informatics, Employees, and Patients: Systematic Media Literature Review |
| title_full_unstemmed | Media Framing and Portrayals of Ransomware Impacts on Informatics, Employees, and Patients: Systematic Media Literature Review |
| title_short | Media Framing and Portrayals of Ransomware Impacts on Informatics, Employees, and Patients: Systematic Media Literature Review |
| title_sort | media framing and portrayals of ransomware impacts on informatics employees and patients systematic media literature review |
| url | https://www.jmir.org/2025/1/e59231 |
| work_keys_str_mv | AT atiyaavery mediaframingandportrayalsofransomwareimpactsoninformaticsemployeesandpatientssystematicmedialiteraturereview AT elizabethwhitebaker mediaframingandportrayalsofransomwareimpactsoninformaticsemployeesandpatientssystematicmedialiteraturereview AT brittanywright mediaframingandportrayalsofransomwareimpactsoninformaticsemployeesandpatientssystematicmedialiteraturereview AT ishmaelavery mediaframingandportrayalsofransomwareimpactsoninformaticsemployeesandpatientssystematicmedialiteraturereview AT dreamgomez mediaframingandportrayalsofransomwareimpactsoninformaticsemployeesandpatientssystematicmedialiteraturereview |