The Urgency of Legal Protection for Electronic Medical Records Amid Cybercrime Threats: A Literature Review on Patients' Rights and Doctors' Obligations
DOI:
https://doi.org/10.38035/gijlss.v3i2.494Keywords:
Electronic Medical Records, Cybercrime, Legal Protection, Privacy Rights, Healthcare Law, Literature ReviewAbstract
The digitization of electronic medical records (EMRs) has revolutionized healthcare delivery globally. However, alongside efficiency and accessibility, EMRs pose increasing risks due to cybercrime. Sensitive health data is now vulnerable to unauthorized access, requiring not only technological safeguards but also a strong legal framework. This literature review aims to map existing academic discussions and research findings on the legal protection of EMRs, with a focus on patients' rights to privacy and the legal obligations of healthcare providers. Through a systematic analysis of international and Indonesian literature published over the last five years, this study identifies trends, regulatory gaps, and conceptual frameworks that inform the evolving intersection of law, technology, and health data governance. The findings reveal fragmented regulatory responses and a need for integrative legal models to address cyber threats in the health sector. Recommendations include cross-disciplinary legal reform, improved cybersecurity standards, and enhanced legal literacy for medical professionals.
References
A. Booth, R. M. Purnagunawan, and ..., (2019). “Towards a healthy Indonesia?,” Bulletin of Indonesian doi: 10.1080/00074918.2019.1639509.
A. Herisasono. (2025). “Legal Liability of Health Care Facilities for Leakage of Patient Electronic Medical Records,” Pena Justisia: Media Komunikasi dan Kajian [Online]. Available: http://jurnal.unikal.ac.id/index.php/hk/article/view/5880
A. K. Sekar. (2023). “Emerging Cyber Security and Brute Force Attacks in Hospital Management Information Systems,” 2023 2nd International Conference on Smart Technologies for Smart Nation, SmartTechCon 2023, pp. 421–426, 2023, doi: 10.1109/SmartTechCon57526.2023.10391825.
A. Rollins. (2016)“Health’prime target’for cybercrime,” Australian Medicine, 2016, doi: 10.3316/ielapa.485275547674158.
A. Wirth. (2011). “Cybercrimes pose growing threat to medical devices,” Biomedical instrumentation &technology, doi: 10.2345/0899-8205-45.1.26.
B. Yuan and J. Li. (2019) “The policy effect of the general data protection regulation (GDPR) on the digital public health sector in the european union: An empirical investigation,” Int J Environ Res Public Health, vol. 16, no. 6, doi: 10.3390/ijerph16061070.
Budiman. (2023). “Preventing Cyber Crime in Electronic Medical Records Using Encryption Data,” 1st International Conference on Technology, Engineering, and Computing Applications: Trends in Technology Development in the Era of Society 5.0, ICTECA doi: 10.1109/ICTECA60133.2023.10490705.
C. George and B. Ber?i?. (2009). “Electronic medical records: addressing privacy &security concerns in the UK and US,” BILETA To Infinity and Beyond: Law and …, [Online]. Available: https://repository.mdx.ac.uk/item/82934
C. Santos. (2020). Medical Identity Theft: A Cybercrime. search.proquest.com, 2020. [Online]. Available: https://search.proquest.com/openview/cbd95688ad019914884303fc68d90752/1?pq-origsite=gscholar&cbl=18750&diss=y
D. Dhingra and A. Dabas. (2020). “Global Strategy on Digital Health,” Indian Pediatr, vol. 57, no. 4, 2020, doi: 10.1007/s13312-020-1789-7.
F. Pazarc?kc?, N. Karata?, and A. Kaya (2024). “The relationships of parents’ mental well-being and sociodemographic characteristics with digital parenting awareness: Structural equation model analysis,” J Pediatr Nurs, vol. 75, doi: 10.1016/j.pedn.2023.12.036.
Hassan Samkari and Adnan Gutub, (2015). “Protecting Medical Records against Cybercrimes within Hajj Period by 3-layer Security,” Recent Trends in Information Technology and Its Application, vol. 2, no. 3, 2019, doi: 10.5281/zenodo.3543455.
I. Sukesti, E. Sutrisno, and S. P. Indraswari. (2024) “LEGAL STUDY OF ELECTRONIC MEDICAL RECORDS FOR THE PROTECTION OF PATIENT RIGHTS,” HERMENEUTIKA: [Online]. Available: https://ejournalugj.com/index.php/HERMENEUTIKA/article/view/9588
J. Li and M. J. Shaw. (2012). “Safeguarding the Privacy of Electronic Medical Records,” Cyber Crime: Concepts, Methodologies, Tools and …, [Online]. Available: https://www.igi-global.com/chapter/content/60987
J. N. Weiss. (2023). “The Health Insurance Portability and Accountability Act (HIPAA),” in Physician Crisis, 2023. doi: 10.1007/978-3-031-27979-9_15.
J. Villalobos and N. Calvanese. (2021). “The impact of COVID-19 pandemic on doctor-patient relationship,” Rev Med Chil, vol. 149, no. 7, doi: 10.4067/S0034-98872021000701070.
L. Gates. (2024). “Cyber Attacks on Interoperable Electronic Health Records: A Clear and Present Danger,” Mo Med, [Online]. Available: https://pmc.ncbi.nlm.nih.gov/articles/PMC10887471/
M. F. Rasyad and R. L. Lubis. (2025). “Hospital Patient Data Security Evaluation to Achieve SDGs 3.8. 1 ‘Good Health and Wellbeing,’” Enrichment: Journal of [Online]. Available: http://journalenrichment.com/index.php/jr/article/view/326
M. K. Hossain, J. Sutanto, P. W. Handayani, A. A. Haryanto, J. Bhowmik, and V. Frings-Hessami. (2025). “An exploratory study of electronic medical record implementation and recordkeeping culture: the case of hospitals in Indonesia,” BMC Health Serv Res, doi: 10.1186/s12913-025-12399-0.
M. S. Anker, S. Hadzibegovic, A. Lena, and W. Haverkamp. (2019). “The difference in referencing in Web of Science, Scopus, and Google Scholar,” ESC Heart Fail, vol. 6, no. 6, 2019, doi: 10.1002/ehf2.12583.
M. Sumarto and A. Kaasch, (2018). New directions in social policy evidence from the Indonesian Health Insurance Programme. econstor.eu, [Online]. Available: https://www.econstor.eu/handle/10419/207012
M. Zimo? and R. Kasprzyk. (2021). “Digital revolution and cyber threats as its consequence,” Proceedings of the 38th International Business …, [Online]. Available: https://www.researchgate.net/profile/Rafal-Kasprzyk/publication/357657126_Digital_revolution_and_cyber_threats_as_its_consequence/links/61d8453dd45006081694d2cb/Digital-revolution-and-cyber-threats-as-its-consequence.pdf
N. Amalia, M. Z. Azhri, A. Rosarini, D. R. Wijayanti, and M. A. Riestiyowati, (2021) “The Implementation of Electronic Medical Record (EMR) in The Development Health Care System in Indonesia: A Literature Review,” International Journal of Advancement in Life Sciences Research, vol. 4, no. 3, 2021, doi: 10.31632/ijalsr.2021.v04i03.002.
P. C. Yeh, K. W. Yeh, and J. L. Huang. (2024). “Security Risk Assessment for Patient Portals of Hospitals: A Case Study of Taiwan,” Risk Management and Healthcare doi: 10.2147/RMHP.S463408.
P. Eappen, V. Gunn, H. S. Brar (2025). “Capitalizing on the transformative role of AI and human capital to strengthen cybersecurity in healthcare,” … Intelligence and Cyber [Online]. Available: https://books.google.com/books?hl=en&lr=&id=7URUEQAAQBAJ&oi=fnd&pg=PA112&dq=emr+cyber+crime&ots=0Rh-gFSanr&sig=MrjjR3FLqg7njco0cTKj9yCgvrQ
P. S. C. MZ and R. Sidi. (2025).“Professional Ethics and Health Law in the Digital Era and the Challenges of Patient Medical Data Protection In Electronic Medical Record System,” International Conference on Artificial [Online]. Available: https://www.icaneat-apibanyuwangi.org/index.php/icaneat/article/view/109
R. G. Smith. (2015). “Trajectories of cybercrime,” Cybercrime risks and responses: Eastern and western …, doi: 10.1057/9781137474162_2.
R. Ibrahim and Q. A. Al-Haija. (2024). “Blockchain Security Measures to Combat Cyber Crime,” Cyber Security for Next-Generation, doi: 10.1201/9781003404361-15.
R. Pranckut?, “Web of Science (WoS) and Scopus: the titans of bibliographic information in today’s academic world,” 2021. doi: 10.3390/publications9010012.
R. Sandhane. (2024). “Cyber Security Risk Assessment for Electronic Medical Records (EMRs),” 4th International Conference on Innovative Practices in Technology and Management 2024, ICIPTM 2024, 2024, doi: 10.1109/ICIPTM59628.2024.10563486.
S. Ghosh and E. Turrini. (2010) Cybercrimes: a multidisciplinary analysis. books.google.com, [Online]. Available: https://books.google.com/books?hl=en&lr=&id=aFJqtsfQhSkC&oi=fnd&pg=PR5&dq=emr+cyber+crime&ots=CuZZ_2Tw71&sig=g4D_njtAHuvpiYDpxTsO-92x2WM
S. Gupta, M. Kapoor, and S. K. Debnath (2025). “Cybersecurity Risks and Threats in Healthcare,” Artificial Intelligence-Enabled Security doi: 10.1007/978-3-031-82810-2_3.
S. John, N. Ravichandran, and M. F. Khan. (2018). “Electronic medical record for deliverance of effective healthcare delivery: Ethical issues and challenges of digitalization in clinical information and Electronic …,” IOSR Journal of Business and [Online]. Available: https://www.academia.edu/download/56830066/A2003020106.pdf
S. Monteith, T. Glenn, J. R. Geddes. (2024). “Artificial intelligence and cybercrime: implications for individuals and the healthcare sector,” The British Journal of …, 2024, [Online]. Available: https://www.cambridge.org/core/journals/the-british-journal-of-psychiatry/article/artificial-intelligence-and-cybercrime-implications-for-individuals-and-the-healthcare-sector/6409A9AB77FE31DD8033D7B761D20381
S. Sutardi and L. Ferdiles. (2023). “Law Enforcement Against Cybercrime in Online Activities,” … Ilmu Sosial dan [Online]. Available: https://edunity.publikasikupublisher.com/index.php/Edunity/article/view/34
S. Thakral and A. Vaish. (2022). “CYBER SMART: PROTECT THE PATIENT; PROTECT THE DATA ON ELECTRONIC MEDICAL RECORD,” academia.edu, [Online]. Available: https://www.academia.edu/download/117285535/ijtrs.v07.i01.pdf
S. Xu, J. Ning, Y. Li, Y. Zhang, G. Xu, (2021).“A secure EMR sharing system with tamper resistance and expressive access control,” … on Dependable and [Online]. Available: https://ieeexplore.ieee.org/abstract/document/9609621/
T. M. Anwar, J. G. Tambun, and A. Jaeni. (2025). “JURIDICAL ANALYSIS OF THE MISUSE OF ELECTRONIC MEDICAL RECORDS IN THE PERSPECTIVE OF THE ELECTRONIC INFORMATION AND …,” PRANATA HUKUM, [Online]. Available: https://jurnalpranata.ubl.ac.id/index.php/pranatahukum/article/view/380
V. Janarthanan, N. V Nagrale, O. G. Singh, K. V Raj. (2024). “Legal and Ethical Issues Associated With Challenges in the Implementation of the Electronic Medical Record System and Its Current Laws in India,” Cureus, 2024, [Online]. Available: https://www.cureus.com/articles/207054-legal-and-ethical-issues-associated-with-challenges-in-the-implementation-of-the-electronic-medical-record-system-and-its-current-laws-in-india.pdf
V. Popa et al., (2024)“Delivering Digital Health Solutions that Patients Need: A Call to Action,” doi: 10.1007/s43441-023-00592-4.
Y. K. WINDI. (2018)“An Emerging Health Protection System and Its Coverage of A Vulnerable and Marginalised Population: The Waste Pickers of Surabaya, Indonesia,” scholar.archive.org. [Online]. Available: https://scholar.archive.org/work/i7jqhylk7jds7dizqfmjvebhh4/access/wayback/https://au-east.erc.monash.edu.au/fpfiles/11080613/YohanesKWindiFinalThesis.pdf
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2025 Ade Netra Kartika
This work is licensed under a Creative Commons Attribution 4.0 International License.
Copyright :
Authors who publish their manuscripts in this journal agree to the following conditions:
- Copyright in each article belongs to the author.
- The author acknowledges that the Greenation International Journal of Law and Social Sciences (GIJLSS) has the right to be the first to publish under a Creative Commons Attribution 4.0 International license (Attribution 4.0 International CC BY 4.0).
- Authors can submit articles separately, arrange the non-exclusive distribution of manuscripts that have been published in this journal to other versions (for example, sent to the author's institutional repository, publication in a book, etc.), by acknowledging that the manuscript has been published for the first time at GIJLSS.
