RT Journal Article SR Electronic T1 Developing a globally applicable cybersecurity framework for healthcare: a Delphi consensus study JF BMJ Innovations JO BMJ Innov FD All India Institute of Medical Sciences SP 199 OP 207 DO 10.1136/bmjinnov-2020-000572 VO 7 IS 1 A1 O'Brien, Niki A1 Grass, Emilia A1 Martin, Guy A1 Durkin, Mike A1 Darzi, Ara A1 Ghafur, Saira YR 2021 UL http://innovations.bmj.com/content/7/1/199.abstract AB Background Cybersecurity in healthcare has become increasingly important as the COVID-19 pandemic has increased the use of digital technologies in healthcare provision around the world, while simultaneously encouraged cybercriminals to target healthcare organisations in greater numbers. Despite the threat of cyberattack to patient safety and the provision of healthcare, cybersecurity in the health sector lags behind other industries. Additionally, no adequate cybersecurity framework exists which considers the unique needs of the health sector.Methods An online Delphi was carried out to develop a globally relevant and applicable readiness framework to guide cybersecurity planning in healthcare. Experts (n=42) in the areas of cybersecurity, information communications and technology and health informatics were invited to list the components they felt were essential to a framework and subsequently agree with consensus on a final framework based on the identified components.Results After two rounds, the Essentials of Cybersecurity in Healthcare Organizations (ECHO) framework with 51 components, grouped into six categories, was regarded by the experts as an acceptable planning tool to guide cybersecurity in healthcare at the global level.Conclusions The ECHO framework, designed based on components chosen by international experts to meet the challenges of cybersecurity scale-up in the health and care sector globally, can help guide policymakers and health and care organisations in strengthening their cybersecurity infrastructure and deliver safe and effective care.