Do doctors care? Validating a tool for the assessment of health information security in Spanish-speaking countries (Preprint)

BACKGROUND Healthcare has increased its use of information technology over the last few years. A trend followed higher usage of Electronic Health Record in low-and-middle-income countries where doctors use non-medical applications and websites for healthcare-related tasks. Information security awareness and practices are essential to reduce the risk of breaches. OBJECTIVE To assess the internal reliability of the Spanish translation of three areas of the Human Aspects of Information Security Questionnaire (HAIS-Q), and to assess the knowledge, attitudes, and practices of medical doctors around information security. METHODS This is a cross-sectional descriptive study designed as a questionnaire-based. We used focus areas (Password management, social media use, and mobile devices use) from the Human Aspects of Information Security Questionnaire (HAIS-Q). Medical doctors in Ecuador answered an online survey between December 2017 and January 2018. RESULTS A total of 434 health professionals (response rate: 0.65) completed all the questions in our study. Scores were 37.4 (SD 5.9) for Password Management, 35.4 (SD 5.0) for Social Media Use and 35.9 (SD 5.7) for Mobile Devices. Cronbach’s alpha coefficient (α) was 0.78 (95% CI: 0.75, 0.81) for password management, 0.73 (95%CI: 0.69, 0.77) for mobile devices and 0.77 (95% CI: 0.73, 0.78) for Social Media Use. CONCLUSIONS Our study shows that three components of the Spanish translation of the HAIS-Q questionnaire were internally reliable when applied in medical doctors. Medical doctors with eagerness to receive infosec training scored higher in social media use and mobile device use categories.