scholarly journals Theory-Based Model and Prediction Analysis of Information Security Compliance Behavior in the Saudi Healthcare Sector

Symmetry ◽  
2020 ◽  
Vol 12 (9) ◽  
pp. 1544
Author(s):  
Sultan T. Alanazi ◽  
Mohammed Anbar ◽  
Shouki A. Ebad ◽  
Shankar Karuppayah ◽  
Hadeer A. Al-Ani
Keyword(s):  
Saudi Arabia ◽  
Information Systems ◽  
Information Security ◽  
Health Information ◽  
Healthcare Workers ◽  
Health Information Systems ◽  
General Information ◽  
Kingdom Of Saudi Arabia ◽  
Compliance Behavior ◽  
Security Compliance

The adoption of health information systems provides many potential healthcare benefits. The government of the Kingdom of Saudi Arabia has subsidized this field. However, like those of other less developed countries, organizations in the Kingdom of Saudi Arabia struggle to secure their health information systems. This issue may stem from a lack of awareness regarding information security. To date, most related studies have not considered all of the factors affecting information security compliance behavior (ISCB), which include psychological traits, cultural and religious beliefs, and legal concerns. This paper aims to investigate the usefulness of a theory-based model and determine the predictors of ISCB among healthcare workers at government hospitals in the Kingdom of Saudi Arabia. The study investigated 433 health workers in Arar, the capital of the Northern Borders Province in the Kingdom of Saudi Arabia. Two phases involved in this study were the hypothetical model formulation and identification of ISCB predictors. The results suggest that moderating and non-common factors (e.g., religion and morality) impact ISCB, while demographic characteristics (e.g., age, marital status, and work experience) do not. All published instruments and theories were embedded to determine the most acceptable theories for Saudi culture. The theory-based model of ISCB establishes the main domains of theory for this study, which were religion/morality, self-efficacy, legal/punishment, personality traits, cost of compliance/noncompliance, subjective norms, information security policy, general information security, and technology awareness. Predictors of ISCB indicate that general information security, followed by self-efficacy and religion/morality, is the most influential factor on ISCB among healthcare workers in the Kingdom of Saudi Arabia. This study is considered as the first to present the symmetry between theory and actual descriptive results, which were not investigated before.

Information Security Standards for Health Information Systems

2011 ◽  
pp. 113-145
Author(s):  
Evangelos Kotsonis ◽  
Stelios Eliakis
Keyword(s):  
Health Care ◽  
Information Systems ◽  
Information Security ◽  
Health Information ◽  
Health Care Organization ◽  
Security Management ◽  
Health Information Systems ◽  
Care Organization ◽  
Information Security Management ◽  
Health Related

Current developments in the field of integrated treatment show the need for IS security approaches within the healthcare domain. Health information systems are called to meet unique demands to remain operational in the face of natural disasters, system failures and denial-of-service attacks. At the same time, the data contained in health information systems are strictly confidential and, due to the ethical, judicial and social implications in case of data loss, health related data require extremely sensitive handling. The purpose of this chapter is to provide an overview of information security management standards in the context of health care information systems and focus on the most widely accepted ISO/IEC 27000 family of standards for information security management. In the end of the chapter, a guide to develop a complete and robust information security management system for a health care organization will be provided, by mentioning special implications that are met in a health care organization, as well as special considerations related to health related web applications. This guide will be based on special requirements of ISO/IEC 27799:2008 (Health informatics — Information security management in health using ISO/IEC 27002).

Information Security Standards for Health Information Systems

2012 ◽  
pp. 225-257
Author(s):  
Evangelos Kotsonis ◽  
Stelios Eliakis
Keyword(s):  
Health Care ◽  
Information Systems ◽  
Information Security ◽  
Health Information ◽  
Health Care Organization ◽  
Security Management ◽  
Health Information Systems ◽  
Care Organization ◽  
Information Security Management ◽  
Health Related

Current developments in the field of integrated treatment show the need for IS security approaches within the healthcare domain. Health information systems are called to meet unique demands to remain operational in the face of natural disasters, system failures and denial-of-service attacks. At the same time, the data contained in health information systems are strictly confidential and, due to the ethical, judicial and social implications in case of data loss, health related data require extremely sensitive handling. The purpose of this chapter is to provide an overview of information security management standards in the context of health care information systems and focus on the most widely accepted ISO/IEC 27000 family of standards for information security management. In the end of the chapter, a guide to develop a complete and robust information security management system for a health care organization will be provided, by mentioning special implications that are met in a health care organization, as well as special considerations related to health related web applications. This guide will be based on special requirements of ISO/IEC 27799:2008 (Health informatics — Information security management in health using ISO/IEC 27002).

Information Security Framework for Health Information Systems

2011 ◽  
pp. 50-79
Author(s):  
Lech J. Janczewski
Keyword(s):  
Information Systems ◽  
Information Security ◽  
Health Information ◽  
Medical Information ◽  
Health Information Systems ◽  
Patient Identification ◽  
Medical Information Systems ◽  
Privacy Law ◽  
Privacy Issues ◽  
Basic Medical

This chapter outlines the major issues related to the security of medical information systems. Medical information systems are unique in this sense that integrity of the records and privacy issues are dominant. The presentation includes the formulation of the basic medical information security tenets as well as the discussion of the major components of the security subsystem: patient identification, access mechanism, reference monitor, communication subsystem and database subsystem. Also examples of privacy law are quoted and discussed.

Accelerating implementation of District Health Information Systems: Perspectives from healthcare workers from KwaZulu-Natal, South Africa

2021 ◽  
Vol 23 (1) ◽  
Author(s):  
Champaklal C. Jinabhai ◽  
Stanley C. Onwubu ◽  
Maureen N. Sibiya ◽  
Surendra Thakur
Keyword(s):  
South Africa ◽  
Information Systems ◽  
Health Information ◽  
Healthcare Workers ◽  
Health Information Systems ◽  
Healthcare Management ◽  
Quality Data ◽  
District Health ◽  
Kwazulu Natal ◽  
Electronic Health

Background: Although electronic health record systems are critical for healthcare management, there has been genuine concern about the quantity and quality of data generated by these systems inhibiting its full implementation.Objectives: The purpose of this article was to explore the experiences of healthcare workers (HCWs) and challenges facing the acceleration of the District Health Information System (DHIS) in the KwaZulu-Natal (KZN) province of South Africa.Methods: In this study, an interpretive research paradigm was followed to explore the current state of electronic health in South Africa from the experiences of HCWs in the KZN province. Semi-structured focus group interviews conducted with 20 participants drawn from the district office, clinical nurse practitioners and data capturers allowed thematic analysis of data using a systems approach to link the perspectives HCWs to the design of the DHIS.Results: The participants held the view that e-health is crucial for monitoring disease trends, policy development, planning and allocation of infrastructure, information technology (IT), financial and human resources. Nevertheless, the participants highlighted a concern surrounding e-health regulations, ethics and data confidentiality; data quality and lack of interoperability of Health Information Systems (HIS). This concern was attributed to data fragmentation, internal politics and lack of coordination of the data system.Conclusions: The study suggests that good quality data – from an integrated DHIS, is highly critical for the effective utilisation, implementation and acceleration of e-health systems in the province to support epidemiological surveillance and modelling of outbreaks, such as the COVID-19 pandemic.

scholarly journals Implementation status of health information systems in hospitals in the eastern province of Saudi Arabia

2021 ◽  
Vol 22 ◽  
pp. 100499
Author(s):  
Demah Alsalman ◽  
Arwa Alumran ◽  
Saja Alrayes ◽  
Arwa Althumairi ◽  
Sama'a Almubarak ◽  
...  
Keyword(s):  
Saudi Arabia ◽  
Information Systems ◽  
Health Information ◽  
Health Information Systems ◽  
Eastern Province ◽  
Implementation Status
Sign in / Sign up

Export Citation Format

Share Document