Maintenance Notice

Due to necessary scheduled maintenance, the JMIR Publications website will be unavailable from Wednesday, July 01, 2020 at 8:00 PM to 10:00 PM EST. We apologize in advance for any inconvenience this may cause you.

Who will be affected?

Accepted for/Published in: JMIR Human Factors

Date Submitted: Dec 24, 2019
Date Accepted: Apr 4, 2021

The final, peer-reviewed published version of this preprint can be found here:

Mapping the Psychosocialcultural Aspects of Healthcare Professionals’ Information Security Practices: Systematic Mapping Study

Yeng P, Szekeres A, Yang B, Snekkenes EA

Mapping the Psychosocialcultural Aspects of Healthcare Professionals’ Information Security Practices: Systematic Mapping Study

JMIR Hum Factors 2021;8(2):e17604

DOI: 10.2196/17604

PMID: 34106077

PMCID: 8235336

A Framework for Healthcare Professionals’ Information Security Practice Analysis: Psycho-Socio-Cultural Context

  • Prosper Yeng; 
  • Adam Szekeres; 
  • Bian Yang; 
  • Einar Arthur Snekkenes

ABSTRACT

Background:

The purpose of this study was to develop a comprehensive framework which can be employed for measuring healthcare professionals’ (HP) information security (IS) practices in the psycho-socio-cultural-context. The PSC framework would be used in modelling and analyzing HPs’ information security practices related to their psycho-socio-cultural characteristics in a hospital setting in Norway, under Healthcare Security Practice Analysis, Modelling and Incentivization (HSPAMI) project. Conceptual and Design Science Research (DSR) methods were adopted for the development of this framework known as the Psycho-socio-cultural (PSC) framework.

Objective:

The main objective is to develop a comprehensive framework for modelling and analyzing healthcare professionals security practices towards incentivization

Methods:

With a design Science Research (DSR) approach, the existing literature was surveyed for relevant theories addressing HP’s security practices (e.g. Health Belief Model (HBM), Protection Motivation Theory (PMT), Theory of Planned Behavior (TPB) and Social Control Theory (SC)) in addition to some social demographic variables to form a comprehensive set of staffs’ characteristics. Furthermore, an ontology was developed from these theories to merge all the concepts together in a comprehensive way. The PSC framework was then developed from the combination of the various psychological and socio-cultural attributes of the ontology. Human Aspect of Information Security Questionnaire (HAIS-Q) was adopted as a comprehensive tool for gathering staff security practices as mediating variables in the framework.

Results:

A comprehensive framework capturing healthcare professionals’ security traits and practices in a holistic manner was developed focusing on psychological, socio-cultural and socio-demographic context.

Conclusions:

There are numerous data breaches in healthcare nowadays. This has been attributed to lack of experience of healthcare staffs in information security, lack of development of conscious care security practices and lack of motivation to incentivize healthcare staffs. This threatens the mutual trust between healthcare professionals and patients which has and implicit impact on quality of healthcare provision. The modelling and analysis of healthcare professionals’ security practices can be conducted with PSC framework by using mixed methods of statistical survey, observations and interviews in relation to the psycho-socio-cultural variables such as perceptions (perceived benefits, perceived threats, perceived barriers) or psychological traits, social factors, cultural factors and social demographics.


 Citation

Please cite as:

Yeng P, Szekeres A, Yang B, Snekkenes EA

Mapping the Psychosocialcultural Aspects of Healthcare Professionals’ Information Security Practices: Systematic Mapping Study

JMIR Hum Factors 2021;8(2):e17604

DOI: 10.2196/17604

PMID: 34106077

PMCID: 8235336

Download PDF


Request queued. Please wait while the file is being generated. It may take some time.

© The authors. All rights reserved. This is a privileged document currently under peer-review/community review (or an accepted/rejected manuscript). Authors have provided JMIR Publications with an exclusive license to publish this preprint on it's website for review and ahead-of-print citation purposes only. While the final peer-reviewed paper may be licensed under a cc-by license on publication, at this stage authors and publisher expressively prohibit redistribution of this draft paper other than for review purposes.