Preprint Article Version 1 Preserved in Portico This version is not peer-reviewed

A Comprehensive Assessment of Human Factors in Relation to Cyber Security Compliance of Healthcare Staff in a Paperless Hospital

Version 1 : Received: 15 March 2022 / Approved: 17 March 2022 / Online: 17 March 2022 (08:47:36 CET)

How to cite: Yeng, P. K.; Fauzi, M. A.; Yang, B. A Comprehensive Assessment of Human Factors in Relation to Cyber Security Compliance of Healthcare Staff in a Paperless Hospital. Preprints 2022, 2022030247. https://doi.org/10.20944/preprints202203.0247.v1 Yeng, P. K.; Fauzi, M. A.; Yang, B. A Comprehensive Assessment of Human Factors in Relation to Cyber Security Compliance of Healthcare Staff in a Paperless Hospital. Preprints 2022, 2022030247. https://doi.org/10.20944/preprints202203.0247.v1

Abstract

Recent reports have it that over 85\% of data breaches are still caused by the human element, of which healthcare is one of the suitable organizations mostly targeted by cybercriminals. The work of healthcare staff is often associated with high workloads, high emergency cases, and a broad range of psychological, social, and cultural factors. The significance of these factors could undermine conscious care information security (IS) practice leading to serious violations. This study comprehensively examined the correlation between the psycho-social-cultural factors, work factors with IS and privacy behaviour in a hospital that has fully adopted electronic health records (EHR) management system. The findings are to facilitate the decision-making process towards improving the cyber-security practice in healthcare. A quantitative approach was adopted where we collected responses from 212 healthcare staff through an online questionnaire survey. A broad range of constructs was selected from psychological, social, cultural perception and work factors based on earlier review work. These were therefore related to some security practices, to assess the IS knowledge, attitude and behaviour gaps among healthcare staff in a comprehensive way. From the study, IS self-reported conscious care behaviour (ISCCB) risk was relatively higher as compared to information security knowledge (ISK) risks and information security attitude (ISA) risk. Furthermore, the study revealed that work emergency has a positive correlation with ISCCB (r=1.95, p-value =0.001) risk. Conscientiousness also had positive correlation with ISCCB risk (r=0.157, p-value=0.05) however agreeableness negatively correlated with ISK risk (r=-0.166, p-value =0.05), and ISA risk (r=-0.140, p-value =0.05). Based on these findings, intrinsic and extrinsic motivation methods combined with cutting-edge technologies can be explored to discourage IS risks behaviours while enhancing conscious care security practice.

Keywords

Security practice; Healthcare; Questionnaire design; Questionnaire pretesting

Subject

Social Sciences, Safety Research

Comments (0)

We encourage comments and feedback from a broad range of readers. See criteria for comments and our Diversity statement.

Leave a public comment
Send a private comment to the author(s)
* All users must log in before leaving a comment
Views 0
Downloads 0
Comments 0


×
Alerts
Notify me about updates to this article or when a peer-reviewed version is published.
We use cookies on our website to ensure you get the best experience.
Read more about our cookies here.