Recent reports have it that over 85\% of data breaches are still caused by the human element, of which healthcare is one of the suitable organizations mostly targeted by cybercriminals. The work of healthcare staff is often associated with high workloads, high emergency cases, and a broad range of psychological, social, and cultural factors. The significance of these factors could undermine conscious care information security (IS) practice leading to serious violations. This study comprehensively examined the correlation between the psycho-social-cultural factors, work factors with IS and privacy behaviour in a hospital that has fully adopted electronic health records (EHR) management system. The findings are to facilitate the decision-making process towards improving the cyber-security practice in healthcare. A quantitative approach was adopted where we collected responses from 212 healthcare staff through an online questionnaire survey. A broad range of constructs was selected from psychological, social, cultural perception and work factors based on earlier review work. These were therefore related to some security practices, to assess the IS knowledge, attitude and behaviour gaps among healthcare staff in a comprehensive way. From the study, IS self-reported conscious care behaviour (ISCCB) risk was relatively higher as compared to information security knowledge (ISK) risks and information security attitude (ISA) risk. Furthermore, the study revealed that work emergency has a positive correlation with ISCCB (r=1.95, p-value =0.001) risk. Conscientiousness also had positive correlation with ISCCB risk (r=0.157, p-value=0.05) however agreeableness negatively correlated with ISK risk (r=-0.166, p-value =0.05), and ISA risk (r=-0.140, p-value =0.05). Based on these findings, intrinsic and extrinsic motivation methods combined with cutting-edge technologies can be explored to discourage IS risks behaviours while enhancing conscious care security practice.