An Evaluation of Information Security from the Users’ Perspective in Turkey
Information security is a critical issue for hospitals, and users play an active role in their security process. The aim of this study was to evaluate the information security in a hospital from the users’ perspective. In this cross-sectional study 424 hospital staff (medical: 258 / administrative: 166) were included. Face-to-face interviews were used to gather data in answer to a scaled questionnaire regarding information security. Items in the questionnaire were coded by a 5-point Likert scale (ranging from 1 point: strongly disagree to 5 points: strongly agree). After the factor analysis, it was possible to identify five subgroups relating to information security: Access and Authorisation, Security Applications, Service Delivery, Organisational Security and Security Policy. The items in the Service Delivery subgroup were scored lower by the medical staff than the administrative staff (p<0.05). Both the medical and administrative staff educated in HIMS gave higher scores to the information security subgroup (p<0.05). The roles and responsibilities of staff and their being educated in HIMS are crucial factors for information security. Since information security is a critical issue in hospitals, it is necessary to develop and share information security policies for all staff in such organisations.
Information security; hospital information management system; staff; health manager.