Please use this identifier to cite or link to this item:
http://repository.aaup.edu/jspui/handle/123456789/2350
Title: | ‘‘Assessment of Health Information Security and Privacy Protection in the Palestinian Ministry of Health رسالة ماجستير |
Authors: | Salaheddeen, Mohammad Ahmad$AAUP$Palestinian |
Keywords: | information security, privacy, health information system, hospital |
Issue Date: | 2021 |
Publisher: | AAUP |
Abstract: | Background: Information systems have a significant role in healthcare organizations which deal with patients private and sensitive information, and as a result of the rapid widespread use of computers and the internet, information security has become one of the most considerable issues in the field of health information systems due to the increasing threats and the risks it causes. Aim and objectives: The study aimed at assessing the level of health information security and privacy protection in the Palestinian Ministry of Health and Palestine Medical Complex (PMC) as a case study that may reflect the certainty of information security in the governmental hospitals, and the availability of the necessary administrative, physical and technical safeguards for the protection of health information systems, as well as evaluating the extent of application of information security and privacy protection of the health information system domains in MoH and PMC. Methods: The researcher used the descriptive-analytical method, where the researcher developed two questionnaires; to investigate the administrative, physical, and technical safeguards in the Ministry of Health, and, likewise, the perceptions of the staff in the Palestine Medical Complex, where the researcher investigated seven (7) health security domains. The study was carried out between March 2020 and May 2021. Employees who work in the (MoH and PMC) were invited to participate in this study. Using the questionnaires, the MoH staff of the computer and engineering department sample consisted of 20 employees with a (100%) response rate, while (142) employees who have been working in the PMC were recruited using the random stratified method to select (142) out of (950) employees. The tool was a questionnaire derived from the previous literature. Furthermore, analyses were executed employing the statistical package for social sciences (SPSS). Results and conclusions: The study displayed that the females were more representative than males (n=93; 57%) vs. (n=69; 43%) in both sites. In addition, the vast majority of the staff declared bachelors’ degrees (n=104; 64.2%) vs. (n=30; 18.5%) higher than bachelors’ degree level. Furthermore, (n=72; 44.4%) of the staff had up to 10 - 20 years of work experience. Computer and VII engineering department staff specified that MoH applies security safeguards to maintain the security and privacy protection of health information at a high level (71.4%), with the physical security (75.5%), technical (73.8%), and administrative security (67.6%). Nonetheless, staff of PMC identified that the level of information security application to maintain the security and privacy protection of health information was at a moderate level (66.6%), with the business continuity planning 75.8%, development and maintenance of systems 70.2%, organizational policy 69.2%, security policy 68.8%, system access control 68.6%, personal security 58%, and data disclosure 61%. Moreover, the study revealed that there are positive significant statistical correlations at level (α ≤ 0.05) between all the fields of information security and the security and privacy protection of health information in MoH and PMC. The study concluded a rate ranging from medium to high in the application of system security domains, in addition to security safeguards of security and privacy of health information in the Palestinian MoH and PMC. Recommendations: Unify efforts between the computer and engineering department and all hospitals and to establish a unified information security unit to formulate, implement, update and monitor implementation of Health information security policy, and it is also necessary for health sector employees to constantly receive adequate training and education to reach a high level of information security awareness in the healthcare field. Furthermore, Designation chief information officer would help in managing and organizing all the security techniques and initiatives in health information systems |
Description: | Master’s Degree in Health Informatics |
URI: | http://repository.aaup.edu/jspui/handle/123456789/2350 |
Appears in Collections: | Master Theses and Ph.D. Dissertations |
Files in This Item:
File | Description | Size | Format | |
---|---|---|---|---|
محمد صلاح الدين.pdf | 2.23 MB | Adobe PDF | View/Open |
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.
Admin Tools