Security Culture and Security Awareness as the Basic Factors for Security Effectiveness in Health Information Systems

The use of Information and Communications Technology (ICT) in healthcare domains contributes to an increased complexity of the problems related to the security of Health Information Systems (HIS). This is primarily may be due to the introduction of human behaviors. In spite of many attempts in providing security for HIS, security incidents remain to continue due to human factors. The key to achieve security effectiveness of information systems is through the nurturing of HIS users security awareness and culture towards patients’ data. Hence, addressing the role of human behavior is the main focus for this study. Based on the secondary data resources, a theoretical model is proposed according to users’ awareness and users’ culture for HIS security. This work-in-progress study attempts to highlight the HIS users’ behaviors in enhancing the security effectiveness for HIS.