Abstract
Lack of user awareness and user acceptance of the importance of practising a good access-control approach, particularly in the healthcare sector of South Africa, is a challenging issue in the area of the security of information. The challenge results in breaches to information stored in medical information systems, fraud, and medical identity theft. The paper proposes the hospital user awareness and user acceptance framework for multimodal access control in the medical information systems. The survey results from participants in Charlotte Maxeke Academic hospital, based in Johannesburg showed a response rate of 86%. Focusing on the objectives of the study the results showed that 76.7% of users’ lack knowledge in the security of information and that there is a lack of security awareness education and training in the hospital. The results of the study are presented and analysed through IBM SPSS statistical software that is used for data analysis.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Abubaka, F.M., Ahmad, H.B.: Mediating role of technology awareness on social influence–behavioural intention relationship. Res. J. 2(1), 119 (2014)
Becker, J., Knackstedt, R., Pöppelbuß, J.: Developing maturity models for IT management. Bus. Inf. Syst. Eng. 1(3), 213–222 (2009)
Besnard, D., Arief, B.: Computer security impaired by legitimate users. Comput. Secur. 23(3), 253–264 (2004)
Boyinbode, O., Toriola, G.: CloudeMR: a cloud-based electronic medical record system. Int. J. Hybrid Inf. Technol. 8(4), 201–212 (2015)
Bryman, A.: Social Research Methods. Oxford University Press, Oxford (2015)
Caballero, A.: Security education, training, and awareness. In: Computer and Information Security Handbook, 3rd edn, pp. 497–505 (2017)
D’Arcy, J., Hovav, A., Galletta, D.: User awareness of security countermeasures and its impact on information systems misuse: a deterrence approach. Inf. Syst. Res. 20(1), 79–98 (2009)
Drake, T., Kanu, A., Silverman, N.: Health care fraud. Am. Crim. Law Rev. 50, 1131 (2013)
Ferraiolo, D., Kuhn, D.R., Chandramouli, R.: Role-Based Access Control. Artech House, Norwood (2003)
Glinz, M.: On non-functional requirements. In: 15th IEEE International Requirements Engineering Conference, RE 2007, pp. 21–26. IEEE, October 2007
Lafferty, L.: Medical identity theft: the future threat of health care fraud is now. J. Health Care Compliance 9(1), 11–20 (2007)
Omotosho, A., Adegbola, O., Adelakin, B., Adelakun, A., Emuoyibofarhe, J.: Exploiting multimodal biometrics in e-privacy scheme for electronic health records. arXiv preprint arXiv:1502.01233 (2015)
Osborn, S.: Mandatory access control and role-based access control revisited. In: Proceedings of the Second ACM Workshop on Role-Based Access Control, pp. 31–40. ACM, November 1997
Peltier, T.R.: Information Security Risk Analysis. Auerbach Publications (2010)
Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-based access control models. Computer 29(2), 38–47 (1996)
Smyth, R.: Exploring the usefulness of a conceptual framework as a research tool: a researcher’s reflections. Issues Educ. Res. 14(2), 167 (2004)
Solove, D.J., Schwartz, P.: Information Privacy Law. Wolters Kluwer Law & Business (2014)
Spears, J.L., Barki, H.: User participation in information systems security risk management. MIS Q. 34(3), 503–522 (2010)
Terry, N.P., Francis, L.P.: Ensuring the privacy and confidentiality of electronic health records. Univ. Ill. Law Rev. 681 (2007)
Venkatesh, V., Morris, M.G., Davis, G.B., Davis, F.D.: User acceptance of information technology: toward a unified view. MIS Q. 27(3), 425–478 (2003)
Von Solms, R., Van Niekerk, J.: From information security to cyber security. Comput. Secur. 38, 97–102 (2013)
Ward, R., Stevens, C., Brentnall, P., Briddon, J.: The attitudes of health care staff to information technology: a comprehensive review of the research literature. Health Inf. Libr. J. 25(2), 81–97 (2008)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Maeko, M.E., van der Haar, D. (2019). A Critical Analysis of Requirements and Recommendations for Multi-modal Access Control in Hospitals. In: Rocha, Á., Ferrás, C., Paredes, M. (eds) Information Technology and Systems. ICITS 2019. Advances in Intelligent Systems and Computing, vol 918. Springer, Cham. https://doi.org/10.1007/978-3-030-11890-7_69
Download citation
DOI: https://doi.org/10.1007/978-3-030-11890-7_69
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-11889-1
Online ISBN: 978-3-030-11890-7
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)