Constructing conceptual model for security culture in health information systems security effectiveness

Abstract

The security of information systems (IS) depends on many factors, however, numerous technical advances alone cannot always create a safe and secure environment. Security incidents related to patients’ data in healthcare organizations continue to increase due to human behaviors causes serious concerns. This study attempts the exploration of security culture in Health Information Systems (HIS). The scope of this paper is confined to the literature review on existing models on security culture. A conceptual model was constructed in identifying the antecedents that could influence security culture in HIS security effectiveness. We found that education and training, and communication may contribute towards a more effective implementation of security culture for HIS users. This in-progress work will then proceed to the next phase in evaluating the proposed model.