A systematic analysis of failures in protecting personal health data: A scoping review

被引:45
作者
Pool, Javad [1 ,2 ]
Akhlaghpour, Saeed [3 ]
Fatehi, Farhad [4 ,5 ]
Burton-Jones, Andrew [3 ]
机构
[1] Univ Queensland, ARC Ind Transformat Training Ctr Informat Resilien, Brisbane, Australia
[2] Univ Queensland, Sch Elect Engn & Comp Sci, Brisbane, Australia
[3] Univ Queensland, Business Sch, Brisbane, Australia
[4] Univ Queensland, Fac Med, Ctr Hlth Serv Res, Brisbane, Australia
[5] Monash Univ, Sch Psychol Sci, Melbourne, Australia
来源
INTERNATIONAL JOURNAL OF INFORMATION MANAGEMENT | 2024年 / 74卷
关键词
Data privacy; Cybersecurity; Personal health data; Data breach; Data protection; Digital health; INFORMATION SECURITY POLICY; MEDICAL DATA BREACHES; CARE DATA BREACHES; PRIVACY CONCERNS; REPRESENTATION-THEORY; PATIENT DATA; CONTEXT; AWARENESS; TECHNOLOGY; MANAGEMENT;
D O I
10.1016/j.ijinfomgt.2023.102719
中图分类号
G25 [图书馆学、图书馆事业]; G35 [情报学、情报工作];
学科分类号
1205 ; 120501 ;
摘要
Personal health data breaches pose significant challenges to healthcare providers and clients. This study systematically analyzes 5470 records and reviews 120 articles on this theoretically and practically important topic. It summarizes the existing literature and develops an integrative model with eleven propositions explaining the multifaceted nature of health data breaches, their facilitators, and their impacts. We report on the gaps in the current literature and discuss six promising avenues of future research, including specific suggestions for multilevel analysis, use of novel methods, contributions to information systems theory, stakeholder analysis, underexplored themes, and boundary-breaching opportunities. Beyond these findings, our study offers implications for key stakeholders in healthcare settings. This study equips practitioners and researchers with a valuable model for evidence-based data breach risk management and offers guidance for future investigations, enhancing our collective understanding of personal health data breaches within healthcare.
引用
收藏
页数:29
相关论文
共 253 条
[11]  
Angst CM, 2017, MIS QUART, V41, P893, DOI 10.25300/misq/2017/41.3.10
[12]  
Angst CM, 2009, MIS QUART, V33, P339
[13]   Assessing staff awareness and effectiveness of educational training on IT security and privacy in a large healthcare organization [J].
Arain, Mubashir Aslam ;
Tarraf, Rima ;
Ahmad, Armghan .
JOURNAL OF MULTIDISCIPLINARY HEALTHCARE, 2019, 12 :73-81
[14]   Personal health records: a scoping review [J].
Archer, N. ;
Fevrier-Thomas, U. ;
Lokker, C. ;
McKibbon, K. A. ;
Straus, S. E. .
JOURNAL OF THE AMERICAN MEDICAL INFORMATICS ASSOCIATION, 2011, 18 (04) :515-522
[15]  
Arksey H., 2005, INT J SOC RES METHOD, V8, P19, DOI DOI 10.1080/1364557032000119616
[16]   CONTEXTUAL EXPLANATION: ALTERNATIVE APPROACHES AND PERSISTENT CHALLENGES [J].
Avgerou, Chrisanthi .
MIS QUARTERLY, 2019, 43 (03) :977-1006
[17]  
Bai G, 2017, JAMA INTERN MED, V177, P1696, DOI 10.1001/jamainternmed.2017.4929
[18]   Hospital Risk of Data Breaches [J].
Bai, Ge ;
Jiang, John ;
Flasher, Renee .
JAMA INTERNAL MEDICINE, 2017, 177 (06) :878-880
[19]   The impact of personal dispositions on information sensitivity, privacy concern and trust in disclosing health information online [J].
Bansal, Gaurav ;
Zahedi, Fatemeh Mariam ;
Gefen, David .
DECISION SUPPORT SYSTEMS, 2010, 49 (02) :138-150
[20]   Don't Even Think About It! The Effects of Antineutralization, Informational, and Normative Communication on Information Security Compliance [J].
Barlow, Jordan B. ;
Warkentin, Merrill ;
Ormond, Dustin ;
Dennis, Alan R. .
JOURNAL OF THE ASSOCIATION FOR INFORMATION SYSTEMS, 2018, 19 (08) :689-715
12345678910