Evaluating the Influence of Healthcare Employee Behavior on Cybersecurity Vulnerabilities in Medical Systems
DOI:
https://doi.org/10.56294/mw2023141Keywords:
Healthcare Employee Behavior, Cybersecurity Vulnerabilities, Medical Systems, Emergency Situations (WE), Information Security (IS)Abstract
Healthcare organizations, in particular, are prime targets for cybercriminals due to the data’s sensitive nature of the data managed and the complex Information Technology(IT) infrastructure relied upon. Healthcare IT systems are particularly vulnerable because numerous employees interact with patient information daily, often without sufficient awareness of cybersecurity risks. Given the significant influence of human behavior on healthcare IT infrastructure, this research investigates how healthcare employee behaviors contribute to cybersecurity vulnerabilities in medical systems. A quantitative approach was employed, collecting data from 325 healthcare staff via an online survey. The research utilized several statistical techniques, including descriptive statistics, correlation analysis, and regression modeling, to observe various work-related factors. These techniques were applied to identify gaps in information security (IS) knowledge, attitudes, and behaviors among healthcare employees. The results revealed that work-related stress; Work emergency (WE), perceived workload, lack of training, and insufficient organizational support were positively correlated with risky security behaviors. Furthermore, personality traits such as conscientiousness and agreeableness significantly influenced employees’ security practices. Conscientiousness was found to be associated with higher cybersecurity risks, while agreeableness was linked to a lower risk of deficiencies in security knowledge and attitudes. Hypothesis were developed, with H1 and H2 being well supported by the findings. Based on these findings, the research suggests that addressing both intrinsic and extrinsic motivations, improving organizational support, and integrating advanced technological solutions could help mitigate cybersecurity vulnerabilities stemming from employee behaviors in medical systems.
References
1. Arain MA, Tarraf R, Ahmad A. Assessing staff awareness and effectiveness of educational training on IT security and privacy in a large healthcare organization. Journal of multidisciplinary healthcare. 2019 Jan 9:73-81.http://dx.doi.org/10.2147/JMDH.S183275
2. Kovačević A, Putnik N, Tošković O. Factors related to cyber security behavior. Ieee Access. 2020 Jul 8;8:125140-8.
3. McLeod A, Dolezel D. Cyber-analytics: Modeling factors associated with healthcare data breaches. Decision Support Systems. 2018 Apr 1;108:57-68.https://doi.org/10.1016/j.dss.2018.02.007
4. Alhuwail D, Al-Jafar E, Abdulsalam Y, AlDuaij S. Information security awareness and behaviors of health care professionals at public health care facilities. Applied Clinical Informatics. 2021 Aug;12(04):924-32. https://doi.org/10.1055/s-0041-1735527
5. Gordon WJ, Wright A, Aiyagari R, Corbo L, Glynn RJ, Kadakia J, Kufahl J, Mazzone C, Noga J, Parkulo M, Sanford B. Assessment of employee susceptibility to phishing attacks at US health care institutions. JAMA network open. 2019 Mar 1;2(3):e190393-. 10.1001/jamanetworkopen.2019.0393
6. Willing M, Dresen C, Gerlitz E, Haering M, Smith M, Binnewies C, Guess T, Haverkamp U, Schinzel S. Behavioral responses to a cyber attack in a hospital environment. Scientific reports. 2021 Sep 29;11(1):19352. https://doi.org/10.1038/s41598-021-98576-7
7. T. Alanazi S, Anbar M, A. Ebad S, Karuppayah S, Al-Ani HA. Theory-based model and prediction analysis of information security compliance behavior in the Saudi healthcare sector. Symmetry. 2020 Sep 18;12(9):1544.https://doi.org/10.3390/sym12091544
8. Kessler SR, Pindek S, Kleinman G, Andel SA, Spector PE. Information security climate and the assessment of information security risk among healthcare employees. Health informatics journal. 2020 Mar;26(1):461-73. https://doi.org/10.1177/1460458219832048
9. Hossain A, Quaresma R, Rahman H. Investigating factors influencing the physicians' adoption of electronic health record (EHR) in the healthcare system of Bangladesh: An empirical study. International Journal of Information Management. 2019 Feb 1;44:76-87. https://doi.org/10.1016/j.ijinfomgt.2018.09.016
10. Peikari HR, Shah MH, Lo MC. Patients’ perception of the information security management in health centers: The role of organizational and human factors. BMC medical informatics and decision making. 2018 Dec;18:1-3.https://doi.org/10.1186/s12911-018-0681-z
11. Hughes-Lartey K, Li M, Botchey FE, Qin Z. Human factor, a critical weak point in the information security of an organization's Internet of things. Heliyon. 2021 Mar 1;7(3).https://doi.org/10.1016/j.heliyon.2021.e06522
12. Hafeez I, Yingjun Z, Hafeez S, Mansoor R, Rehman KU. Impact of workplace environment on employee performance: mediating role of employee health. Business, Management, and Economics Engineering. 2019 Nov 26;17(2):173-93.https://doi.org/10.3846/bme.2019.10379
13. Brunetto Y, Xerri M, Farr‐Wharton B. Comparing the role of personal and organisational support on the innovative behaviour of frontline healthcare workers in Australia and the United States. Australian Journal of Public Administration. 2020 Sep;79(3):279-97.10.1111/1467-8500.12414.
Published
Issue
Section
License
Copyright (c) 2023 Praveen Priyaranjan Nayak , KV. Jamuna , Swati Kemothi (Author)
This work is licensed under a Creative Commons Attribution 4.0 International License.
The article is distributed under the Creative Commons Attribution 4.0 License. Unless otherwise stated, associated published material is distributed under the same licence.
