An Information Security Assessment Model for Bring Your Own Device in the South African Healthcare Sector
Moeketsi C. B. 1, Adeyelure T. S. 1, Segooa M. A. 1
 
1 Tshwane University of Technology, South Africa
 

 

Abstract

Background and Aim of Study: The healthcare sector stands at the forefront of industries embracing personal-device usage for professional tasks. Permitting to Bring Your Own Device (BYOD) for healthcare professionals presents information security hurdles that pose challenges for decision-makers in the healthcare field, despite the considerable benefits associated with BYOD. The aim of the study: to develop an information-security assessment model for BYOD in the South African healthcare sector to guide healthcare decision-makers.
Material and Methods: The main focus of the study was the South African private healthcare sector, Gauteng Province. The target population size of 170 with a sample size of 118 with the feedback responses with additional 10, which were also included in the analysis data statistics that was done for 128 received responses. The instrument used for the closed-ended questionnaire was SPSS 28.0.1.1 and the expert judgement technique for the validation questionnaire. Factors from the diffusion of innovation theory, the electronic protected health information security framework, cybersecurity knowledge, skills, abilities and external variables were adapted to inform the conceptual model.
Results: The following factors have the most significant contributions to the development of an information security assessment model for BYOD in the South African healthcare sector: training is the most influential factor with a predictive power of 64.0% (β=0.640) at p=0.001; security threats with 61.3% (β=0.613) significance level p=0.020; conversely, security controls had a predictive power of 50.9% (β=0.509) at p=0.001.
Conclusions: This study has developed a contextual information-security assessment model for BYOD within the South African healthcare sector. In practical terms, this model offers guidance to healthcare decision-makers in seamlessly integrating BYOD practices into daily operations; and aids in cautious planning, guided by the insights provided by the security-assessment model for BYOD.

 
 
 

Keywords

healthcare, private, information security, bring your own device, South Africa

 
 
  

References

Abdulkarim, S., & Binord, F. (2021). The psychological effects of Bring Your Own Device (BYOD). OIRT Journal of Information Technology, 1(2), 6–9. https://doi.org/10.53944/ojit-2103

Ahamed, M. I., Biswa, A., & Phukon, M. (2023). A study on multicollinearity diagnostics and a few linear estimators. Advances and Applications in Statistics, 89(1), 29–54. https://doi.org/10.17654/0972361723050

Alahmari, S., Renaud, K., & Omoronyia, I. (2023). Moving beyond cyber security awareness and training to engendering security knowledge sharing. Information Systems and e-Business Management, 21(1), 123–158. https://doi.org/10.1007/s10257-022-00575-2

Ali, R. F., Ali, S. E. A., Rehman, M., & Sohail, A. (2021). Information security behavior and information security policy compliance: A systematic literature review for identifying the transformation process from noncompliance to compliance. Applied Sciences, 11(8), Article 3383. https://doi.org/10.3390/app11083383

Almaiah, M. A, Alfaisal, R., Salloum, S. A., Hajjej, F., Shishakly, R., Lutfi, A., Alrawad, M., Al Mulhem, A., Alkhdour, T., & Al-Maroof, R. S. (2022). Measuring institutions’ adoption of artificial intelligence applications in online learning environments: Integrating the innovation diffusion theory with technology adoption rate. Electronics, 11(20), Article 3291. https://doi.org/10.3390/electronics11203291

Alshurideh, H. M., Alquqa, E., Alzoubi, H., Kurdi, B., & Hamadne, S. (2023). The effect of information security on e-supply chain in the UAE logistics and distribution industry. Uncertain Supply Chain Management, 11(1), 145–152. https://doi.org/10.5267/j.uscm.2022.11.001

Aslan, Ö., Aktug, S. S., Ozkan-Okay, M., Yilmaz, A. A., & Akin, E. (2023). A comprehensive review of cyber security vulnerabilities, threats, attacks, and solutions. Electronics, 12(6), Article 1333. https://doi.org/10.3390/electronics12061333

Ayedh, M. A. T., Wahab, A. W. A., & Idris, M. Y. I. (2023). Systematic literature review on security access control policies and techniques based on privacy requirements in a BYOD environment: State of the art and future directions. Applied Sciences, 13(14), Article 8048. https://doi.org/10.3390/app13148048

Beltempo, E., Karvonen, J., & Rajamaki, J. (2022). ECHO CyberSkills Framework as a Cyber-Skills Education and Training Tool in Health and Medical Tourism. Proceedings of the 21st European Conference on Cyber Warfare and Security, 21(1), 434–437. https://doi.org/10.34190/eccws.21.1.274

Chowdhury, N., & Gkioulos, V. (2023). A personalized learning theory-based cyber-security training exercise. International Journal of Information Security, 22, 1531–1546. https://doi.org/10.1007/s10207-023-00704-z

Coker, T. E. (2021). What human factors are associated with the adoption of BYOD in an organization? [Preprint]. https://doi.org/10.31234/osf.io/ey4qm

Dash, B., & Ansari, M. F. (2022). An effective cybersecurity awareness training model: First defense of an organisational security strategy. International Research Journal of Engineering and Technology (IRJET), 9(4), 1–6. https://www.irjet.net/archives/V9/i4/IRJET-V9I401.pdf

Downer, K., & Bhattacharya, M. (2022). BYOD security: A study of human dimensions. Informatics, 9(1), Article 16. https://doi.org/10.3390/informatics9010016

Farid, G., Warraich, N. F., & Iftikhar, S. (2023). Digital information security management policy in academic libraries: A systematic review (2010-2022). Journal of Information Science. https://doi.org/10.1177/01655515231160026

Freund, L., Al-Majeed, S., & Millard, A. (2021). Towards the definition of a strategic complexity management framework for complex industrial systems. Proceeding of the 16th International Conference of System of Systems Engineering, pp. 210–215. IEEE. https://doi.org/10.1109/SOSE52739.2021.9497491

Hao, X., Xiao, Y., Wu, Y., Zhang, Q., & Atkin, G. E. (2021). Low complexity suboptimal constellation design for multi-user multiple access. Proceeding of the 2020 IEEE International Conference on Electro Information Technology, pp. 259–264. IEEE. https://doi.org/10.1109/EIT48999.2020.9208302

Kholoanyane, M. E. (2020). Security awareness and training policy guidelines to minimize the risks of BYOD in a South African SME [Thesis, Northwest University]. http://hdl.handle.net/10394/36906

Kuechler, B., & Vaishnavi, V. (2011). On theory development in design science research: anatomy of a research project. European Journal of Information Systems, 17(5), 489–504. https://doi.org/10.1057/ejis.2008.40

Liao, X., Wu, D., Zhang, Q., & Han, G. (2021). How to improve users’ loyalty to smart health devices? The perspective of compatibility. Sustainability, 13(19), Article 10722. https://doi.org/10.3390/su131910722

Mahat, N. B., & Ali, N. B. (2018). Empowering employees through BYOD: Benefits and challenges in Malaysian public sector. International Journal of Engineering & Technology, 7(4.35), 643–649. https://doi.org/10.14419/ijet.v7i4.35.23077

Neves, U. M., & de Mello, F. L. (2018). BYOD with security. ENIGMA – Journal of Information Security and Cryptography, 5(1), 40–47. https://doi.org/10.17648/jisc.v5i1.70

Omboga, S. O., Mukisa, M. T., & Cyprian, R. M. (2021). A bring your own device risk assessment model International Journal of Security, 12(2), 15–34. https://www.cscjournals.org/manuscript/Journals/IJS/Volume12/Issue2/IJS-158.pdf

Pypenko, I. S. (2019). Digital product: The essence of the concept and scopes. International Journal of Education and Science, 2(4), 56. https://doi.org/10.26697/ijes.2019.4.41

Pypenko, I. S., & Melnyk, Yu. B. (2021). Principles of digitalisation of the state economy. International Journal of Education and Science, 4(1), 42–50. https://doi.org/10.26697/ijes.2021.1.5

Schober, P., Boer, C., & Schwarte, L. A. (2018). Correlation coefficients: Appropriate use and interpretation. Anesthesia & Analgesia, 126(5), 1763–1768. https://doi.org/10.1213/ANE.0000000000002864

Talaat, F. M., & Gamel, S. A. (2023). Predicting the impact of no. of authors on no. of citations of research publications based on neural networks. Journal of Ambient Intelligence and Humanized Computing, 14, 8499–8508. https://doi.org/10.1007/s12652-022-03882-1

Ujakpa, M. M., Heukelman, D., Mutasa, L., & Rodríguez-Puente, R. (2019). Perceived use of mobile devices at the workplace and its perceived effect on performance. Proceeding of the 2019 Global Trends in Management, IT and Governance in an e-World (pp. 195–198) 

Vom Broke, J., Hevner, A., & Maedche, A. (2020). Introduction to design science research. In vom Brocke, J., Hevner, A., Maedche, A. (Eds.), Design Science Research. Cases. Progress in IS (pp. 1–13). Springer. https://doi.org/10.1007/978-3-030-46781-4_1

Wani, T. A., Mendoza, A., Smolenaers, F., & Gray, K. (2021). Bring-Your-Own-Device usage trends in Australian hospitals – A national survey. In M. Merolli, Ch. Bain, & L. K. Schaper (Eds.), Studies in Health Technology and Informatics, Vol. 276: Healthier Lives, Digitally Enabled (pp. 1–6). https://doi.org/10.3233/SHTI210002

Xionga, O. L, Nasric, F., Leanna, M. W. Luic, L. M. W, Gillc, H., Phanc, L., Chen-Lic, D., Iacobuccic, M., Ho, R., Majeedc, A., & McIntyre, R. S. (2020). Impact of COVID-19 pandemic on mental health in the general population: A systematic review. Journal of Affective Disorders, 277, 55–64. https://doi.org/10.1016/j.jad.2020.08.001

Yin, R. K. (2014). Case study research design and methods (5th ed.). SAGE. https://search.worldcat.org/title/Case-study-research-:-design-and-methods/oclc/835951262 

 

 

 

  
 

 

Information about the authors:

Moeketsi Catherine Botlwaelo (Corresponding Author)https://orcid.org/0009-0006-4120-7691; This email address is being protected from spambots. You need JavaScript enabled to view it.; Master of Computing, Department of Informatics, Tshwane University of Technology, Pretoria, South Africa.

Adeyelure Tope Samuelhttps://orcid.org/0000-0002-6138-4285; Doctor of Computing Science and Data Processing, Senior Lecturer, Department of Informatics, Tshwane University of Technology, Pretoria, South Africa.

Segooa Mmatshuene Annahttps://orcid.org/0000-0002-4190-8256; Doctor of Computing, Lecturer, Department of Informatics, Tshwane University of Technology, Pretoria, South Africa.

 
 
 
Cite this article as:

APA


Moeketsi, C. B., Adeyelure, T. S., & Segooa, M. A. (2024). An information security assessment model for bring your own device in the South African healthcare sector. International Journal of Science Annals, 7(2), 1–10. https://doi.org/10.26697/ijsa.2024.2.1

Harvard


Moeketsi, C. B., Adeyelure, T. S., & Segooa, M. A. "An information security assessment model for bring your own device in the South African healthcare sector.". International Journal of Science Annals, [online] 7(2), pp. 1–10. viewed 30 June 2024, https://culturehealth.org/ijsa_archive/ijsa.2024.2.1.pdf

Vancouver


Moeketsi C. B., Adeyelure T. S., Segooa M. A. An information security assessment model for bring your own device in the South African healthcare sector.. International Journal of Science Annals [Internet]. 2024 [cited 30 June 2024]; 7(2): 1–10. Available from: https://culturehealth.org/ijsa_archive/ijsa.2024.2.1.pdf https://doi.org/10.26697/ijsa.2024.2.1

  © 2018 – 2024 International Journal of Science Annals
DOI: https://doi.org/10.26697/ijsa