Moeketsi C. B. 1, Adeyelure T. S. 1, Segooa M. A. 1
1 Tshwane University of Technology, South Africa |
Abstract
Background and Aim of Study: The healthcare sector stands at the forefront of industries embracing personal-device usage for professional tasks. Permitting to Bring Your Own Device (BYOD) for healthcare professionals presents information security hurdles that pose challenges for decision-makers in the healthcare field, despite the considerable benefits associated with BYOD. The aim of the study: to develop an information-security assessment model for BYOD in the South African healthcare sector to guide healthcare decision-makers.
Material and Methods: The main focus of the study was the South African private healthcare sector, Gauteng Province. The target population size of 170 with a sample size of 118 with the feedback responses with additional 10, which were also included in the analysis data statistics that was done for 128 received responses. The instrument used for the closed-ended questionnaire was SPSS 28.0.1.1 and the expert judgement technique for the validation questionnaire. Factors from the diffusion of innovation theory, the electronic protected health information security framework, cybersecurity knowledge, skills, abilities and external variables were adapted to inform the conceptual model.
Results: The following factors have the most significant contributions to the development of an information security assessment model for BYOD in the South African healthcare sector: training is the most influential factor with a predictive power of 64.0% (β=0.640) at p=0.001; security threats with 61.3% (β=0.613) significance level p=0.020; conversely, security controls had a predictive power of 50.9% (β=0.509) at p=0.001.
Conclusions: This study has developed a contextual information-security assessment model for BYOD within the South African healthcare sector. In practical terms, this model offers guidance to healthcare decision-makers in seamlessly integrating BYOD practices into daily operations; and aids in cautious planning, guided by the insights provided by the security-assessment model for BYOD.
Keywords
healthcare, private, information security, bring your own device, South Africa
References
Abdulkarim, S., & Binord, F. (2021). The psychological effects of Bring Your Own Device (BYOD). OIRT Journal of Information Technology, 1(2), 6–9. https://doi.org/10.53944/ojit-2103
Ahamed, M. I., Biswa, A., & Phukon, M. (2023). A study on multicollinearity diagnostics and a few linear estimators. Advances and Applications in Statistics, 89(1), 29–54. https://doi.org/10.17654/0972361723050
Alahmari, S., Renaud, K., & Omoronyia, I. (2023). Moving beyond cyber security awareness and training to engendering security knowledge sharing. Information Systems and e-Business Management, 21(1), 123–158. https://doi.org/10.1007/s10257-022-00575-2
Ali, R. F., Ali, S. E. A., Rehman, M., & Sohail, A. (2021). Information security behavior and information security policy compliance: A systematic literature review for identifying the transformation process from noncompliance to compliance. Applied Sciences, 11(8), Article 3383. https://doi.org/10.3390/app11083383
Almaiah, M. A, Alfaisal, R., Salloum, S. A., Hajjej, F., Shishakly, R., Lutfi, A., Alrawad, M., Al Mulhem, A., Alkhdour, T., & Al-Maroof, R. S. (2022). Measuring institutions’ adoption of artificial intelligence applications in online learning environments: Integrating the innovation diffusion theory with technology adoption rate. Electronics, 11(20), Article 3291. https://doi.org/10.3390/electronics11203291
Alshurideh, H. M., Alquqa, E., Alzoubi, H., Kurdi, B., & Hamadne, S. (2023). The effect of information security on e-supply chain in the UAE logistics and distribution industry. Uncertain Supply Chain Management, 11(1), 145–152. https://doi.org/10.5267/j.uscm.2022.11.001
Aslan, Ö., Aktug, S. S., Ozkan-Okay, M., Yilmaz, A. A., & Akin, E. (2023). A comprehensive review of cyber security vulnerabilities, threats, attacks, and solutions. Electronics, 12(6), Article 1333. https://doi.org/10.3390/electronics12061333
Ayedh, M. A. T., Wahab, A. W. A., & Idris, M. Y. I. (2023). Systematic literature review on security access control policies and techniques based on privacy requirements in a BYOD environment: State of the art and future directions. Applied Sciences, 13(14), Article 8048. https://doi.org/10.3390/app13148048
Beltempo, E., Karvonen, J., & Rajamaki, J. (2022). ECHO CyberSkills Framework as a Cyber-Skills Education and Training Tool in Health and Medical Tourism. Proceedings of the 21st European Conference on Cyber Warfare and Security, 21(1), 434–437. https://doi.org/10.34190/eccws.21.1.274
Chowdhury, N., & Gkioulos, V. (2023). A personalized learning theory-based cyber-security training exercise. International Journal of Information Security, 22, 1531–1546. https://doi.org/10.1007/s10207-023-00704-z
Coker, T. E. (2021). What human factors are associated with the adoption of BYOD in an organization? [Preprint]. https://doi.org/10.31234/osf.io/ey4qm
Dash, B., & Ansari, M. F. (2022). An effective cybersecurity awareness training model: First defense of an organisational security strategy. International Research Journal of Engineering and Technology (IRJET), 9(4), 1–6. https://www.irjet.net/archives/V9/i4/IRJET-V9I401.pdf
Downer, K., & Bhattacharya, M. (2022). BYOD security: A study of human dimensions. Informatics, 9(1), Article 16. https://doi.org/10.3390/informatics9010016
Farid, G., Warraich, N. F., & Iftikhar, S. (2023). Digital information security management policy in academic libraries: A systematic review (2010-2022). Journal of Information Science. https://doi.org/10.1177/01655515231160026
Freund, L., Al-Majeed, S., & Millard, A. (2021). Towards the definition of a strategic complexity management framework for complex industrial systems. Proceeding of the 16th International Conference of System of Systems Engineering, pp. 210–215. IEEE. https://doi.org/10.1109/SOSE52739.2021.9497491
Hao, X., Xiao, Y., Wu, Y., Zhang, Q., & Atkin, G. E. (2021). Low complexity suboptimal constellation design for multi-user multiple access. Proceeding of the 2020 IEEE International Conference on Electro Information Technology, pp. 259–264. IEEE. https://doi.org/10.1109/EIT48999.2020.9208302
Kholoanyane, M. E. (2020). Security awareness and training policy guidelines to minimize the risks of BYOD in a South African SME [Thesis, Northwest University]. http://hdl.handle.net/10394/36906
Kuechler, B., & Vaishnavi, V. (2011). On theory development in design science research: anatomy of a research project. European Journal of Information Systems, 17(5), 489–504. https://doi.org/10.1057/ejis.2008.40
Liao, X., Wu, D., Zhang, Q., & Han, G. (2021). How to improve users’ loyalty to smart health devices? The perspective of compatibility. Sustainability, 13(19), Article 10722. https://doi.org/10.3390/su131910722
Mahat, N. B., & Ali, N. B. (2018). Empowering employees through BYOD: Benefits and challenges in Malaysian public sector. International Journal of Engineering & Technology, 7(4.35), 643–649. https://doi.org/10.14419/ijet.v7i4.35.23077
Neves, U. M., & de Mello, F. L. (2018). BYOD with security. ENIGMA – Journal of Information Security and Cryptography, 5(1), 40–47. https://doi.org/10.17648/jisc.v5i1.70
Omboga, S. O., Mukisa, M. T., & Cyprian, R. M. (2021). A bring your own device risk assessment model International Journal of Security, 12(2), 15–34. https://www.cscjournals.org/manuscript/Journals/IJS/Volume12/Issue2/IJS-158.pdf
Pypenko, I. S. (2019). Digital product: The essence of the concept and scopes. International Journal of Education and Science, 2(4), 56. https://doi.org/10.26697/ijes.2019.4.41
Pypenko, I. S., & Melnyk, Yu. B. (2021). Principles of digitalisation of the state economy. International Journal of Education and Science, 4(1), 42–50. https://doi.org/10.26697/ijes.2021.1.5
Schober, P., Boer, C., & Schwarte, L. A. (2018). Correlation coefficients: Appropriate use and interpretation. Anesthesia & Analgesia, 126(5), 1763–1768. https://doi.org/10.1213/ANE.0000000000002864
Talaat, F. M., & Gamel, S. A. (2023). Predicting the impact of no. of authors on no. of citations of research publications based on neural networks. Journal of Ambient Intelligence and Humanized Computing, 14, 8499–8508. https://doi.org/10.1007/s12652-022-03882-1
Ujakpa, M. M., Heukelman, D., Mutasa, L., & Rodríguez-Puente, R. (2019). Perceived use of mobile devices at the workplace and its perceived effect on performance. Proceeding of the 2019 Global Trends in Management, IT and Governance in an e-World (pp. 195–198)
Vom Broke, J., Hevner, A., & Maedche, A. (2020). Introduction to design science research. In vom Brocke, J., Hevner, A., Maedche, A. (Eds.), Design Science Research. Cases. Progress in IS (pp. 1–13). Springer. https://doi.org/10.1007/978-3-030-46781-4_1
Wani, T. A., Mendoza, A., Smolenaers, F., & Gray, K. (2021). Bring-Your-Own-Device usage trends in Australian hospitals – A national survey. In M. Merolli, Ch. Bain, & L. K. Schaper (Eds.), Studies in Health Technology and Informatics, Vol. 276: Healthier Lives, Digitally Enabled (pp. 1–6). https://doi.org/10.3233/SHTI210002
Xionga, O. L, Nasric, F., Leanna, M. W. Luic, L. M. W, Gillc, H., Phanc, L., Chen-Lic, D., Iacobuccic, M., Ho, R., Majeedc, A., & McIntyre, R. S. (2020). Impact of COVID-19 pandemic on mental health in the general population: A systematic review. Journal of Affective Disorders, 277, 55–64. https://doi.org/10.1016/j.jad.2020.08.001
Yin, R. K. (2014). Case study research design and methods (5th ed.). SAGE. https://search.worldcat.org/title/Case-study-research-:-design-and-methods/oclc/835951262
Moeketsi Catherine Botlwaelo (Corresponding Author) – https://orcid.org/0009-0006-4120-7691;
Adeyelure Tope Samuel – https://orcid.org/0000-0002-6138-4285; Doctor of Computing Science and Data Processing, Senior Lecturer, Department of Informatics, Tshwane University of Technology, Pretoria, South Africa.
Segooa Mmmatshuene Anna – https://orcid.org/0000-0002-4190-8256; Doctor of Computing, Lecturer, Department of Informatics, Tshwane University of Technology, Pretoria, South Africa.
|
APA
Moeketsi, C. B., Adeyelure, T. S., & Segooa, M. A. (2024). An information security assessment model for bring your own device in the South African healthcare sector. International Journal of Science Annals, 7(2), 1–10. https://doi.org/10.26697/ijsa.2024.2.1
Harvard
Moeketsi, C. B., Adeyelure, T. S., & Segooa, M. A. "An information security assessment model for bring your own device in the South African healthcare sector.". International Journal of Science Annals, [online] 7(2), pp. 1–10. viewed 30 June 2024, https://culturehealth.org/ijsa_archive/ijsa.2024.2.1.pdfVancouver
Moeketsi C. B., Adeyelure T. S., Segooa M. A. An information security assessment model for bring your own device in the South African healthcare sector.. International Journal of Science Annals [Internet]. 2024 [cited 30 June 2024]; 7(2): 1–10. Available from: https://culturehealth.org/ijsa_archive/ijsa.2024.2.1.pdf https://doi.org/10.26697/ijsa.2024.2.1