Professional Documents
Culture Documents
Identification of How Health Information Security Awareness (HISA) Influence in Patient' Health Information Protection Awareness (PHIPA)
Identification of How Health Information Security Awareness (HISA) Influence in Patient' Health Information Protection Awareness (PHIPA)
Abstract— Securing the confidency of health information in awareness can have a notable influence to the patients’
health care industry has been a notable matter. Nursing health information protection awareness [3].
students are still inexperienced and are in progress to thriving In Indonesia itself, problems that related to health
their individual worths and trusts on the significance of Health information privacy that occur in hospital are include:
Information Security Awareness (HISA) and Patient’ Health
Information Protection Awareness (PHIPA). The objectives of
informations leak by unauthorized employees, computer
this study is to identify the influence of HISA in PHIPA, to units that left on when they go home or having a break, id
measure the quality of HISA and PHIPA of nursing students in data and password’s privacy unguarded that can be a risk of
Baturaja and to provide recommendations on HISA and access rights being misused by unauthorized employees,
PHIPA improvement on nursing education. Thirty-two failure in information processing, and information theft [4].
questions have been designed in the questionnaire and 94 From Park et al.’s [5] study previously indicated that the
respondents valid data were continued to analysed using HISA composed by three awareness learning components,
Partial Least Squares (PLS). Based on the analysis results, which are: General Information Security Awareness (GSA),
HISA influences nursing students’ communication, Health Information Security Regulation Awareness (HRA),
management and referral factors in PHIPA in positive ways.
And the measurement results shown that nursing students in
and Punishment Severity Awareness (PSA). Thereupon,
Baturaja has a well quality of HISA and PHIPA. Our study by Song et al. [3], resulting a measurement tool for
discovery in this study also supply implications for practice the scaling the Patient’ Health Information Protection
nursing schools and the health care industry about planning Awareness (PHIPA) with 23-items that classified into three
extended curriculum and clinical practice guiding principle to factors: Communication, Management, and Referral. It was
simplify students’ health information security awareness and a revision from previous study by Lee and Park [6] that
patient’ health information protection awareness. using four sub-domains, which are: communication, primary
nursing, patients’ information and referral activities with a
Keywords— Health Information Security Awareness (HISA),
39-item scale.
Patient’ Health Information Protection Awareness (PHIPA),
Partial Least Squares (PLS)
The similarity of those two studies are concerning
around the lack of awareness by nursing students, however
I. INTRODUCTION the correlation of HISA and PHIPA still hasn’t tested in
Securing the confidency of health information in health previous studies. Therefore, to fulfill this research gap, our
care industry has been a notable matter. According to the study conduct an investigation of how HISA influence in
Health Insurance Portability and Accountability Act PHIPA using the HISA model [5] and PHIPA measurement
(HIPAA), one of the most suspectible health care tool [3] by collecting data from nursing students in Baturaja,
stakeholders that can contravene the health information South Sumatera as our case study. In addition, our study
confidency are nursing students [1]. Nursing students are will also identify how well the quality of health IS and
still inexperienced [2] and are in progress to thriving their protection awareness of nursing students in Baturaja.
individual worths and trusts on the significance of Health The expecting contributions of our study are (1) to
Information Security Awareness (HISA) and Patient’ Health identify the influence of HISA in PHIPA, (2) to measure the
Information Protection Awareness (PHIPA). quality of nursing students in Baturaja for their health IS and
There are many opportunities that nursing students will protection awareness (3) to provide recommendations on
probably done throughout their clinical trials at hospitals or HISA and PHIPA improvement on nursing education.
The structure of this paper is as follows. First, we present
any other health care industry that will cause the disclosed
the background of the problem. Second, we discuss the
of protected health information to the related stakeholders
results of our literature review. Third, we outline our
(patient’ relatives, marketing people from health industry, research model. Fourth, we discuss the research
etc.). It is due to their unawareness, or a fragmentary methodology. Fifth, we present and analyze our research
awareness of the adjustments and sanctions related to health findings and make the recommendations. And last, we
information security (IS), or any others mistakes. Nursing present the conclusions of this research.
students’ education related to health information security
II. LITERATURE REVIEW B. Patient’ Health Information Protection Awareness
(PHIPA)
A. Health Information Security Awareness (HISA)
The Patients’ Health Information Protection Awareness
Definition of Health Information Security Awareness
(PHIPA) in health care industry is a vital ethic and legal
(HISA) is a general knowledgement about laws, security,
cognizances [3]. Protected Health Information (PHI) or
regulations, and relevant sanctions related to health
individual identity health information is information that
information that nursing student possess. In HISA
was created, lapsed, or uncovered that can be used to
conceptual, there are three types of awareness: General
identify the patient in the course of providing a health care
Information Security Awareness (GSA), Health Information
service such as diagnosis or treatment [11].
Security Regulation Awareness (HRA), and Punishment
Health organizations actually already have provided the
Severity Awareness (PSA). Acquiring the awareness to the
guide principles and policies as well as proffered an
certain level is one of expected notable output for nursing
education related to the PHIPA. Unfortunately, the health
students during their education in university or nursing
care stakeholders including nurses are still have minimum
school [7].
information on how and what regarding the protected
The awareness level has its own variety of forms. It can
patient’ health information. The reason that concerning this
indicated as ‘noticing’, or ‘awareness’, or ‘attention’ depend
case is possibly because the health care stakeholders are not
on its level. Awareness itself is a distinction between
instructed during their education time on how to administer
noticing which is a lower level of awareness and attention,
their patients’ health information [3].
the higher level of awareness [8]. Attention is a synonymous
In the case of nursing students meet variety models of
of understanding which involve an explicit learning (on the
patient’ health information, they might not savvy enough to
strength of insights, conscious knowledge, and hypotheses)
administer it precisely due to their concise education on it.
and implicit learning (learning build upon subconscious
In most case, behavioral changed is linked to an awareness
processes of abstraction and generalization)” [5].
changed. A higher level of PHIPA is correlated with a
The importance of three awareness’ types in nursing
bigger surveillance of individual information related to the
education is to rectify as well as evolve the awareness of
patient among both health care stakeholders and nursing
nursing students’ health IS. The first one is the General
students. In spite of the importance of health IS and
Information Security Awareness (GSA) which is nursing
confidency protection, there still minimum information
students’ overall knowledgement, comprehesion of potential
regarding the nursing students’ awareness of these concepts
IS related issues as well as their ramifications, and how to
[3].
deal with that security-related issues. Nursing students that
have a high awareness are the ones that familiar with the
security practices, rules, their responsibilities regarding to C. Previous HISA and PHIPA Research
information origins and the consequences of misusing it [9]. Park et al.’s [5] study assists to the research of security
Nursing students must comprehend the common concept of related to the health care. The first attempt is to build the
IS and matters to protect patients’ health information concept model of HISA with its three components which are
precisely. GSA, HRA, and PSA. After identified and conduct an
The second awareness in HISA is the Health Information experiental test about the relationship between HISA and
Security Regulation Awareness (HRA) that resembles with individual worths which are the personal norms and self-
the concept of information security policy awareness. HRA control, they elevate the comprehension which is between
itself more trend to the nursing students’ knowledgement the individual worths and the intention to disclose health
and comprehesion of security regulations, laws and information. From the study, they have found practical
requirements related to health information. Laws are implications supplied for nursing schools and the hospitals
established by government and deliver its competency, where clinical practice occurs. They also got results such as
while policies act as guiding principle of an unacceptable an outlining curriculum, organization policy related to the
behaviors in an organization [10]. Therefore, neglecting a security, and clinical practice guide principles to simplify
policy is still an acceptable excuse but neglecting law is a the HISA of nursing students.
different story. The development of measuring tool for PHIPA is started
Finally, the last one is Punishment Severity Awareness by the study from Lee and Park [6] that inquired personal
(PSA) that difined as knowledgement and comprehesion of health information of health care industry using four sub-
pinalties and affiliated with atrocity level of violating the domains which are the communication, primary nursing,
health IS that nursing students possess [5]. There may be
patients’ information, and referral activities with a 39-item
different effect related to the context of health IS. Violating
measurement. Since then, this four sub-domain 39-item
the protected health IS might be more severe than violating
the policy in other organizations that related to security in measumenet was used with nursing students for assessing
that organizations. Therefore, it is necessary to impose a aknowledgement and attitude regarding of health
more severe sentence on the violation [10]. In addition, a information protection as well.
regulatory government body institutes health IS laws which Lee et al. [12] also built a 15-item tool for scaling
include more advance pinalties than other general confidence notice regarded of personal health information
organizations done with their security policies. for citizens based on guide principles in Korea. This study
had similarity in terms of perspective by the three factors
which are: communication, management, referral with the
one Song et al. [3] conducted. The 23-item PHIPA
measurement that classified into the mentioned factors are
fewer than previous studies, for example the one that Lee B. Data Collection Procedures
and Park [13] built which is a five sub-domain measurement Data in this research were collected from three different
used to scale the insights and implementation of protecting groups. First, nurses who had worked in health care industry
patient personal information that nurses possess. In addition, for at least 15 years. Second, nurses who had worked in
Kim et al. [14] applied a revised of four sub-domain version health care industry but have not reached 15 years of
of Lee and Park’s measurement tools with nursing students. experience yet. The last one are nursing students that have
The used of the measurement tools in Lee and Park’s study experienced in internship at healthcare industry in Baturaja
[13] was for nurses in clinical settings, it also included a were recruited to fill out the questionnaire.
wide range of health information protection behaviors. The research was conducted by online which was
implemented from January, 21st 2019 until January, 28th
III. THEORITICAL FRAMEWORK 2019. Of these, 100 respondents agreed to contributed, and
answered the questionnaire as it is. The results were only 94
The HISA and PHIPA in our research model (Fig. 1) is a questionnaires that are valid to continue to the next steps of
recent revised model related to the previous studies in both this research, meanwhile the 6 of it invalid because of the
matter. We build the HISA model with its three components respondents’ incomplete the questionnaire.
(GSA, HRA, and PSA) and PHIPA model with its three
factors (communication, management, referral). The
objective of the current research is to examine the influence C. Method / Techniques for Analyzing Data
of HISA in general which is combination of the three PLS (Partial Least Squares) is counted by many
components in each of PHIPA factors. researches as an emerging multivariate data analysis
Each hypothesis (H1, H2, H3) will be tested in this study method. PLS is quite famous for its capable for dealing
to determine the correlation between HISA and PHIPA. In samples that have small size. Previous researches
addition, we will also test each hypothesis to find the recommend that a sample size of 100 to 200 which meet our
answers of whether HISA influence PHIPA’ each factors in research data collected, is actually a good start line in
positive way, negative way or not influencing at all. carrying out path modeling. PLS is worthwhile for structural
equation modeling in applied research projects especially
when there are limited respondents[15].
SmartPLS is used in this research analysis. SmartPLS is
one of the protruding software application for PLS. The
software has gained popularity since its launch in 2005 not
only because it is available free to academics and researches
but because of its user-friendly interface and advanced
reporting features as well[15].
Description Result
TABLE II. DISCRIMINANT VALIDITY USING HTMT H1 HISA influences communication in positive ways. Supported
(β = 3.071, p = 0.002).
Ca. HISA Mb. Rc.
A greater level of HISA are possibly lead to a
Ca. -
better communication in PHIPA.
HISA 0.417 -
H2 HISA influences management in positive ways. Supported
Mb. 0.692 0.455 -
(β = 4.439, p = 0.000).
Rc. 0.815 0.423 0.782 - A greater level of HISA are possibly lead to a
a. Communication factor in PHIPA better management in PHIPA.
b. Management factor in PHIPA H3 HISA influences communication in positive ways. Supported
c. Referral factor in PHIPA (β = 2.614, p = 0.009).
A greater level of HISA are possibly lead to a
B. The Results of PLS Analysis and Hypothesis Test better referral in PHIPA.