International Journal of Scientific & Technology Research

Home About Us Scope Editorial Board Blog/Latest News Contact Us
10th percentile
Powered by  Scopus
Scopus coverage:
Nov 2018 to May 2020


IJSTR >> Volume 6 - Issue 12, December 2017 Edition

International Journal of Scientific & Technology Research  
International Journal of Scientific & Technology Research

Website: http://www.ijstr.org

ISSN 2277-8616

Effectiveness Of Security Controls On Electronic Health Records

[Full Text]



Everleen Wanyonyi, Anthony Rodrigues, Silvance Abeka, Solomon Ogara



electronic health records, cyber security, safeguards, binary logit function



Electronic Health Record (EHR) systems enhance efficiency and effectiveness in handling patients’ information in healthcare. This study focused on the EHR security by initially establishing the nature of threats affecting the system and reviewing the implemented security safeguards. The study was done at a referral hospital (level 6) government facility in Kenya. Purposive sampling was used to select a sample of 196 out of 385 staff and a questionnaire designed for qualitative data collection. Data was analyzed using SPSS software. Correlations and binary logistic regression were obtained. Binary Logistic Regression (BLR) was used to establish the effect of the safeguards (predictors) on EHR security. It was established that physical security contributes more to the security of an information system than administrative controls and technical controls in that order. BLR helped in predicting effective safeguards to control EHR security threats in limited resourced public health facilities.



[1] Adesina, A. O., Agbele, K. K., Februarie, R., Abidoye, A. P., & Nyongesa, H. O. (2011). Ensuring the security and privacy of information in mobile health-care communication systems. South African Journal of Science, 107(9-10), 27-33.

[2] Åhlfeldt, R. M., & Söderström, E. (2010). Patient Safety and Patient Privacy in Information Security from the patient’s view: A Case Study19. Information Security in Distributed Healthcare, 203.

[3] Akanbi, M. and Agaba, E. (2011). Use of Electronic Health Record in Sub-saharan Africa:Progress and challenges. Journal of Medicine in the Tropics, 14(1), p.5.

[4] Appari, A. and Johnson, M. (2010). Information security and privacy in healthcare: current state of research. International Journal of Internet and Enterprise Management. 6(4), p.279.

[5] Bidgoli, H. (2006). Handbook of information security. Hoboken, N.J.: John Wiley.

[6] Business Daily (2017) http://www.businessdailyafrica.com/Insurance-fraud-more-than-triples-to-Sh324-million/-/539552/2978878/-/wcsno2/-/index.html

[7] Fibikova, L. and Mueller, R. (2012). Threats, Risks and the Derived information security strategy. Securing Electronic Business Processes, pp.11-20.

[8] Gao, Xiangzhu et al. "Implementation Of E-Health Record Systems And E-Medical Record Systems In China". The International Technology Management Review 3.2 (2013): 127-139.

[9] Gordon, Lawrence A. and Martin P. Loeb. "The Economics Of Information Security Investment". ACM Transactions on Information and System Security 5.4 (2002): 438-457.
[10] Hartwig, Robert P. "Cyber Risks: The Growing Threat". Global risks 2014 9 (2014): p.5-14.

[11] HIPPA (2008) https://www.nist.gov/healthcare/security/hipaa-security-rule

[12] Juma, K., Matoke, N., Waliaro, A., Wanyembi, G. AND Ogao, P. (2012). Current Status of e-health in Kenya and Emerging Global Trends. International Journal of Information and Communication Technology Research, 2(1).

[13] Kritzinger, E. and Solms, S. (2013). A Framework for Cyber Security in Africa. JIACS, Vol. 3, pp.1-10.

[14] Lim, J. S., Chang, S., Maynard, S., & Ahmad, A. (2009, December). Exploring the relationship between organizational culture and information security culture. In Australian information security management conference (p. 12).

[15] Muga, Richard et al. "Overview Of The Health Systems In Kenya". Kenya Health System Description. 1st ed. Nairobi: Ministry of Health, 2010. 9-15.

[16] Mugo, D. and Nzuki, D. (2014). Determinants of Electronic Health in Developing Countries. International Journal of Arts and Commerce, 3(3), p.3-4.

[17] National Institute of Standards and Technology, (2012). Performance measurement guide for information security. NIST special publication. Gaithersburg: NIST.

[18] Omotosho, A. and Emuoyibofarhe, J. (2014). A Criticism of the Current Security, Privacy and Accountability Issues in Electronic Health Records. IJAIS, 7(8), pp.11-18.

[19] Onuiri, E., Idowu, S. and Oyindolapo, K. (2015). Electronic Health Record Systems and CyberSecurity Challenges. International Conference on African Development Issues. [online] Available at: http://eprints.covenantuniversity.edu.ng/5326/1/Paper%2054.pdf [Accessed 16 Feb. 2016].

[20] Salkind, Neil J and Kristin Rasmussen. Encyclopedia Of Measurement And Statistics. 1st ed. Thousand Oaks, Calif.: SAGE Publications, 2007. p.5.

[21] Sattarova, F. and Kim, T. (2007). IT Security Review: Privacy, Protection, Access Control, Assurance and System Security. International Journal of Multimedia and Ubiquitous Engineering, 2(2), p.5.

[22] Sellars, C., & Easey, D. A. (2008). Electronic health records: data protection issues in Europe. BNA International, BNA’s World Data Protection Report April.

[23] Smith, B., Austin, A., Brown, M., King, J., Lankford, J., Meneely, A. and Williams, L. (2014). Challenges for protecting the privacy of health information: Required certification can leave common vulnerabilities undetected. Management of Computing and Information Systems. Available at: http://www.hhs.gov/healthit/healthnetwork/background/ [Accessed 6 Jun. 2016].

[24] Sood, S., Nwabueze, S., Mbarika, V., Prakash, N., Chatterjee, S., Ray, P. and Mishra, S. (2008). Electronic Medical Records: A Review Comparing the Challenges in Developed and Developing Countries. Hawaii International Conference on System Sciences. [online] Available at: https://www.computer.org/csdl/proceedings/hicss/2008/3075/00/30750248.pdf.

[25] Thompson, L. (2013) Data breach and encryption handbook. Chicago: ABA Publishing.

[26] Yamane, Taro. 1967. Statistics, An Introductory Analysis, 2nd Ed., New York: Harper and Row.