Skip to main content
SpringerLink
Log in

A Critical Analysis of Requirements and Recommendations for Multi-modal Access Control in Hospitals

  • Conference paper
  • First Online:
Information Technology and Systems (ICITS 2019)

Part of the book series: Advances in Intelligent Systems and Computing ((AISC,volume 918))

Included in the following conference series:

  • 2103 Accesses

Abstract

Lack of user awareness and user acceptance of the importance of practising a good access-control approach, particularly in the healthcare sector of South Africa, is a challenging issue in the area of the security of information. The challenge results in breaches to information stored in medical information systems, fraud, and medical identity theft. The paper proposes the hospital user awareness and user acceptance framework for multimodal access control in the medical information systems. The survey results from participants in Charlotte Maxeke Academic hospital, based in Johannesburg showed a response rate of 86%. Focusing on the objectives of the study the results showed that 76.7% of users’ lack knowledge in the security of information and that there is a lack of security awareness education and training in the hospital. The results of the study are presented and analysed through IBM SPSS statistical software that is used for data analysis.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 219.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Abubaka, F.M., Ahmad, H.B.: Mediating role of technology awareness on social influence–behavioural intention relationship. Res. J. 2(1), 119 (2014)

    Google Scholar 

  2. Becker, J., Knackstedt, R., Pöppelbuß, J.: Developing maturity models for IT management. Bus. Inf. Syst. Eng. 1(3), 213–222 (2009)

    Article  Google Scholar 

  3. Besnard, D., Arief, B.: Computer security impaired by legitimate users. Comput. Secur. 23(3), 253–264 (2004)

    Article  Google Scholar 

  4. Boyinbode, O., Toriola, G.: CloudeMR: a cloud-based electronic medical record system. Int. J. Hybrid Inf. Technol. 8(4), 201–212 (2015)

    Google Scholar 

  5. Bryman, A.: Social Research Methods. Oxford University Press, Oxford (2015)

    Google Scholar 

  6. Caballero, A.: Security education, training, and awareness. In: Computer and Information Security Handbook, 3rd edn, pp. 497–505 (2017)

    Chapter  Google Scholar 

  7. D’Arcy, J., Hovav, A., Galletta, D.: User awareness of security countermeasures and its impact on information systems misuse: a deterrence approach. Inf. Syst. Res. 20(1), 79–98 (2009)

    Article  Google Scholar 

  8. Drake, T., Kanu, A., Silverman, N.: Health care fraud. Am. Crim. Law Rev. 50, 1131 (2013)

    Google Scholar 

  9. Ferraiolo, D., Kuhn, D.R., Chandramouli, R.: Role-Based Access Control. Artech House, Norwood (2003)

    MATH  Google Scholar 

  10. Glinz, M.: On non-functional requirements. In: 15th IEEE International Requirements Engineering Conference, RE 2007, pp. 21–26. IEEE, October 2007

    Google Scholar 

  11. Lafferty, L.: Medical identity theft: the future threat of health care fraud is now. J. Health Care Compliance 9(1), 11–20 (2007)

    Google Scholar 

  12. Omotosho, A., Adegbola, O., Adelakin, B., Adelakun, A., Emuoyibofarhe, J.: Exploiting multimodal biometrics in e-privacy scheme for electronic health records. arXiv preprint arXiv:1502.01233 (2015)

  13. Osborn, S.: Mandatory access control and role-based access control revisited. In: Proceedings of the Second ACM Workshop on Role-Based Access Control, pp. 31–40. ACM, November 1997

    Google Scholar 

  14. Peltier, T.R.: Information Security Risk Analysis. Auerbach Publications (2010)

    Google Scholar 

  15. Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-based access control models. Computer 29(2), 38–47 (1996)

    Article  Google Scholar 

  16. Smyth, R.: Exploring the usefulness of a conceptual framework as a research tool: a researcher’s reflections. Issues Educ. Res. 14(2), 167 (2004)

    Google Scholar 

  17. Solove, D.J., Schwartz, P.: Information Privacy Law. Wolters Kluwer Law & Business (2014)

    Google Scholar 

  18. Spears, J.L., Barki, H.: User participation in information systems security risk management. MIS Q. 34(3), 503–522 (2010)

    Article  Google Scholar 

  19. Terry, N.P., Francis, L.P.: Ensuring the privacy and confidentiality of electronic health records. Univ. Ill. Law Rev. 681 (2007)

    Google Scholar 

  20. Venkatesh, V., Morris, M.G., Davis, G.B., Davis, F.D.: User acceptance of information technology: toward a unified view. MIS Q. 27(3), 425–478 (2003)

    Article  Google Scholar 

  21. Von Solms, R., Van Niekerk, J.: From information security to cyber security. Comput. Secur. 38, 97–102 (2013)

    Article  Google Scholar 

  22. Ward, R., Stevens, C., Brentnall, P., Briddon, J.: The attitudes of health care staff to information technology: a comprehensive review of the research literature. Health Inf. Libr. J. 25(2), 81–97 (2008)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. University of Johannesburg, PO Box 524, Auckland Park, Johannesburg, 2006, South Africa

    Mapula Elisa Maeko & Dustin van der Haar

Authors
  1. Mapula Elisa Maeko
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Dustin van der Haar
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Dustin van der Haar .

Editor information

Editors and Affiliations

  1. DEI/FCT, Universidade de Coimbra, Coimbra, Portugal

    Álvaro Rocha

  2. Facultad de Geografía, Universidad de Santiago de Compostela, Santiago Compostela, La Coruña, Spain

    Carlos Ferrás

  3. Departamento de Eléctrica, Electrónica y Telecomunicaciones, Universidad de las Fuerzas Armadas “ESPE”, Sangolqui, Ecuador

    Manolo Paredes

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Maeko, M.E., van der Haar, D. (2019). A Critical Analysis of Requirements and Recommendations for Multi-modal Access Control in Hospitals. In: Rocha, Á., Ferrás, C., Paredes, M. (eds) Information Technology and Systems. ICITS 2019. Advances in Intelligent Systems and Computing, vol 918. Springer, Cham. https://doi.org/10.1007/978-3-030-11890-7_69

Download citation

Publish with us

Policies and ethics

Search

Navigation