Cargando…
Assessing staff awareness and effectiveness of educational training on IT security and privacy in a large healthcare organization
BACKGROUND: The increased use of health information systems and information technology (IT) in healthcare heightens the risk of security and privacy breaches. Necessary measures such as effective IT training and education are required to meet the challenges of protecting patient information. PURPOSE...
| Autores principales: | , , |
|---|---|
| Formato: | Online Artículo Texto |
| Lenguaje: | English |
| Publicado: |
Dove Medical Press
2019
|
| Materias: | |
| Acceso en línea: | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC6331063/ https://www.ncbi.nlm.nih.gov/pubmed/30666123 http://dx.doi.org/10.2147/JMDH.S183275 |
| _version_ | 1783387079619641344 |
|---|---|
| author | Arain, Mubashir Aslam Tarraf, Rima Ahmad, Armghan |
| author_facet | Arain, Mubashir Aslam Tarraf, Rima Ahmad, Armghan |
| author_sort | Arain, Mubashir Aslam |
| collection | PubMed |
| description | BACKGROUND: The increased use of health information systems and information technology (IT) in healthcare heightens the risk of security and privacy breaches. Necessary measures such as effective IT training and education are required to meet the challenges of protecting patient information. PURPOSE: The objective of the study was to determine the effectiveness of existing educational and awareness modules in delivering the key messages around IT security and privacy. METHODS: The study was conducted in a large healthcare organization in Western Canada from September 2016 to March 2017. Using proportionate stratified random sampling, an online survey was distributed to all professional groups including clinical and non-clinical staff. In total, 586 participants responded to questions pertaining to whether or not they were aware of the IT education material, common potential breaches, and knowledge in preventing IT security and privacy breaches. Data were analyzed in SPSS version 19. RESULTS: The study found that most of the participants (80.9%) completed the online IT training. Staff perceived the online training as effective (57.5%). There was a significant positive correlation between staff perception about the effectiveness of IT security educational material and satisfaction with IT security in the organization (r=0.34, P<0.01). Those who completed the training were 4.2-times (CI=2.0–8.8) more likely to correctly report the action upon receiving spam emails than those who had not completed the training. The most common type of breach stated was not knowing how to encrypt emails when sending emails outside the organization. Only a small proportion of clinical (25.5%) and non-clinical staff (30.4%) reported knowing how to encrypt emails. Also, participants identified various strategies for improving the module content and compliance. CONCLUSION: Online training provides a basic understanding of IT security and privacy concepts to prevent potential breaches. The training should be an integral part of healthcare staff continuing education to protect patient information. |
| format | Online Article Text |
| id | pubmed-6331063 |
| institution | National Center for Biotechnology Information |
| language | English |
| publishDate | 2019 |
| publisher | Dove Medical Press |
| record_format | MEDLINE/PubMed |
| spelling | pubmed-63310632019-01-21 Assessing staff awareness and effectiveness of educational training on IT security and privacy in a large healthcare organization Arain, Mubashir Aslam Tarraf, Rima Ahmad, Armghan J Multidiscip Healthc Original Research BACKGROUND: The increased use of health information systems and information technology (IT) in healthcare heightens the risk of security and privacy breaches. Necessary measures such as effective IT training and education are required to meet the challenges of protecting patient information. PURPOSE: The objective of the study was to determine the effectiveness of existing educational and awareness modules in delivering the key messages around IT security and privacy. METHODS: The study was conducted in a large healthcare organization in Western Canada from September 2016 to March 2017. Using proportionate stratified random sampling, an online survey was distributed to all professional groups including clinical and non-clinical staff. In total, 586 participants responded to questions pertaining to whether or not they were aware of the IT education material, common potential breaches, and knowledge in preventing IT security and privacy breaches. Data were analyzed in SPSS version 19. RESULTS: The study found that most of the participants (80.9%) completed the online IT training. Staff perceived the online training as effective (57.5%). There was a significant positive correlation between staff perception about the effectiveness of IT security educational material and satisfaction with IT security in the organization (r=0.34, P<0.01). Those who completed the training were 4.2-times (CI=2.0–8.8) more likely to correctly report the action upon receiving spam emails than those who had not completed the training. The most common type of breach stated was not knowing how to encrypt emails when sending emails outside the organization. Only a small proportion of clinical (25.5%) and non-clinical staff (30.4%) reported knowing how to encrypt emails. Also, participants identified various strategies for improving the module content and compliance. CONCLUSION: Online training provides a basic understanding of IT security and privacy concepts to prevent potential breaches. The training should be an integral part of healthcare staff continuing education to protect patient information. Dove Medical Press 2019-01-09 /pmc/articles/PMC6331063/ /pubmed/30666123 http://dx.doi.org/10.2147/JMDH.S183275 Text en © 2019 Arain et al. This work is published and licensed by Dove Medical Press Limited The full terms of this license are available at https://www.dovepress.com/terms.php and incorporate the Creative Commons Attribution – Non Commercial (unported, v3.0) License (http://creativecommons.org/licenses/by-nc/3.0/). By accessing the work you hereby accept the Terms. Non-commercial uses of the work are permitted without any further permission from Dove Medical Press Limited, provided the work is properly attributed. |
| spellingShingle | Original Research Arain, Mubashir Aslam Tarraf, Rima Ahmad, Armghan Assessing staff awareness and effectiveness of educational training on IT security and privacy in a large healthcare organization |
| title | Assessing staff awareness and effectiveness of educational training on IT security and privacy in a large healthcare organization |
| title_full | Assessing staff awareness and effectiveness of educational training on IT security and privacy in a large healthcare organization |
| title_fullStr | Assessing staff awareness and effectiveness of educational training on IT security and privacy in a large healthcare organization |
| title_full_unstemmed | Assessing staff awareness and effectiveness of educational training on IT security and privacy in a large healthcare organization |
| title_short | Assessing staff awareness and effectiveness of educational training on IT security and privacy in a large healthcare organization |
| title_sort | assessing staff awareness and effectiveness of educational training on it security and privacy in a large healthcare organization |
| topic | Original Research |
| url | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC6331063/ https://www.ncbi.nlm.nih.gov/pubmed/30666123 http://dx.doi.org/10.2147/JMDH.S183275 |
| work_keys_str_mv | AT arainmubashiraslam assessingstaffawarenessandeffectivenessofeducationaltrainingonitsecurityandprivacyinalargehealthcareorganization AT tarrafrima assessingstaffawarenessandeffectivenessofeducationaltrainingonitsecurityandprivacyinalargehealthcareorganization AT ahmadarmghan assessingstaffawarenessandeffectivenessofeducationaltrainingonitsecurityandprivacyinalargehealthcareorganization |