以质量求发展,以服务铸品牌

护理学报 ›› 2024, Vol. 31 ›› Issue (17): 22-27.doi: 10.16460/j.issn1008-9969.2024.17.022

• 文献研究 • 上一篇    下一篇

医护人员信息安全行为影响因素的研究进展

徐亦虹, 吴文瑾, 徐虹霞, 王佳楠, 丁珊妮, 吴觅之, 杨志超, 潘红英   

  1. 浙江大学医学院附属邵逸夫医院 护理部,浙江 杭州 310016
  • 收稿日期:2024-05-06 出版日期:2024-09-10 发布日期:2024-10-08
  • 通讯作者: 潘红英(1972-),女,浙江杭州人,硕士,主任护师,博士研究生导师。E-mail:3191016@zju.edu.cn
  • 作者简介:徐亦虹(1996-),女,浙江杭州人,硕士,护师。
  • 基金资助:
    2024 年度浙江省医药卫生科技计划一般项目(2024KY1142); 2023年度浙江省科技计划项目“尖兵”“领雁”研发攻关计划重大社会公益计划项目(2023C03191)

  • Received:2024-05-06 Online:2024-09-10 Published:2024-10-08

PDF (PC)

17

摘要: 目的 探讨医护人员信息安全行为的影响因素。方法 通过检索国内外相关文献,从人口学因素、医护人员的信息安全意图和动机、组织因素3个方面对医护人员的信息安全的影响因素进行分析。结果 医护人员信息安全行为影响因素包括:性别、职业、医院类型、健康信息安全意识、自我效能、响应效能和响应成本、感知严重性和感知易感性、亲社会规则破坏动机、信息安全氛围和文化、管理支持、内部审查有效性,等等。结论 我国应增加对医护人员信息安全行为的相关横断面调查研究,明确年龄、年资、性别、医院类型、组织层面等相关因素对其信息安全行为的影响;借助成熟的行为理论,从意识和行为层面推进相关实证研究验证其可能的影响因素。

关键词: 信息安全, 医疗信息, 安全行为, 医护人员, 影响因素

中图分类号: 

  • R47
[1] 王晨光, 张怡. 《基本医疗卫生与健康促进法》的功能与主要内容[J]. 中国卫生法制, 2020,28(2):1-8.DOI:10.19752/j.cnki.1004-6607.2020.02.001.
[2] Lee E, Seomun G.Structural model of the healthcare information security behavior of nurses applying protection motivation theory[J]. Int J Environ Res Public Health, 2021,18(4):1-13.DOI:10.3390/ijerph18042084.
[3] Safa NS, Sookhak M, Von Solms R, et al.Information security conscious care behaviour formation in organizations[J]. Comput Secur, 2015,53(SEP):65-78.DOI:10.3390/ijerph18042084.
[4] Yeng PK, Yang B, Snekkenes EA.Healthcare staffs' information security practices towards mitigating data breaches: a literature survey[C]//16th International Conference on Wearable Micro and Nano Technologies for Personalized Health (pHealth), Genoa, 2019.
[5] Ahmad A, Maynard SB, Desouza KC, et al.How can organizations develop situation awareness for incident response: a case study of management practice[J]. Comput Secur, 2021,101:1.DOI:10.1016/j.cose.2020.102122.
[6] Kessler SR, Pindek S, Kleinman G, et al.Information security climate and the assessment of information security risk among healthcare employees[J]. Health Inform J, 2020,26(1):461-473.DOI:10.1177/1460458219832048.
[7] 竺佳琪. 企业差错管理氛围对员工信息安全行为的影响研究[D]. 长春:长春理工大学, 2021.
[8] Morganelli C.Exploring user-centric innovation in the design of information security awareness programs in health care: a case study[D]. Minneapolis:Capella University, 2021.
[9] Koppel R, Smith S, Blythe J, et al.Workarounds to computer access in healthcare organizations: you want my password or a dead patient?[J]. Stud Health Technol Inform, 2015,208:215-220.
[10] Sari PK, Handayani PW, Hidayanto AN.Demographic comparison of information security behavior toward health information system protection: survey study[J].JMIR Form Res, 2023,7:e49439.DOI:10.2196/49439.
[11] Gangire Y, Da Veiga A, Herselman M.A conceptual model of information security compliant behaviour based on the self-determination theory[C]//2019 Conference on Information Communications Technology and Society(ICTAS), Durban, 2019.
[12] Ifinedo P, Akinnuwesi BA.Employees' non-malicious, Counterproductive Computer Security Behaviors (CCSB) in Nigeria and Canada: an empirical and comparative analysis[C]// 2014 IEEE 6th International Conference on Adaptive Science Technology (ICAST), Ota, 2014.
[13] Sarkar S, Vance A, Ramesh B, et al.The influence of professional subculture on information security policy violations: a field study in a healthcare context[J].Inf Syst Res, 2020,31(4):1240-1259.DOI:10.1287/isre.2020.0941.
[14] Ma CC, Kuo KM, Alexander JW.A survey-based study of factors that motivate nurses to protect the privacy of electronic medical records[J]. BMC Med Inform Decis Mak, 2016,16.DOI:10.1186/s12911-016-0254-y.
[15] Alhuwail D, Al-Jafar E, Abdulsalam Y, et al.Information security awareness and behaviors of health care professionals at public health care facilities[J]. Appl Clin Inform, 2021,12(4):924-932.DOI:10.1055/s-0041-1735527.
[16] Park EH, Kim J, Wiles LL, et al.Factors affecting intention to disclose patients' health information[J]. Comput Secur, 2019,87.DOI:10.1016/j.cose.2018.05.003.
[17] Alanazi ST, Anbar M, Ebad SA, et al.Theory-based model and prediction analysis of information security compliance behavior in the saudi healthcare sector[J].Symmetry (Basel), 2020,12(9):1544.DOI:10.3390/sym12091544.
[18] Herath T, Rao HR.Encouraging information security behaviors in organizations: Role of penalties, pressures and perceived effectiveness[J]. Decis Support Syst, 2009,47(2):154-165.DOI:10.1016/j.dss.2009.02.005.
[19] Alexandrou A, Chen L.A security risk perception model for the adoption of mobile devices in the healthcare industry[J]. Secur J, 2019,32(4):410-434.DOI:10.1057/s41284-019-00170-0.
[20] Dong K, Ali RF, Dominic PDD, et al.The effect of organizational information security climate on information security policy compliance: the mediating effect of social bonding towards healthcare nurses[J]. Sustainability, 2021,13(5):28.DOI:10.3390/su13052800.
[21] Hewitt B, Dolezel D, McLeod AJ. Mobile device security: perspectives of future healthcare workers[J].Perspect Health Inf Manag, 2017,14(Winter):1c.
[22] Park E, Kim J, Park YS.The role of information security learning and individual factors in disclosing patients' health information[J]. Comput Secur, 2016(65):64-76.DOI:10.1016/j.cose.2016.10.011.
[23] Bulgurcu B, Cavusoglu H, Benbasat I.Information security policy compliance:an empirical study of rationality-based beliefs and information security awareness[J]. MISQ, 2010,34(3):523-548.
[24] Humaidi N, Balakrishnan V.Indirect effect of management support on users' compliance behaviour towards information security policies[J]. Health Inf Manag, 2018,47(1):17-27.DOI:10.1177/1833358317700255.
[25] Kolkowska E, Karlsson F, Hedstrom K.Towards analysing the rationale of information security noncompliance: devising a value-based compliance analysis method[J]. J Strateg Inf Syst, 2017,26(1):39-57.DOI:10.1016/j.jsis.2016.08.005.
[26] Pathania A, Rasool G.Investigating power styles and behavioural compliance for effective hospital administration an application of AHP[J].Int J Health Care Qual Assur, 2019,32(6):958-977.DOI:10.1108/IJHCQA-02-2018-0059.
[27] Herath T, Rao HR.Protection motivation and deterrence: a framework for security policy compliance in organisations[J]. Eur J Inf Syst, 2009,18(2):106-125.DOI:10.1057/ejis.2009.6.
[28] Herath T, Rao HR.Encouraging information security behaviors in organizations: Role of penalties, pressures and perceived effectiveness[J]. Decis Support Syst, 2009,47(2):154-165.
[29] Ifinedo P.Understanding information systems security policy compliance:An integration of the theory of planned behavior and the protection motivation theory[J]. Comput Secur, 2012,31(1):83-95.DOI:10.1016/j.cose.2011.10.007.
[30] Jalali MS, Bruckes M, Westmattelmann D, et al.Why employees (still) click on phishing links: investigation in hospitals[J]. J Med Internet Res, 2020,22(1):e16775.DOI:10.2196/16775.
[31] Gibbs JP.Deterrence theory and research[J]. Nebr Symp Motiv, 1985,33:87-130.
[32] Hu Q, Dinev T,Hart P,et al.Managing employee compliance with information security policies: the critical role of top management and organizational culture[J].Decis Sci, 2012,43(4):615-659.DOI:10.1111/j.1540-5915.2012.00361.x.
[33] International Organization for Standar dization. ISO 27799: 2016 Health Infor matics: Information Security Management in Health Using ISO/IEC 27002[S]. ISO, Geneva, 2016.
[34] Yang C, Lee H.A study on the antecedents of healthcare information protection intention[J]. Inf Syst Front, 2016,18(2):253-263.DOI:10.1007/s10796-015-9594-x.
[35] International Standard Organization.ISO/IEC 27001 information technology-security techniques-information security management systems_x0002_requirements[S]. 2013.
[36] Kuo K, Talley PC, Lin DM.Hospital staff's adherence to information security policy: a quest for the antecedents of deterrence variables[J]. Inquiry, 2021, 58.DOI:10.1177/00469580211029599.
[37] Rogers RW.A protection motivation theory of fear appeals and attitude change1[J]. J Psychol, 1975,91(1):93-114.DOI:10.1080/00223980.1975.9915803.
[38] Samhan B.Security behaviors of healthcare providers using HIT outside of work:a technology threat avoidance perspective[C]//2017 8th international conference on information and communication systems (ICICS), Irbid, 2017.
[39] Kim J, Park EH, Park YS, et al.Prosocial rule breaking on health information security at healthcare organisations in South Korea[J]. Inf Syst J, 2022,32(1):164-191.DOI:10.1111/isj.12338.
[40] Hader AL, Brown ED.Patient privacy and social media[J]. AANA Journal, 2010,78(4):270-274.
[41] Fauzi MA, Yeng P, Yang B, et al.Examining the link between stress level and cybersecurity practices of hospital staff in indonesia[C]//ARES 2021:16th international conference on availability, reliability and security. Electr Network, 2021.
[42] Dong K, Ali RF, Dominic PDD, et al.The effect of organizational information security climate on information security policy compliance: the mediating effect of social bonding towards healthcare nurses[J].Sustainability, 2021,13(5):28.DOI:10.3390/su13052800.
[43] Beus JM, Dhanani LY, McCord MA. A meta-analysis of personality and workplace safety: addressing unanswered questions[J]. J Appl Psychol, 2015,100(2):481-498.DOI:10.1037/a0037916.
[44] Sari PK, Handayani PW, Hidayanto AN, et al.Information security behavior in health information systems: a review of research trends and antecedent factors[J]. Healthcare, 2022,10(12):25-31.DOI:10.3390/healthcare10122531.
[45] Humaidi N, Balakrishnan V.Indirect effect of management support on users' compliance behaviour towards information security policies[J]. Health Inf Manag J, 2018,47(1):17-27.DOI:10.1177/1833358317700255.
[46] Cuganesan S, Steele C, Hart A.How senior management and workplace norms influence information security attitudes and self-efficacy[J]. Behav Inf Technol, 2018,37(1):50-65.DOI:10.1080/0144929X.2017.1397193.
[47] Zohar D, Luria G.A multilevel model of safety climate: cross-level relationships between organization and group-level climates[J]. J Appl Psychol, 2005,90(4):616-628.DOI:10.1037/0021-9010.90.4.616.
[48] Yoo CW, Sanders GL, Cerveny RP.Exploring the influence of flow and psychological ownership on security education, training and awareness effectiveness and security compliance[J].Decis Support Syst, 2018, 108:107-118.DOI:10.1016/j.dss.2018.02.009.
[49] Ahmad Z, Ong TS, Liew TH, et al.Security monitoring and information security assurance behaviour among employees an empirical analysis[J]. Inf Comput Secur, 2019, 27(2):165-188.DOI:10.1108/ICS-10-2017-0073.
[50] Hanskamp SM, Zegers M, Westert GP, et al.Effects of patient safety auditing in hospital care: results of a mixed-method evaluation (part 1)[J]. Int J Qual Health Care, 2019,31(7):8-15.DOI:10.1093/intqhc/mzy134.
[51] Ifinedo P.Information systems security policy compliance: An empirical study of the effects of socialisation, influence, and cognition[J]. Inf Manag, 2014,51(1):69-79.DOI:10.1016/j.im.2013.10.001.
[52] Safa NS, Von Solms R, Furnell S.Information security policy compliance model in organizations[J].Comput Secur, 2016,56:70-82.DOI:10.1016/j.cose.2015.10.006.
[53] Cram WA, D'Arcy J, Proudfoot JG. Seeing the forest and the trees:a Meta-analysis of the antecedents to information security policy compliance[J]. MISQ, 2019,43(2):525.DOI:10.25300/MISQ/2019/15117.
[1] 陈莹莹, 丁红, 张根生. 患儿术后谵妄影响因素的研究进展[J]. 护理学报, 2024, 31(9): 32-35.
[2] 曹娟, 李方, 于跃, 戴丽, 杨丹丹, 李志华, 徐欣怡, 戴琪, 陈柯宇. 食管癌术后静脉血栓栓塞症风险预测模型的构建及验证[J]. 护理学报, 2024, 31(8): 63-68.
[3] 朱心悦, 嵇冰聪, 蓝雪芬, 季晓珍. 糖尿病患者电子健康素养研究进展[J]. 护理学报, 2024, 31(7): 36-39.
[4] 李莹, 周志欢. ICU护理缺失的研究进展[J]. 护理学报, 2024, 31(6): 43-46.
[5] 黄鑫, 余丽君, 张二明, 哈丽娜. 稳定期COPD患者的能量摄入现状及影响因素分析[J]. 护理学报, 2024, 31(5): 12-16.
[6] 刘明东, 丁珊妮, 王佳楠, 徐亦虹, 王金瑞, 张笑笑, 潘红英. 护理信息安全的研究进展[J]. 护理学报, 2024, 31(4): 33-37.
[7] 张思爱, 赖翠薇, 李佳佳, 张亚军, 汪张毅, 张正涛, 法天锷. 护士专业态度的影响因素研究进展[J]. 护理学报, 2024, 31(4): 38-41.
[8] 姜妍, 黎佩莺, 王芳, 葛莉丽, 王桂梅, 田晓岚, 尹小兵. 临床护理软技能培训的影响因素及现状研究[J]. 护理学报, 2024, 31(2): 48-52.
[9] 教锐, 李金萍, 程楠, 谭亦周, 刘祥英. 护士内部人身份感知现状及影响因素研究[J]. 护理学报, 2024, 31(18): 16-20.
[10] 高梦珂, 张艳, 田雨同, 高月. 826名农村失能老人适应能力现状及影响因素研究[J]. 护理学报, 2024, 31(18): 56-60.
[11] 潘靖达, 董燕燕, 何家欣, 刘红利, 林穗仪, 于红静, 潘珊, 李佳佳, 凌冬兰. 医护人员对癌症患者病情披露心理体验的Meta整合[J]. 护理学报, 2024, 31(16): 56-61.
[12] 徐田, 温贤秀, 陈欣, 苟莉, 刘亚茹, 陈韵旬. 护士健康生产力受损的研究进展[J]. 护理学报, 2024, 31(15): 23-28.
[13] 张娜, 江玉, 杨丽娜, 于清舒, 王音. 713名临床护士团队效能感现状及影响因素[J]. 护理学报, 2024, 31(14): 69-73.
[14] 张一帆, 徐晓霞, 王子佼, 刘腊梅, 李珍英, 毛真雪. 肿瘤科护士道德勇气的潜在类别及影响因素分析[J]. 护理学报, 2024, 31(13): 7-11.
[15] . 老年人咀嚼功能临床研究现状[J]. 护理学报, 2024, 31(12): 21-25.
Viewed
Full text


Abstract

Cited
  Shared   
[1] 王晓宁, 缪群芳, 李培清, 辛思莹, 黄姚姚. 自杀公众污名量表的汉化及在中国公众人群中的信效度检验[J]. 护理学报, 2024, 31(17): 1 -7 .
[2] 康俊贤, 崔玉, 张小丽, 邢凤梅, 汪凤兰. 共病老年人及其配偶内在力量、赋权水平与生存质量的关系研究[J]. 护理学报, 2024, 31(17): 8 -12 .
[3] 江安琪, 付红英, 宋媛媛, 陈旭, 翟强鑫, 葛瑞钰. 贵州省伤口专科护士培训指导教师带教体验的质性研究[J]. 护理学报, 2024, 31(17): 13 -16 .
[4] 陈沁, 张军, 杨冰香, 刘燕群, 周芙玲. 国内外智慧护理服务模式的研究进展[J]. 护理学报, 2024, 31(17): 17 -21 .
[5] 罗海琴, 谢日华, 梁绰意. 正念干预对不孕症女性心理健康和生活质量影响的Meta分析[J]. 护理学报, 2024, 31(17): 28 -34 .
[6] 蔡岩秀, 李静, 毕刘娜, 王琳琳, 韩静. 肝癌术后患者疲乏症状非药物管理策略的最佳证据总结[J]. 护理学报, 2024, 31(17): 35 -39 .
[7] 施杨, 顾志娥, 朱彤, 喻静, 王林. 社会网络和自我忽视在老年缺血性脑卒中患者衰弱与认知功能间的链式中介效应[J]. 护理学报, 2024, 31(17): 40 -45 .
[8] 朱亚晋, 王朝辉, 代明珠, 王琳, 孙莹莹. 临床护士文化能力量表的汉化及信效度检验[J]. 护理学报, 2024, 31(17): 46 -50 .
[9] 梁欢, 王璐, 孙志霞. 肿瘤患者留置PICC决策后悔发展轨迹及影响因素分析[J]. 护理学报, 2024, 31(17): 51 -56 .
[10] 戴琪, 李方, 朱媛, 张筱童. 基于KANO模型的肺癌手术患者智慧照护需求分析[J]. 护理学报, 2024, 31(17): 57 -60 .