Information System Security in Healthcare Organizations in Nigeria: A Comprehensive Review

Attahiru Saminu¹ , Manir Abdullahi Kamba²

Section:Review Paper, Product Type: Journal-Paper
Vol.12 , Issue.2 , pp.26-35, Jun-2024

Online published on Jun 30, 2024

Copyright © Attahiru Saminu, Manir Abdullahi Kamba . This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
 

View this paper at   Google Scholar | DPI Digital Library

XML View     PDF Download

How to Cite this Paper

Abstract :
This review delves into the realm of information system security within Nigerian healthcare organizations, with a specific focus on federal teaching hospitals in Northern Nigeria. As Information and Communication Technology (ICT) integration becomes increasingly prevalent in healthcare, significant challenges arise, necessitating robust security measures to safeguard sensitive patient data. Identified challenges include inadequate infrastructure, human factors such as insufficient training, budget constraints, and regulatory complexities. Current security measures encompass access controls, data encryption, network security enhancements, and physical security measures, albeit with notable gaps. To mitigate risks, best practices are proposed, including regular training programs, comprehensive risk assessments, robust access controls, encryption, and regulatory compliance. Future directions entail investment in infrastructure, enhanced training, and strengthened regulations, advanced technologies adoption, collaboration, continuous monitoring, and privacy-by-design integration. By implementing these recommendations, healthcare organizations can fortify their information system security posture, ensuring patient data protection and the delivery of quality healthcare services in a secure environment. This review offers actionable insights for policymakers, healthcare administrators, IT professionals, and stakeholders invested in securing healthcare systems and upholding patient privacy.

Key-Words / Index Term :
Information System Security; Nigerian Healthcare Organizations; Challenges; Best Practices; Future Directions

References :
[1] O. Adeoye, "Human Factors in Information System Security: The Nigerian Healthcare Perspective," Journal of Health Informatics in Developing Countries, Vol. 15, No. 2, pp. 85-97, 2021.
[2] T. Akinyele, "Challenges of Information System Security in Nigerian Healthcare Organizations," African Journal of Computing & ICT, Vol. 12, No. 1, pp. 45-53, 2019.
[3] Health Records Officers Registration Board of Nigeria, "Guidelines for the Management of Health Records," HRORBN, 2018.
[4] Federal Republic of Nigeria, "National Health Act," Federal Ministry of Health, 2014.
[5] National Hospital Abuja, "Ransomware Attack Incident Report," National Hospital Abuja, 2021.
[6] National Information Technology Development Agency, "Nigeria Data Protection Regulation (NDPR)," NITDA, 2019.
[7] B. Oluwaseun, "The State of Healthcare Information Systems in Nigeria," Nigerian Journal of Clinical Practice, Vol. 23, No. 4, pp. 543-550, 2020.
[8] C. P. Pfleeger and S. L. Pfleeger, Security in Computing, 5th ed., Prentice Hall, 2015. ISBN: 9875-3456 2345 4
[9] Ponemon Institute, "2019 Cost of a Data Breach Report," Ponemon Institute, 2019.
[10] A. Shameli-Sendi, R. Aghababaei-Barzegar, and M. Cheriet, "Taxonomy of Information Security Risk Assessment (ISRA)," Computers & Security, Vol. 57, pp. 14-30, 2016.
[11] W. Stallings, Computer Security: Principles and Practice, 4th ed., Pearson, 2018.
[12] M. E. Whitman and H. J. Mattord, Principles of Information Security, 7th ed., Cengage Learning, 2021. ISBN: 6789 8794 3456 15635