How can hospitals better protect the privacy of electronic medical records? Perspectives from staff members of health information management departments

Purpose: The adoption of electronic medical records (EMR) is expected to better improve overall healthcare quality and to offset the financial pressure of excessive administrative burden. However, safeguarding EMR against potentially hostile security breaches from both inside and outside healthcare facilities has created increased patients' privacy concerns from all sides. The aim of our study was to examine the influencing factors of privacy protection for EMR by healthcare professionals. Method: We used survey methodology to collect questionnaire responses from staff members in health information management departments among nine Taiwanese hospitals active in EMR utilisation. A total of 209 valid responses were collected in 2014. We used partial least squares for analysing the collected data. Results: Perceived benefits, perceived barriers, self-efficacy and cues to action were found to have a significant association with intention to protect EMR privacy, while perceived susceptibility and perceived severity were not. Conclusion: Based on the findings obtained, we suggest that hospitals should provide continuous ethics awareness training to relevant staff and design more effective strategies for improving the protection of EMR privacy in their charge. Further practical and research implications are also discussed.