Extant literature supports that e-health applications are developed with a proper set of security mechanisms in place. However, the majority of the security mechanisms were not considered from the users' point of view. As a result, the security of health information is becoming an important and growing concern. The objective of this study is to evaluate the usability of security mechanisms of e-Health applications functional at health facilities operating under the Addis Ababa Health Bureau, and identify the strengths and weaknesses of the usability of the security features of the e-Health applications. This study uses a qualitative research methodology. The findings revealed that out of the thirteen criteria, learnability, aesthetics and minimalist design, and user language complied; on the contrary, revocability and user suitability were not in compliance with security features according to all the experts' review of all e-Health applications. Finally, recommendations were given for practice, and suggestions were forwarded for future research.
TopBackground
Information security (IS) has become a major concern of different stakeholders, users, governments, service providers, systems developers, and systems administrators (Jang-Jaccard & Nepal, 2014; Ksibi et al., 2022). These concerns are even growing more in health systems. Health systems play an important role in information processing in healthcare for the benefit of the patient as well as the hospital health professionals. Additionally, they have many benefits, such as quick and easy access, storage, and retrieval of Patient Health Information (PHI) data in a protected manner for authenticated and authorized users. An E-health application is a health information management system that supports healthcare providers to maintain a record of patient diagnosis and treatment for current use as well as future reference (Evans, 2016; Mehrtak, 2021). Due to the sensitivity of the PHI, a proper security measure must be in place to protect it from a data breach (Smith, 2019; Argaw et al., 2020). Many e-Health systems have been developed to meet the purposeful requirement and more with a proper set of protection mechanisms from the development point of view (Bourgeois, 2014). However, these security mechanisms were not considered from the users’ point of view (Hof, 2012; Giansanti et al., 2021). In addition, it is a major concern that requires new approaches in systems design to balance the developers' view with the users’ view of security mechanisms (Dalpiaz et al., 2016). Therefore, e-health applications need to provide effective, high-quality support for providing the best care for patients without compromising security.
Protection within the e-health device deals with securing private health-associated information from unauthorized access, use, disclosure, disruption, change, or destruction. Patients worry that their private medical data may influence their employers’ decisions approximately promotions or downsizing or be made public in press reviews or civil court movements (Institute of Medicine, 2009). Also, privacy is the right of persons, agencies, or establishments to regulate private and sensitive information of dissemination to other parties with a proper and indicated use of that information (Holvast, 2009). Nowadays, many healthcare organizations are vulnerable to security attacks since they contain sensitive patient information (Chowdhury et al., 2018). Patients are required to share information with their physicians to facilitate accurate analysis and treatment, especially to avoid unfavorable drug interactions (Burton et al., 2004). Patients trust their health providers if their information is kept private and secure (Institute of Medicine, 2009) and this leads them to be more willing to discuss their symptoms, conditions, and past and present risk behaviors. However, patient data can be hacked, manipulated, or destroyed by internal or external users and result in improper modification of diagnosis results that can threaten patient health or even his/her life. Also, patient health information plays a major role in conducting medical research for improving healthcare quality. However, the disclosure of health information for various reasons raises concerns about privacy (Institute of Medicine, 1994).