Information technology in medical research improving the security of medical research information. a case study of Kenya Medical Research Institute (KEMRI)
Abstract
This research describes the current status of the security of medical research information with the focus on Kenya Medical Research Institute (KEMRI) and how to improve it. Currently, there are no adequate security protection mechanisms for medical research information at the institution. The aim of this research was to design a framework that would ensure improved security of medical research information. To achieve this, the researcher had to determine and document the specific threats to the medical research information and their relative frequency of occurrence, determine the information systems security controls in place to secure the information and their relative predominance and to determine the security policies in place to govern the medical research information on storage and during transmission. Qualitative and quantitative research methods were used to collect data for the study. Research instruments employed were interviews, observations and structured questionnaires. The respondents were data analysts, lab technicians and doctors. Study results show that 75% of the threats most experienced were from viruses and worms followed by data leakage at 42.2%. The security measures in place were also inadequate, with 73% of the respondents using passwords and 68% using access restrictions. Security policies were not clearly defined, documented, distributed, or communicated to the employees and 55% were not aware of any policy. The policies were also not easily accessible. There were also no security policies to govern electronic medical research information The proposed framework, called the Comprehensive Enterprise Security Approach (CESA), consists of Security Policy, Asset Classification, Threat Classification, Controls Analysis, Implementation, Audit and Maintenance activities. When implemented, it will aid the organisation to increase user awareness through trainings, add the security measures and security policies, and protect the hardware and the information or data by preventing threats, hence increasing the security to the medical research information.
Collections
Related items
Showing items related by title, author, creator and subject.
-
Managing chronic conditions through hosted medical records in Kenya
Mbogo, Rachel Waema; Mbogo, SalesioComplex medical conditions are rising in developing countries at very alarming rates. E.g. projections from the World Health Organization’s global burden of disease and risk factors report chronic diseases are responsible ... -
Pricing a post-retirement medical insurance product
Ndubai, Jackline Mwendwa (Strathmore University, 2018)Privately purchased medical insurance is very expensive for retirees. In Kenya, some companies even put an age cap restricting on insurance. A post-retirement medical insurance product helps in planning for medical expenses ... -
Effect of Electronic Medical Record Systems on the delivery of hospital services in Kenya: an operational efficiency perspective
Marete, Kevin (Strathmore University, 2018)Delivery of hospital services has been experiencing various challenges such as escalating costs of care delivery. Spending in healthcare is wasted due to operational inefficiency leading to poor healthcare outcomes. Health ...