Securing the privacy of patients’ electronic personal information in South African hospitals during COVID-19.
Loading...
Date
2021
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
Abstract
South African organisations have been noticeably ill-prepared in their prevention of data
breaches, even amidst the coronavirus public health predicament, where a palpable onslaught
of cyberattacks targeting the healthcare sector has arisen locally and globally. The true victims
of hospital data breaches in particular remain the patients, who are ultimately deprived of their
constitutional right to privacy when electronic records containing their personal information
become ‘free real estate’ to cybercriminals. The crux of deterrence of such cybercrime is within
the principle of prevention via the utilisation of appropriate cybersecurity and information
security controls at an organisational level. With the newly promulgated Protection of Personal
Information Act (2013) and Cybercrimes Act (2020), greater legal scrutiny is placed upon
South African hospitals to defend the privacy of patients’ data stored on their systems. As per
the National Health Act (2003), hospitals have a further obligation to maintain the
confidentiality of their patients’ records. This study proposes effective cybersecurity and
information security practices that lend support in ensuring the confidentiality, integrity and
accessibility of patients’ electronic personal information records in South African private
hospitals. Compliance thereof would definitively result in enhanced service delivery and data
security for these hospitals and patients alike, whilst adhering to the national legislative
requirements.
Description
Masters Degree. University of KwaZulu-Natal, Durban.