Background: In Ghana, the adoption of health information governance (IG) by hospitals remains in its early stages, despite the establishment of a national legislative framework mandating the reporting of health record-related information by both private and government-assisted hospitals. Objective: To assess the level of awareness among hospital IG and clinical staff regarding the privacy and security components of IG in Kumasi, Ghana. Methods: A quantitative study was conducted from September to November 2021. An online survey was administered to a proportionately weighted sample of 330 eligible medical doctors and nurses from our purposively selected hospitals in Kumasi, each with ⩾50 beds. Results: A total of 307 valid responses were obtained, representing a 93% response rate. Over half of the respondents (53%) demonstrated limited awareness of IG programs designed to manage confidential health information. Approximately half (50.3%) reported having knowledge of data breach and privacy policies. The most cited barriers to IG implementation were cost (76.6%, n = 216) and implementation complexity (65.1%, n = 200). Nearly one-quarter of respondents (24.7%) reported having experienced a data breach, with loss of information (24.3%) identified as the most significant potential consequence for their health facilities. Conclusion: The hospitals studied lacked organisation-wide IG program, and overall awareness of health information security among staff was low. Implications for health information management practice: These findings highlight the urgent need for appropriate measures to (a) engage staff and other stakeholders in the development and implementation of IG programs, (b) raise awareness of health information security practices within Ghanaian hospitals and (c) establish formal education programs for professional health information managers.
AchampongE (2017) New bachelor’s degree programme in health information management in Ghana. Journal of Health Informatics & Management1: 2.
2.
AgaTBFeredeYMMekonenEG (2021) Satisfaction and associated factors towards inpatient health care services among adult patients at Pawie General Hospital, West Ethiopia. Plos One16(4): e0249168. DOI: 10.1371/journal.pone.0249168.
3.
BeesleyKMcLeodAHewittB, et al. (2021) Health Information management reimagined: Assessing current professional skills and industry demand. Perspectives in Health Information Management18: 1b.
4.
BentSDhaouB (2015) The architecture facet of information governance: The case of urbanized information systems. Procedia Computer Science64: 1088–1098. DOI: 10.1016/j.procs.2015.08.564.
5.
ButlerM (2013) Keeping information clean. New information governance efforts challenge him to sort out dirty data. Journal of the American Health Information Management Association84(11): 28–31.
6.
ButlerM (2018) IG pulse check: New AHIMA study measures IG adoption rates. Journal of the American Health Information Management Association89(2): 17–21.
DimickC (2014) Slow to the information governance starting line. Journal of the American Health Information Management Association85(10): 44–48.
9.
DongLKeshavjeeK (2016) Why is information governance important for electronic healthcare systems? A Canadian experience. Journal of Advances in Humanities and Social Sciences2(5): 250–260. DOI:10.20474/jahss-2.5.1.
10.
EmpelS (2014) The way forward. AHIMA develops information governance principles to lead healthcare toward better data management. Journal of the American Health Information Management Association85(10): 30–32.
11.
GesulgaJMBerjameAMoquialaKS, et al. (2017) Barriers to electronic health record system implementation and information systems resources: A structured review. Procedia Computer Science124: 544–551. DOI: 10.1016/j.procs.2017.12.188.
12.
Ghaffari HeshajinSSedghiSPanahiS, et al. (2024) A framework for health information governance: A scoping review. Health Research Policy and Systems22(1): 109. DOI: 10.1186/s12961-024-01193-9.
13.
JanettRSYeracarisPP (2020) Electronic medical records in the American Health System: Challenges and lessons learned. Ciencia & Saude Coletiva25: 1293–1304. DOI: 10.1590/1413-81232020254.28922019.
14.
KadlecL (2014) Coming soon to your healthcare facility: Information governance. Journal of the American Health Information Management Association85(8): 26–32.
15.
KhandoKGaoSIslamSM, et al. (2021) Enhancing employees information security awareness in private and public organisations: A systematic literature review. Computers & Security106: 102267. DOI: 10.1016/j.cose.2021.102267.
16.
KwanHRileyMPrasadN, et al. (2022) An investigation of the status and maturity of hospitals’ health information governance in Victoria, Australia. Health Information Management Journal51(2): 89–97. DOI: 10.1177/1833358320938309.
17.
LangloisPPintoAHylenderD, et al. (2023) DBIR 2023 Data Breach Investigations Report 10K 20K 30K about the Cover. DOI: 10.13140/RG.2.2.32362.70085.
18.
LaurieGSethiN (2012) Information Governance of Use of Health-Related Data in Medical Research in Scotland: Towards a Good Governance Framework (Research Paper (2012/13)). Edinburgh School of Law.
19.
McLeodADolezelD (2018) Cyberanalytics: Modeling factors associated with healthcare data breaches. Decision Support Systems108: 57–68. DOI: 10.1016/j.dss.2018.02.007.
20.
McNeillyBJasaniGCavaliereG, et al. (2022) The rising threat of terrorist attacks against hospitals. Prehospital and Disaster Medicine37(2): 223–229. DOI: 10.1017/S1049023X22000413.
21.
MeisnerM (2017) Financial consequences of cyber attacks leading to data breaches in healthcare sector. Copernican Journal of Finance & Accounting6(3): 63–73. DOI: 10.12775/CJFA.2017.017.
PoolJKAkhlaghpourSFatehiF, et al. (2024) A systematic analysis of failures in protecting personal health data: A scoping review. International Journal of Information Management74(102719). DOI: 10.1016/j.ijinfomgt.2023.102719.
25.
RonquilloJGWinterhollerECwiklaK, et al. (2018) Health IT, hacking, and cybersecurity: National trends in data breaches of protected health information. JAMIA Open1(1): 15–19. DOI: 10.1093/jamiaopen/ooy019.
26.
RouzbahaniFAsadiFRabieiR, et al. (2020) Developing a model for national health information governance program in Iran. Journal of Medicine and Life13(4): 510. DOI: 10.25122/jml-2020-0036.
27.
SehAHZarourMAleneziM, et al. (2020) Healthcare data breaches: Insights and implications. Healthcare8(2):133. DOI: 10.3390/healthcare8020133.
28.
ShahSMKhanRA (2020) Secondary use of electronic health record: Opportunities and challenges. IEEE Access8: 136947–136965. DOI: 10.1109/ACCESS.2020.3011099.
29.
SmallwoodRF (2019) Information Governance: Concepts, Strategies and Best Practices. John Wiley & Sons.
30.
StewartHJürjensJ (2017) Information security management and the human aspect in organizations. Information & Computer Security25(5): 494–534. DOI: 10.1108/ICS-07-2016-005.
31.
TekinFCÖcalFS (2023) Attacks on health care worldwide: 5-year review. Eurasian Journal of Emergency Medicine22: 211–215. DOI: 10.4274/eajem.galenos.2023.42223.
32.
WillisonDJTrowbridgeJGreiverM, et al. (2019) Participatory governance over research in an academic research network: The case of Diabetes Action Canada. BMJ Open9(4): e026828. DOI: 10.1136/bmjopen-2018-026828.
33.
ZareiEDaneshkohanAKhabiriR, et al. (2015) The effect of hospital service quality on patient’s trust. Iranian Red Crescent Medical Journal17(1): e17505. DOI: 10.5812/ircmj.17505.
