A FRAMEWORK FOR EFFECTIVE INFORMATION SYSTEM SECURITY MANAGEMENT IN KATSINA STATE HEALTHCARE ORGANIZATIONS

Information security has significant role in Healthcare organizations. The Electronic Health Record (EHR) and patient’s data is considered as very sensitive information in Healthcare environment. This study explored the current countermeasures used and how employers shared their knowledge about the existence of information security countermeasures in order to protect Healthcare Records from possible security threats in healthcare organization. The choice of this study is qualitative research method. It seems too obvious that 'the choice of the research method ought to be determined by the nature of the research problem. The population of the study is made up of 564 staff in the Katsina General Hospital. The researchers have constructed an interview guide that covers eleven relevant questions to four categories of staff which include 5 IT personnel, 15 medical Doctor, 15 nurses and 5 management staff/Administrators in all the three general hospitals located in the study areas were identified as targeted group to meet the requirements for answering the research questions. A conceptual framework was proposed, this framework guides the study of information security countermeasures in healthcare organization in relation to knowledge sharing among employers. The results of the case study shown that, deterrent action, organizational action and preventive action are the countermeasures partially practiced and there is lack of knowledge sharing on the existence of information security countermeasures among employers, some factors were found to be the key resistance factors why employers are not willing to share their knowledge; these include behavior, low security awareness, personality differences, top management commitment and educational background. Keywords— Electronic Healthcare Records, Security and Management, Countermeasures, Knowledge Sharing