An online information security Aaareness model: the disclosure of personal data
- Authors: Parker, Heather Joubert
- Date: 2021
- Subjects: Social media -- Psychological aspects , Social media -- Psychological aspects -- South Africa , Human behavior , Disclosure of information -- Psychological aspects -- Case studies , Personal information management -- Psychological aspects -- Case studies , Data protection -- Psychologial aspects -- Case studies
- Language: English
- Type: text , Thesis , Masters , MCom
- Identifier: http://hdl.handle.net/10962/172329 , vital:42189
- Description: Social media has revolutionized the way people send and receive information by creating a new level of interconnected communication. However, the use of the Internet and social media brings about various ways in which a user’s personal data can be put at risk. This study aims to investigate what drives the disclosure of personal information online and whether an increase in awareness of the value of personal information motivates users to safeguard their information. Fourteen university students participated in a mixed-methods experiment, where they completed a questionnaire before and after being shown the data stored about them by online platforms to determine if changes occur in their intention to disclose. Following completing the initial questionnaire, the participant viewed the personal data stored about them by Facebook, Google, and Instagram. Other online tools such as Social Profile Checker, Facebook View As, and HaveIBeenPawned were used to see the information publicly available about each participant. Together these findings were discussed in a semi-structured interview to determine the influence of attitudes, subjective norms, and awareness on the cost-benefit analysis users conduct when disclosing information online. Overall, the findings indicate that users are able to disregard their concerns due to a resigned and apathetic attitude towards privacy. Furthermore, subjective norms enhanced by FOMO further allow users to overlook potential risks to their information in order to avoid social isolation and sanction. Alternatively, an increased awareness of the personal value of information and having experienced a previous privacy violation encourage the protection of information and limited disclosure. Thus, this study provides insight into privacy and information disclosure on social media in South Africa. It reveals more insight into the cost-benefit analysis users conduct by combining the Theory of Planned Behaviour with the Privacy Calculus Model, as well as the antecedent factors of Trust in the Social Media Provider, FOMO, and Personal Valuation of Information.
- Full Text:
- Date Issued: 2021
An access control model for a South African National Electronic Health Record System
- Authors: Tsegaye, Tamir Asrat
- Date: 2019
- Subjects: Medical records -- Data processing , Medical records -- Data processing -- Safety measures , Medical records -- Data processing -- South Africa , Medical records -- Data processing -- Access control , Medical informatics , Medical records -- Management -- South Africa , Health services administration -- South Africa
- Language: English
- Type: text , Thesis , Masters , MCom
- Identifier: http://hdl.handle.net/10962/97046 , vital:31390
- Description: Countries such as South Africa have attempted to leverage eHealth by digitising patients’ medical records with the ultimate goal of improving the delivery of healthcare. This involves the use of the Electronic Health Record (EHR) which is a longitudinal electronic record of a patient’s information. The EHR is comprised of all of the encounters that have been made at different health facilities. In the national context, the EHR is also known as a national EHR which enables the sharing of patient information between points of care. Despite this, the realisation of a national EHR system puts patients' EHRs at risk. This is because patients’ information, which was once only available at local health facilities in the form of paper-based records, can be accessed anywhere within the country as a national EHR. This results in security and privacy issues since patients’ EHRs are shared with an increasing number of parties who are geographically distributed. This study proposes an access control model that will address the security and privacy issues by providing the right level of secure access to authorised clinicians. The proposed model is based on a combination of Role-Based Access Control (RBAC) and Attribute-Based Access Control (ABAC). The study found that RBAC is the most common access control model that is used within the healthcare domain where users’ job functions are based on roles. While RBAC is not able to handle dynamic events such as emergencies, the proposed model’s use of ABAC addresses this limitation. The development of the proposed model followed the design science research paradigm and was informed by the results of the content analysis plus an expert review. The content analysis sample was retrieved by conducting a systematic literature review and the analysis of this sample resulted in 6743 tags. The proposed model was evaluated using an evaluation framework via an expert review.
- Full Text:
- Date Issued: 2019