Information Privacy Concerns in Electronic Medical Records: A Preliminary Investigation

Conference paper
Part of the Lecture Notes in Business Information Processing book series (LNBIP, volume 185)


Due to the growing development and integration of technology in healthcare domain, the amount of electronic medical records (EMR) denoting as big data characteristic are being collected by healthcare organizations have increased. Previous researches agreed that if the record is related with medical information, there is a need to ensure the privacy of these information. To address these concerns, it must be ensured that EMR are collected and communicated securely, accessed only by authorized parties and are not being disclosed to unauthorized parties when disseminated. In Malaysia, healthcare organizations need to ensure the privacy of EMR in compliance of Personal Data Protection Act (PDPA) 2010. This preliminary study is aimed to explore and understand the influencing factors of information privacy concerns in EMR. Seven (7) respondents were individually interviewed to explore the influencing factors they had experienced. This paper highlights six (6) constructs that emerged based on the research questions derived from the in-depth interviews. The findings of this on-going study proceed with designing a conceptual model.


Privacy concerns Healthcare environment Big data Electronic medical records 



This study is funded by Zamalah Scholarship provided by Universiti Teknologi Malaysia (UTM).


  1. 1.
    Mont, M.C., Pearson, S., Creese, S., et al.: A conceptual model for privacy policies with consent and revocation requirements. In: Fischer-Hübner, S., Duquenoy, P., Hansen, M., et al. (eds.) Privacy and Identity 2010. IFIP AICT, vol. 352, pp. 258–270. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  2. 2.
    Manyika, J., Chui, M., Brown, B., et al.: Big Data: The Next Frontier for Innovation, Competition, and Productivity. McKinsey Global Institute, San Francisco (2011)Google Scholar
  3. 3.
    Ghazinour, K., Majedi, M., Barker, K.: A lattice-based privacy aware access control model. In: 2009 International Conference on Computer Science Engineering. IEEE, Vancouver, BC, pp. 154–159 (2009)Google Scholar
  4. 4.
    Abdul Rahim, F., Ismail, Z., Samy, G.N.: Security issues in electronic health record. Open Int. J. Inf. 1, 59–68 (2013)Google Scholar
  5. 5.
    Abdul Rahim, F., Ismail, Z., Samy, GN.: A conceptual model for privacy preferences in healthcare environment. In: Uden, L., Wang, LSL., Rodríguez, JMC., et al. (eds.) 8th International Conference on Knowledge Management in Organizations Social and Big Data Computing for Knowledge Management, pp. 221–228. Springer, Netherlands (2014)Google Scholar
  6. 6.
    Tankard, C.: Big data security, Netw. Secur. 2012, 5–8 (2012). doi:10.1016/S1353-4858(12)70063-6
  7. 7.
    Varonis.: Big data and infosecurity: research report (2012)Google Scholar
  8. 8.
    Samy, GN., Ahmad, R., Ismail, Z.: Threats to health information security. In: 2009 Fifth International Conference on Information Assurance and Security, IEEE, pp 540–543 (2009)Google Scholar
  9. 9.
    Ponemon Institute.: Third Annual Benchmark Study on Patient Privacy & Data Security (2012)Google Scholar
  10. 10.
    Westin, A.F.: Privacy and Freedom. Bodley Head Ltd, New York (1967)Google Scholar
  11. 11.
    Parks, R., Chu, C.-H., Xu, H.: Healthcare information privacy research: issues, gaps and what next? In: Proceedings of 2011 Americas Conference on Information Systems (2011)Google Scholar
  12. 12.
    Garfinkel, R., Gopal, R., Goes, P.: Privacy protection of binary confidential data against deterministic, stochastic, and insider threat. Manage. Sci. 48, 749–764 (2002)CrossRefGoogle Scholar
  13. 13.
    Thatcher, M.E., Clemons, E.K.: Managing the costs of informational privacy: pure bundling as a strategy in the individual health insurance market. J. Manag. Inf. Syst. 17, 29–57 (2000)CrossRefGoogle Scholar
  14. 14.
    Munir, A.B., Yasin, S.H.W.: Personal Data Protection in Malaysia. Sweet & Maxwell Asia, Petaling Jaya (2010)Google Scholar
  15. 15.
    Parks, R., Chu, C.-H., Xu, H., Adams, L.: Understanding the drivers and outcomes of healthcare organizational privacy responses. In: 32nd International Conference on Information System, pp 1–20 (2011)Google Scholar
  16. 16.
    Appari, A., Johnson, M.E.: Information security and privacy in healthcare: current state of research. Int. J. Internet Enterp. Manag. 6, 279–314 (2010)CrossRefGoogle Scholar
  17. 17.
    Culnan, M.J., Williams, C.C.: How ethics can enhance organizational privacy: lessons from the choicepoint and TJX data breaches. MIS Q. 33, 673–687 (2009)Google Scholar
  18. 18.
    Kolter, J., Pernul, G.: Generating user-understandable privacy preferences. In: 2009 International Conference on Availability, Reliability and Security, IEEE, Fukuoka, pp. 299–306 (2009)Google Scholar
  19. 19.
    Smith, H.J., Dinev, T., Xu, H.: Information privacy research: an interdisciplinary review. MIS Q. 35, 989–1015 (2011)Google Scholar
  20. 20.
    Smith, H.J., Milberg, S.J., Burke, S.J.: Information privacy: measuring individuals’ concerns about organizational practices. MIS Q. 20, 167–196 (1996)CrossRefGoogle Scholar
  21. 21.
    Malhotra, N.K., Kim, S.S., Agarwal, J.: Internet users’ information privacy concerns (IUIPC): the construct, the scale, and a causal model. Inf. Syst. Res. 15, 336–355 (2004). doi: 10.1287/isre.1040.0032 CrossRefGoogle Scholar
  22. 22.
    Campbell, A.J.: Relationship marketing in consumer markets: a comparison of managerial and consumer attitudes about information privacy. J. Dir. Mark. 11, 44–57 (1997)CrossRefGoogle Scholar
  23. 23.
    Nguyen, D.H.: Perceptions and Attitudes Towards Tracking and Recording Technologies in Everyday Life. University of California, San Francisco (2011)Google Scholar
  24. 24.
    Abdul Rahim, F., Ismail, Z., Samy, GN.: Information privacy concerns in electronic healthcare records: a systematic literature review. In: 3rd International Conference on Research and Innovation in Information Systems – 2013, pp. 504–509 (2013)Google Scholar
  25. 25.
    Yin, R.K.: Qualitative Research from Start to Finish. Guilford Press, New York (2010)Google Scholar
  26. 26.
    Creswell, J.W.: Education Research: Planning Conducting and Evaluating Quantitative and Qualitative Research. Pearson, Boston (2012)Google Scholar
  27. 27.
    Creswell, J.W., Clark, V.L.P.: Designing and Conducting Mixed Methods Research, 2nd edn. Sage Publications Inc, Thousand Oaks (2011)Google Scholar
  28. 28.
    Barbour, R.S.: Introducing Qualitative Research. Sage Publications Inc, Thousand oaks (2008)Google Scholar
  29. 29.
    Glesne, C.: Becoming Qualitative Researchers. Pearson, Boston (2011)Google Scholar
  30. 30.
    Hesse-Biber, S.N., Leavy, P.: The Practice of Qualitative Research. Sage Publications Inc, Thousand Oaks (2006)Google Scholar
  31. 31.
    Patton, M.Q.: Qualitative Research and Evaluation Methods, 3rd edn. Sage Publications Inc, Thousand Oaks (2002)Google Scholar
  32. 32.
    Miles, M.B., Huberman, A.M.: Qualitative Data Analysis: An Expanded Sourcebook. Sage Publications Inc, Thousand Oaks (1994)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  1. 1.Advanced Informatics School (AIS)Universiti Teknologi MalaysiaKuala LumpurMalaysia

Personalised recommendations