Electronic health system integration framework for secure m-health services: a case study of University of Nairobi Hospital

Abstract

The purpose of this research sought to design a secure framework that can be used in M-Health systems development. The researcher used the integrated information theory as a framework for enforcing system security as a holistic approach. To actualize this study, objectives that were meant to guide in carrying out the research were: To evaluate the significance of Confidentiality, Integrity and availability on the security of M-health systems, develop a framework for secure integration of M-Health systems and validate the proposed framework. The researcher used University of Nairobi Hospital because it had Implemented E health system for more than ten years and therefore more data was available for collection and analysis to conduct the research. The study adopted a case study design methodology that included a sample size of forty-four (44) ICT personnel and users of University Health System at the University of Nairobi Hospital. The methodology employed in this research was case study design. A systematic random sampling technique was applied in this study. Data collection methods were observation, conducting interviews and filling questionnaires that were administered to the target population in the University of Nairobi Hospital. It was established that there was significant comprehensive security in the University of Nairobi Health system. In addition, introduction of Pseudonymization to EMRs enhanced patient data security. A secure integration framework was also designed in the study. Recommendations were made to the university of Nairobi Hospital to address the gap of Pseudonymization of patients records in the University Health system. A model was developed and tested using a prototype that was developed using C#, ASP.NET framework, IDE Visual Studio and SQL Server.