A Critical Review of Information Security and Privacy in Electronic Healthcare Systems: Implications and Future Research for Kenyan Healthcare Systems

Abstract

Objectives: The paper aims to critically examine existing literature on information security and privacy challenges in Electronic Healthcare Systems (EHCS) at Jaramogi Oginga Odinga Teaching and Referral Hospital (JOOTRH), Kenya. It evaluates the efficacy of current security protocols and identifies key vulnerabilities, such as unauthorized access and data breaches, in safeguarding patient data. Justification: With the growing prevalence of EHCS and increasing concerns over data security, this review highlights the urgent need to address vulnerabilities in the existing systems. By focusing on under-researched areas like cross-facility data exchange and real-time monitoring, the study underscores the importance of identifying literature gaps to enhance patient data protection in Kenyan healthcare systems. Results: The review identifies critical security threats, such as unauthorized access, data breaches, and insufficient cross-facility data exchange protocols. It also reveals that current frameworks have limitations in addressing these threats and emphasizes the need for improved encryption protocols, better user training, and enhanced collaboration between healthcare facilities and EHCS developers. Conclusion: The findings suggest that there is a pressing need for more robust security measures and collaborative efforts between stakeholders to mitigate security risks in EHCS. This review provides recommendations for healthcare institutions and developers to strengthen electronic health records protection and lays the groundwork for future research to develop a comprehensive information security framework tailored to the challenges in Kenyan and other developing healthcare systems.