Assurance of Information Confidentiality to Ensure Patient Trust in Tshwane Healthcare Centres, South Africa

N/A

Authors

DOI:

https://doi.org/10.25159/2663-659X/19352

Keywords:

information assurance, patient confidentiality, trust, records management, South African healthcare

Abstract

Healthcare facilities in South Africa, including the Tshwane healthcare centres, face persistent challenges in protecting patient information confidentiality, a factor crucial to building and maintaining patient trust. Increasing concerns have emerged regarding the inadequate implementation of information assurance practices, which has led patients to question whether their data are handled securely. This study investigated the assurance of confidentiality as a mechanism for patient trust in selected Tshwane healthcare facilities. A quantitative, multimethod research approach was adopted, supported by qualitative methods, to enhance the credibility of the data. Data collection involved a questionnaire, interviews with unit managers, observation, and content analysis. The participants included 95 selected employees working in information and records management units. The findings show that patients were not fully assured of the safety and confidentiality of their information. Contributing factors include limited time during consultation, rushed administrative processes, and patients’ lack of awareness or interest in data confidentiality practices. Furthermore, institutions struggle to meet the key pillars of information assurance: confidentiality, integrity, and availability. Patients were found to be present but primarily driven by the urgency of receiving medical attention rather than confidence in data protection measures. The study concludes that strengthening confidentiality protocols is essential to re-establish patient trust in Tshwane healthcare centres. Institutions are encouraged to implement well-structured processes through a proposed framework. This will allow them to allocate sufficient time for patient engagement and promote awareness of information confidentiality practices.

Author Biographies

Isaac Mothiba, University of South Africa

Isaac Mpho Mothiba is working as a Research and accreditation specialist in the Advanced Assessments and Training (AAT) and a PhD student at the University of South Africa. He is a research and information specialist who strives within information and records management security. He also serves as an online tutor for undergraduate students in the field of Information Science at the University of South Africa. He also participates in the community, through the provision of reviews for several journals. He is a qualified information and records management specialist with a Master of Information Science that was focused on “Information systems and confidentiality of data in line with POPIA”. His years of experience extend across strategy and research, Data security, Knowledge, Information and Risk management, and learning and development. Currently embarking on a study on infusing Artificial intelligence into Traditional healthcare to support patient care in South Africa

Ngoako Marutha, University of South Africa

Prof Ngoako Marutha is working as a full Professor in the Department of Information Science at the University of South Africa (UNISA). He also serves as a representative of the Unisa Department of Information Science on the International Council on Archives (ICA) and he is an ICA Regular Member of Section on University and Research Institution Archives (ICA/SUV), where he also serve as an executive member for bureau. He is also a regular member for ICA section for Archival education (SAE) and section for the National Assembly. He has recently being appointed ICA New Professionals mentor for year 2023. He is also a member of the South African Society of Archivists and serves on the National Executive Committee as editor-in-chief of the Journal of the South African Society of Archivists. He is also a review editor for the journal Frontiers in Research Metrics and Analytics. He has published several books, chapters and articles in different national and international publications and presented conference papers. His research interest includes knowledge, archives, and records management, especially on patients and hospital records, electronic records, artificial intelligence, internet of things, cloud computing, Blockchain technology, enterprise content management, big data management and police case records security. The other field of his interest includes library management and marketing as well as Open Distance electronic learning (ODeL). His professional industry background includes working as an information and records manager as well as librarian in several public and private institutions over 13 years. He has been in the academic industry over five years so far. He holds Bachelor of Information studies and Bachelor of Information Studies honour from University of the North (UNIN)-now known as University of Limpopo (UL), Master of Information Science and Doctor of literature and philosophy from University of South Africa (UNISA). He serves as external examiner for masters and doctoral research studies for over seven universities.

References

Abbasi, N., and D. A. Smith, D. A. 2024. “Cybersecurity in Healthcare: Securing Patient Health Information (PHI), HIPPA Compliance Framework and the Responsibilities of Healthcare Providers.” Journal of Knowledge Learning and Science Technology 3 (3). https://doi.org/10.60087/jklst.vol3.n3.p.278-287 DOI: https://doi.org/10.60087/jklst.vol3.n3.p.278-287

Anthony, D. L., and C. A. Campos-Castillo. 2015. “Looming Digital Divide? Group Differences in the Perceived Importance of Electronic Health Records.” Information, Communication and Society 18: 832–846. https://doi.org/10.1080/1369118X.2015.1006657 DOI: https://doi.org/10.1080/1369118X.2015.1006657

Atele-Williams, T., and S. Marsh. 2023. “Information Trust Model.” Cognitive Systems Research 80: 50–70. https://doi.org/10.1016/j.cogsys.2023.02.004 DOI: https://doi.org/10.1016/j.cogsys.2023.02.004

Belfrage, S., G. Helgesson, and N. Lynoe. 2022. “Trust and Digital Privacy in Healthcare: A Cross-Sectional Descriptive Study of Trust and Attitudes Towards Uses of Electronic Health Data among the General Public in Sweden.” BMC Medical Ethics 23 (19). https://doi.org/10.1186/s12910-022-00758-z DOI: https://doi.org/10.1186/s12910-022-00758-z

Blumenthal, D. 2010. “Launching Hitech.” New England. Journal of Medicine 362: 382–385. https://doi.org/10.1056/NEJMp0912825 DOI: https://doi.org/10.1056/NEJMp0912825

Bonderud, D. 2023. “Top Healthcare Data Breach Statistics of 2023.” Accessed 25 January 2023. https://ocrportal.hhs.gov/ocr/breach/breach_report.jsf

Boyes, T. 2024. “How to Achieve POPIA Compliance: Competent Checklist.” scytale, 12 August 2024. https://scytale.ai/resources/how-to-achieve-popia-compliance-complete-checklist/

Brudner, E. G., D. S. Fareri, S. G. Shehata, and M. R. Delgado. 2022. “Social Feedback Promotes Positive Social Sharing, Trust, and Closeness.” Emotion 23 (6): 1536–1548. https://doi.org/10.1037/emo0001182 DOI: https://doi.org/10.1037/emo0001182

Campos-Castillo, C., and D. L. Anthony. 2015. “Double-Edged Sword of Electronic Health Records: Implications for Patient Disclosure.” Journal of the American Medical Informatics Association 22: 130–140. https://doi.org/10.1136/amiajnl-2014-002804 DOI: https://doi.org/10.1136/amiajnl-2014-002804

Cherdantseva, Y., and J. Hilton. 2015a. “Information Security and Information Assurance: The Discussion about the Meaning, Scope, and Goals.” PhD diss., Cardi University. https://doi.org/10.4018/978-1-4666-8111-8.ch058 DOI: https://doi.org/10.4018/978-1-4666-8111-8.ch058

Cherdantseva, Y., and J. Hilton. 2015b. “Understanding Information Assurance and Security.” In Organizational, Legal, and Technological Dimensions of IS Administrator, edited by F. Almeida, and I. Portela. IGI Global Publishing.

Chamoli, A., A. Kirsali, and S. Sharma. 2024. “Cyber Attack Prevention Method for Enhanced Privacy of Patients Digital Healthcare Data in Smart Hospitals.” 2024 7th International Conference on Circuit Power and Computing Technologies (ICCPCT), Kollam, India, 2024. https://doi.org/10.1109/ICCPCT61902.2024.10672954 DOI: https://doi.org/10.1109/ICCPCT61902.2024.10672954

Committee on National Security Systems. 2010. “National Information Assurance (IA).” Glossary, CNSS Instruction No. 4009.

Computer Security Resource Center (CSRC). 2024. “Information Assurance.” Accessed 7 May 2025. https://csrc.nist.gov/glossary/term/information_assurance

Creswell, J. W., and J. D. Creswell. 2018. Research Design: Qualitative, Quantitative, and Mixed Methods Approaches. 5th ed. SAGE Publications.

Duggirala, N. V. 2024. “The Future of Patient Data Security: Exploring Emerging Technologies and Collaborative Approaches.” International Journal for Research in Applied Science and Engineering Technology 12 (V): 3231–3239. https://doi.org/10.22214/ijraset.2024.62199 DOI: https://doi.org/10.22214/ijraset.2024.62199

Els, F., and L. Cilliers. 2018. “Privacy Management Framework for Personal Electronic Health Records.” African Journal of Science, Technology, Innovation and Development 10 (6): 725–734. https://doi.org/10.1080/20421338.2018.1509489 DOI: https://doi.org/10.1080/20421338.2018.1509489

Esmalipour, R., P. Salary, and A. Shojaei. 2021. “Trust-Building in the Pharmacist-Patient Relationship: A Qualitative Study.” Iranian Journal of Pharmaceutical Research 20 (3): 20–30.

Glen, S. 2018. “Total Population Sampling.” Statistics How To. Accessed 25 August 2022. https://www.statisticshowto.com/total-population-sampling/

Juta Medical Brief. 2025. “Hackers Target Mediclinic Staff Data.” Accessed 7 June 2025. https://www.medicalbrief.co.za/hackers-target-mediclinic-staff-data/

Lainhart, J. W. 2002. “Information Assurance/Information Security.” Presentation for the Computer System Security and Privacy Advisory Meeting June 13, 2002. Accessed 10June 2022. https://csrc.nist.gov/CSRC/media/Events/CSSPAB-JUNE-2002-MEETING/documents/Lainhart-06-2002.pdf

LexisNexis. 2025. “Trust Definition.” Accessed 7 June 2025, https://www.lexisnexis.co.uk/legal/glossary/trust

Liu, P., M. Yu, and J. Jing. n.d. “Information Assurance.” Accessed 10 June 2022. https://s2.ist.psu.edu/paper/82-info-assurance-v6.pdf

Lott, B. E., C. Campos-Castillo, and D. L. Anthony. 2020. “Trust and Privacy: How Patient Trust in Providers is Related to Privacy Behaviours and Attitudes.” AMIA Annual Symposium Proceedings, March 2020: 487–493.

Kim, M. O., E. Coiera, and F. Magrabi. 2017. “Problems with Health Information Technology and Their Effects on Care Delivery and Patient Outcomes: A Systematic Review.” Journal of the American Medical Informatics Association 24 (2): 246–250. https://doi.org/10.1093/jamia/ocw154 DOI: https://doi.org/10.1093/jamia/ocw154

Mani, T., M. Sakthimohan, E. G. Rani, S. Janani, K. Karthigadevi, and S. Kumar. 2024. “Elliptic Curve Cryptography: Protecting Healthcare Data in the Digital Age.” In 2024 5th International Conference on Electronics and Sustainable Communication Systems (ICESC), Coimbatore, India, 2024, 830–836. https://doi.org/10.1109/icesc60852.2024.10689809 DOI: https://doi.org/10.1109/ICESC60852.2024.10689809

Mathope, V. 2024. “Adoption of Artificial Intelligence to Manage Records in Support of the Claims Management System at the Road Accident Fund in South Africa.” PhD diss., University of South Africa. https://doi.org/10.14293/SBLUNISA.2023a002.vnm DOI: https://doi.org/10.14293/SBLUNISA.2023a002.vnm

Modiba, M. 2023. “Policy Framework to Apply Artificial Intelligence for the Management of Records at the Council for Scientific and Industrial Research.” Collection and Curation 42 (2): 53–60. https://doi.org/10.1108/CC-11-2021-0034 DOI: https://doi.org/10.1108/CC-11-2021-0034

Mothiba, I. M. 2023. “Identifiable Information Management System to Protect Patients’ Confidentiality in Tshwane Healthcare Centres, South Africa”. MA diss., University of South Africa.

Nieles, M., K. Dempsey, and V. Yan Pillitteri. 2017. “Introduction to Information Security.” Accessed 10 June 2022. https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-12r1.pdf DOI: https://doi.org/10.6028/NIST.SP.800-12r1

Norwich University. 2018. “The 5 Pillars of Information Assurance.”

Accessed 12 June 2022.

https://online.norwich.edu/5-pillars-information-assurance

Paul, P. K, and S. Althal2019. “Information Assurance and Allied Aspects Emphasizing IT Risk Management.” International Journal of Advanced Trends in Engineering and Technology 3 (1): 59–62.

Payne, S. 2013. “Building Trust Between Cloud Providers and Consumers.” Accessed 9 June 2022. http://www.networkworld.com/article/2164050/tech-primers/

Peek, M. E., R. Gorawara-Bhat, and M. T. Quinn. 2013. “Patient Trust in Physicians and Shared Decision-Making among African Americans with Diabetes.” Health Communication 28: 616–623. https://doi.org/10.1080/10410236.2012.710873 DOI: https://doi.org/10.1080/10410236.2012.710873

Pool, J., S. Akhlaghpour, F. Fatehi, and A. Burton-Jones. 2024. “A Systematic Analysis of Failures in Protecting Personal Health Data: A Scoping Review.” International Journal of Information Management 74: 102719. https://doi.org/10.1016/j.ijinfomgt.2023.102719 DOI: https://doi.org/10.1016/j.ijinfomgt.2023.102719

Prasanna, G. L. 2025. “Privacy Preserving Data Sharing Cloud-Based Healthcare Systems.” Indian Scientific Journal of Research in Engineering and Management 09 (01): 1–9. https://doi.org/10.55041/IJSREM40474 DOI: https://doi.org/10.55041/IJSREM40474

Pujihastuti, A., and R. I. Sudra. 2014. “Influence of Diagnostic Writing and Knowledge of Medical Records Officers About Medical Terminology on the Accuracy of Diagnostic Codes.” Indonesian Journal of Health Information Management 4 (1): 60–64.

Ramgovind, S., M. M. Eloff, and E. Smith. 2010. “Management of Security in Cloud Computing.” In Information Security for South Africa (ISSA 2010). IEEE. https://doi.org/10.1109/ISSA.2010.5588290 DOI: https://doi.org/10.1109/ISSA.2010.5588290

Schou, C., and S. Hernandez. 2014. Information Assurance Handbook: Effective Computer Security and Risk Management Strategies. McGraw Hill.

Sewell, A. A. 2015. “Disaggregating Ethnoracial Disparities in Physician Trust.” Social Science Research 54: 1–20. https://doi.org/10.1016/j.ssresearch.2015.06.020 DOI: https://doi.org/10.1016/j.ssresearch.2015.06.020

Shen, N., T. Bernier, L. Sequeira, J. Strauss, M. P. Silver, and A. Carter-Langford. 2019. “Understanding the Patient Privacy Perspective on Health Information Exchange: A Systematic Review.” International Journal of Medical Informatics 125:1–12. https://doi.org/10.1016/j.ijmedinf.2019.01.014 DOI: https://doi.org/10.1016/j.ijmedinf.2019.01.014

Singhal, S. 2024. “Data Privacy, Compliance, and Security Including AI ML: Healthcare.” In Practical Applications of Data Processing, Algorithms, and Modeling, edited by Pawan Whig, Sachinn Sharma, Seema Sharma, Anupriya Jain, and Nikhitha Yathiraju. IGI Global. https://doi.org/10.4018/979-8-3693-2909-2.ch009 DOI: https://doi.org/10.4018/979-8-3693-2909-2.ch009

Skolmen, D. and M. Gerber. 2015. “Protection of Personal Information in the South African Cloud Computing Environment: A Framework for Cloud Computing Adoption.” Paper presented at Information Security for South Africa (ISSA) Conference at Johannesburg. https://doi.org/10.1109/ISSA.2015.7335049 DOI: https://doi.org/10.1109/ISSA.2015.7335049

Republic of South Africa. 2013. Republic of South Africa, No. 4 of 2013: Protection of Personal Information Act 2013. Government Printer.

Souvatzi, E., M. Katsikidou, A. Arvaniti, S. Plakias, A. Tsiakiri, and M. Samakouri. 2024. “Trust in Healthcare, Medical Mistrust, and Health Outcomes in Times of Health Crisis: A Narrative Review.” Societies 14 (12): 269. https://doi.org/10.3390/soc14120269 DOI: https://doi.org/10.3390/soc14120269

Stewart, T. J. 2016. “Central Sponsor for Information Assurance: A National Information Assurance Strategy.” Accessed 11 June 2022. https://silo.tips/download/central-sponsor-for-information-assurance-a-national-information-assurance-strat

Thulare, T., M. Herselman, and A. Botha. 2021. “Data Integrity: Challenges in Health Information Systems in South Africa. Conference: Engineering and Technology.” Paper presented at International Journal of Computer and Information Engineering: Paris, France, Dec 28–29, 2020.

Tredger, C. 2025. “Cyber Criminals Close In On SA’s Healthcare Sector – Check Point.” IT Web 8 April 2025. https://www.itweb.co.za/article/cyber-criminals-close-in-on-sas-healthcare-sector-check-point/VgZey7JlXGwqdjX9

Uriawan, W., S. Adriansyah, S. J. Maulidiyah, S. Julianto, and W. Jamil. 2024. “Challenges and Opportunities: Improve Patient Data Security and Privacy in Distributed Systems.” Preprints.org. Posted 2 July 2024. https://doi.org/10.20944/preprints202407.0163.v1 DOI: https://doi.org/10.20944/preprints202407.0163.v1

Young, B. 2015. “Information Assurance and Security: Introduction to IA.” Accessed 09 June 2022, https://www.cs.utexas.edu/~byoung/cs361c/slides1-intro.pdf/

Zimmerman, T., and J. Allen. 2024. “Determining Trust in Information: Initial Literature Review.” Proceedings of the Association for Information Science and Technology 61 (1): 1186–1188. https://doi.org/10.1002/pra2.1226 DOI: https://doi.org/10.1002/pra2.1226

Published

2025-07-28

How to Cite

Mothiba, Isaac, and Ngoako Marutha. 2025. “Assurance of Information Confidentiality to Ensure Patient Trust in Tshwane Healthcare Centres, South Africa: N A”. Mousaion: South African Journal of Information Studies, July, 22 pages . https://doi.org/10.25159/2663-659X/19352.

Issue

Section

Articles