Medical Information Breaches Occurrence with Respect to Social Media Usage, in Selected Medical Institutions in Uganda

Abstract

The purpose of this manuscript is to present research findings based on the reported cases of medical information breaches due to Social Media (SM) usage, in selected medical institutions in Uganda. The study employed online survey techniques. Altogether, 710 questionnaires (Google forms) were developed, and operationalized. The main respondents included 566 medical students, and 143 medical staff from Mbarara University of Science and Technology (MUST), and Kampala International University (KIU), accordingly. Using SPSS, the main statistical analysis tools employed include frequency distribution summary, and Chi-square (x2) test. According to the frequency distribution summary, 27% to 42% of the respondents within categorical divides acknowledged occurrence of medical information breaches due to SM usage. Notably, higher levels of the breaches were reported among male students (64%), age-group 18 to 35 years (68%), and WhatsApp users (63%). On the other hand, Chi-square results showed significant levels (p < 0.05) of association between gender and medical information breaches, as well as age-group and medical information breaches. However, Chi-square results yielded insignificant results (p > 0.05) between medical institutions and medical information breaches. Overall, the vulnerable areas of the breaches identified would serve as important reference points in the process of rationalizing SM usage in medical institutions. Nevertheless, further studies could focus on identification of the key SM usage factors associated with medical information breaches in medical institutions in Uganda.

Share and Cite:

Mutebi, J. , Kareyo, M. , Chinecherem, U. , Muhaise, H. , Akampurira, P. and Okello, M. (2022) Medical Information Breaches Occurrence with Respect to Social Media Usage, in Selected Medical Institutions in Uganda. Journal of Computer and Communications, 10, 10-33. doi: 10.4236/jcc.2022.1010002.

1. Introduction

From historical perspectives, the embracement levels of SM usage in medical operations have been proliferating since 2010, [1] [2] [3] [4] . At the onset of its proliferation, SM was mainly used in informal settings, supporting largely personal and social needs of individual users, with minimal reported cases of medical information breaches in the mainstream medical settings, [1] [2] [5] . Before 2013, IT related breaches accounted for less than 10% of the overall forms of healthcare data breaches, but later surpassed all the other forms of healthcare breaches by 2015, [1] [6] . Eventually, by 2019, IT was reported as one of the most dominant form of healthcare data breaches in healthcare industry, accounting for over 90% of the overall forms of healthcare breaches, with global estimated cost of $6.45 million, [6] [7] . In Uganda, a study by Alunyu, et al. [8] indicates that 22% to 31% of respondents reported IT related breaches in medical records in hospital sites in Uganda, [8] . Recently, among the global IT related breaches reported, SM accounted for more than 56% of the 4.5 billion of information records compromised in 2018, [1] [7] .

Remarkably, the progressive embracement of SM usage in the mainstream medical settings, coupled with the growth in electronic healthcare information systems, coincided with the growing demands for effective management of electronic medical information, [4] [9] . With respect to SM usage and medical training/clinical operations, electronic medical information serve the roles of teaching/learning, research, as well as providing medical services, [2] [3] . In this case, SM usage enhances real-time interactions by effectively sharing clinical contents, and generating faster feedback among medical students, medical staff including supervisors, and stakeholders, [9] [10] [11] . However, the pressing demand for preserving medical information safety remains a pertinent issue in medical training and clinical operations, [2] [3] [4] .

1.1. Literature Review

In Uganda, over 1500 medical (MBChB) students in a semester session are often deployed across multiple clinical rotations—junior and senior clerkships, [12] [13] . In their clinical years, medical students start getting involved in patient care while attaining hands-on, as well as acquiring professional experience in various domain of medicine including ethical conducts, under expert guidance. At this level of medical training, SM usage becomes a valuable tool in providing a network-space for effective interactions and communication among medical students, medical staff including supervisors, and stakeholders, [11] [14] . According to Abraham et al. (2018), skills in time management are considered significant for medical training as students are often confronted with multitasking set of activities, [11] .

However, medical institutions are still conservative in ratifying SM usage in their operations, [10] [15] . This caution is often attributed to various anticipated challenges, and risks often linked to SM usage, especially in the area related to preserving medical information safety, [2] [3] [4] . According to Pander et al. [4] analysis study of the previous literatures on SM usage in medical institutions, 0.02% to 16% of medical students using SM had acted in unethical way. According to Kaddu & Mukasa [16] study of SM usage in higher education in Uganda, 29% to 38% of students got involved in unethical behaviors, including medical information breaches, [17] . Recently, Alunyu, et al. [8] study indicates that 22% to 31% of respondents reported IT related breaches in medical data in healthcare sites in Uganda. Globally, among IT related breaches, SM incidents accounted for more than 56% of the 4.5 billion of information records compromised in 2018, [1] [7] . The negative implications of medical information breaches include loss of trust and reputations, legal suit, or financial harm, etc., [3] [4] [18] [19] . According to Liaw & Hannan [20] , 49.1% of patients in Australia confirmed withholding information from clinicians based on privacy and confidentiality concerns, [21] . In healthcare industry, the global estimated cost of electronic data breaches in 2019 was $6.45 million, [6] [7] .

In Uganda, the main statutory instrument safeguarding patient’s rights to medical information safety are specified by patient’s charter of 2009, revised in 2019, [22] [23] [24] . Section 1, article 15 of the charter stipulates patient’s rights to privacy and confidentiality during consultation, as well as accessing treatment, [24] . According to the article, identifiable medical information, including treatment plan, can be divulged through informed consent, or when needed by court order. However, healthcare institutions or healthcare providers could permit medical record to a third party in the following circumstances: 1) “That the disclosure is for the purpose of patient’s treatment by another healthcare worker”. 2) “That the disclosure of information is vital for the protection of the healthcare of others or the public, and that the need for disclosure overrides the interest in the information’s non-disclosure”. 3) “That the disclosures are for the purpose of publication in a medical journal or for research or teaching purposes if all details identifying the patient have been concealed”. Therefore, to mitigate the challenge of medical information breaches (especially Section 3), clinical students, and medical staff sharing clinical contents on SM are mandated to safeguard the confidentiality of patient’s identifiable medical information on SM, [23] [24] . In this case, medical information breaches could occur when identifiable medical information are acquired, accessed, used or disclosed without the guidelines stipulated by the charter—sections 1), 2) and 3) above, [18] .

Unfortunately, despite the high embracement levels of SM usage reported in medical training, and clinical operations, medical institutions in Uganda still lack concerted policy to guide on SM usage in their operations, [1] [10] [17] . Formalizing SM usage would help to enforce management control, and accountability in SM usage in case of breaches, and would protect medical institutions against uncensored usage of SM by stakeholders. This would salvage medical institutions against negative consequences such as; loss of trust and reputations, legal suit, or financial harm, [3] [4] [5] [10] [18] [19] . In this case, the study is focused on providing a basis for rationalizing the challenges associated with SM usage in medical training, and clinical operations, [3] . The study outcome would support strategic development process, including curricula and policies development, in line with SM usage in medical training, including clinical operations. Thus, the study was intended to investigate the characteristics of medical information breaches due to SM usage, in selected medical institutions in Uganda.

1.2. Objectives

The main objective of this study was to examine the characteristics of SM usage and medical information breaches occurrence, in selected medical institutions in Uganda. Specifically, the study was focused on the following specific objectives:

1) Establish the prevalence of medical information breaches occurrence due to SM usage, in selected medical institutions in Uganda.

2) Identify the vulnerable areas of SM usage with respect to medical information breaches, in selected medical institutions in Uganda.

3) Examine the association relationships between the demographic profiles and medical information breaches occurrence.

2. Methodology

The study employed online survey, using structured questionnaires (Google forms). The questionnaire items consisted of 4 sections: 1) Introduction; explaining the intention of the researcher, the purpose of data collection, and anonymity assurance to respondents. 2) Demographic profiles; covers demographic characteristics of the respondents. 3) SM usage; covers the types of SM platform used, and the level of SM usage engagement. 4) Medical information breaches; covers medical information breaches occurrence, frequency of medical information breaches, and medical information breaches factors—the items include; a) medical information on SM are obtained and used without informed consent. b) Identifiable medical information on SM are disclosed illegally. c) Identifiable medical information on SM are shared to third party illegally. These items were derived as guided by patient’s charter of 2019, stipulating patient’s rights to medical information safety in Uganda, [22] [24] . The measures of the items were developed with 5-points Likert scales, including; “1 = strongly disagree, 2 = disagree, 3 = neutral, 4 = agree, and 5 = strongly agree”, [25] [26] . Therefore, based on the questionnaire developed, the researcher collected data on demographic profiles, SM usage characteristics, and medical information breaches. However, verbal consultations, and document review were conducted to probe, and substantiate some of the facts which were limitedly captured through questionnaire method, for instance the other types of SM platforms used among respondents.

2.1. Study Population

The study population (N) was constituted by 2300 medical (MBChB) students, and 175 medical staff including supervisors, [13] [27] . The population members were identified from 2 selected medical institutions in Uganda; 1) Mbarara University of Science and Technology (MUST) Faculty of Medicine; 2) Kampala International University (KIU) Faculty of Clinical Medicine and Dentistry. Both MUST and KIU have dedicated teaching hospital sites, handling over 1500 medical students in a single semester session, [27] [28] . The criterion used in selecting the medical institutions was based on recognition by national authority, which signify a better status of system establishment favorable for such a study, [28] [29] . From MUST, the estimated population of medical (MBChB) students in a semester session is 800, and the number of corresponding medical staff and supervisors are 75; while at KIU, the estimated population of medical (MBChB) students within a semester session is 1500, and the corresponding medical staff and supervisors are 100. Overall, the total estimated target population was 2300 + 175 = 2475, respectively, [13] [27] . In this case, the appropriate sample size was determined based on the estimated population of 2475.

2.2. Sample Size

Therefore, using the target population (N) of 2475, appropriate sample size (n) was determined using Morgan and Krejcie population and sample size table, [30] [31] . Taking into considerations the finite and heterogeneous characteristics of the population. In this case, the researcher intended to include all the sub-groups into the study sample. Therefore, Morgan and Krejcie technique was considered appropriate for determining the sample size, since the technique takes into consideration the heterogeneous characteristics of the population, confidence interval level of 95%, and minimum response rate of 50%, [30] [32] . Therefore, using Morgan and Krejcie method, the researcher then derived the sample size using population and sample size table, [30] [31] [33] . Table 1 below indicates the target population, and the expected sample sizes derived within

Table 1. Population and sample size.

Based on population and sample size table, [30] [31] .

each population sub-group, which add up to the composite sample size of 706 including medical students, and respective medical staff from both MUST and KIU.

Sampling Method

From the target population identified, proportional stratified sampling was used to ensure that all the categories of potential respondents in the target population were fairly represented in the sample study. Taking into consideration the estimated minimum response rate of 50%, [34] . In this case, the researcher stratified sub-groups of medical (MBChB) students in year 3, 4 and 5, together with corresponding medical staff. Subsequently, simple probability sampling was then carried out within each stratum (sub-group). The advantage of proportional stratified sampling is that the unique proportionality of the sub-group identified in the target population is retained in the study sample, (Taherdoost, 2016). While, simple probability sampling within sub-group ensured that all the members within the sub-group were given equal probability chance of being selected in the final study sample, [30] [34] .

Approximately, the sample size presented in Table 2 was exaggerated to cater for errors that could arise due to low response rate, or elimination due to data cleaning process, [30] . Therefore, a total of 740 online questionnaires were disbursed to respondents consisting of 580 medical students, and 160 medical staff. In response, a total of 718 questionnaires were duly filled and returned by respondents. However, after conducting data cleaning process and sorting, the valid questionnaires considered were 710. Thereafter, the valid questionnaires were coded and captured into SPSS software. Subsequently, the datasets were summarized and sanctioned for analysis, as guided by specific objectives.

2.3. Data Analysis

After data collection, datasets were cleaned and prepared for analysis. In this case, data processing dealt with the following sets of activities; 1) questionnaire checking to eliminate improper questionnaires; thus 5 questionnaires were found inadequate, where instructions were not followed properly, while 3 were incomplete. 2) 5 questionnaires were edited to correct anomalies including illegibility, incomplete data, inconsistent, and vague answers. 3) Coding was then done to allocate alpha and numeric codes to responses that did not have them so that objective statistical methods could be applied on SPSS, [30] [32] . Eventually, 710 valid questionnaires were considered and sanctioned for analysis using appropriate statistical tools outlined in the following sections.

Data analysis was performed using SPSS version 26 software, supported by MS Excel. The advantage of SPSS is its ability of being comprehensive, and can easily import and presents datasets captured from other sources, specifically data captured using Google form linked to MS Excel format, and later exported to SPSS environment. Altogether, appropriate statistical tools employed included univariate, and bivariate statistical analysis tools; 1) univariate analysis tools included frequency counts, percentage distributions, and measure of central tendency—mean, median and mode. 2) Bivariate analysis statistical tools included graphical visual display such as; tables, frequency tables, and charts. For association between variables, Chi-square (x2) test was conducted to determine the type and strength of associations between the variables. Altogether, the detailed analysis results and discussions are presented in Section 3, 4 and 5, accordingly.

3. Results

The researcher summarized and presented the results using narrative, and simple graphical illustrations including charts and tables. The key items considered under frequency counts, include; respondent’s demographic profiles, SM usage characteristics, and medical information breaches, respectively. However, for association between variables, Chi-square (x2) test was performed. The analysis results within each section are outlined with brief narratives of the key outputs of the section. However, detailed discussion and interpretation of the analysis results are stipulated in Section 4.

3.1. Demographic Profiles

The main respondents used in this study include 566 medical students, and 143 medical staff, respectively. Therefore, with respect to the selected medical institutions, MUST and KIU, Table 2 summarizes and presents the demographic profiles of the respondents, showing the representativeness of the members within the category divides. Thus, indicating the frequency counts, and the corresponding percentage distributions, accordingly.

Table 2. Demographic profile, with respect to medical institutions.

According to Table 2 above, MUST and KIU demographic datasets show similar trends in percentage distributions within the category divides; male students (MUST: 58%, KIU: 56%) compared to female students (MUST: 42%, KIU: 44%). Notably, the higher percentage representation within student’s categories include; age-group: 18 - 25 (MUST: 75%, KIU: 64%); nationality: Ugandan (MUST: 90%; KIU: 88%); year of study: year 3 (MUST: 49%; KIU: 49%); denomination: catholic (MUST: 52%; KIU: 32%); medical department (MUST dermatology: 16%; KIU pediatrics: 13%). Figure 1 below shows gender percentage distribution, with respect to medical institutions (MUST n = 260 students, n = 63 staff; KIU n = 306 students, n = 80 staff).

Figure 1. Gender percentage distribution, with respect to medical institution.

3.1.1. SM Usage Characteristics, with Respect to Medical Institutions

According to Mirembe, Lubega & Kibukamusoke [17] , SM usage is more dominant in higher educational institutions compared to other formal settings in Uganda. And, according to Olum & Bongomin [13] , over 90% of medical students in Uganda are using SM in their operations. Thus, the most dominant SM platforms in medical institutions in Uganda include; WhatsApp, Facebook, Twitter, and YouTube, [13] [17] . Therefore, the selected medical institutions, and SM platforms used in this study would fit within the geographical and content scope definition of the study. Table 3 below summarizes and presents SM usage characteristics, with respect to the selected medical institutions (MUST and KIU), indicating the frequency counts, and percentage distributions within the category divides, accordingly.

Table 3. SM usage characteristics, with respect to medical institutions.

Remarkably, the leading types of SM platforms reported among respondents include; WhatsApp (MUST: 97%; KIU: 98%), Facebook (MUST: 78%; KIU: 76%), Twitter (MUST: 62%; KIU: 66%), and YouTube (MUST: 52%; KIU: 61%). The other upcoming types of SM platforms reported among medical students include; TikTok, Instagram, Pinterest and Snapchat. However, it should be noted here that, the response options on types of SM platform were independent responses.

On the other hand, the leading SM usage engagement categories were reported among students; experience in SM usage: > 5 years (MUST: 79%; KIU: 76%), frequency of SM usage: always and often (MUST: 75%; KIU: 74%), number of contacts/friends connected: > 150 (MUST: 69%; KIU: 82%). Notably, the level of SM usage engagement categories among medical student ranges from 72% to 94%, compared to medical staff (55% to 70%). Overall, 77% to 87% of the respondents across category divides acknowledged sharing medical data on SM. Whereby, the lowest level was reported among MUST staff (77%), and the highest level was reported among KIU students (87%). Figure 2 below shows the types of SM platform within students category divides, with respect to medical institutions, (MUST n = 260, KIU n = 306)

Figure 2 shows similar trends in percentage distribution reported among MUST and KIU student. The other SM usage engagement factors (experience of SM usage, frequency of SM usage, and contacts/friends connected) in Table 3 also showed some levels of uniformity in percentage distribution between the two institutions (MUST and KIU).

3.1.2. Medical Information Breaches

With respect to medical information breaches, 2 perspectives of questionnaire items were developed to measure medical information breaches; 1) occurrence of medical information breaches, with responses: yes/no; 2) medical information breaches items, developed with 5-points Likert scale measures. Therefore, with respect to medical information breaches item, with yes/no responses, 27% to 42% of the respondents within category divides acknowledged occurrence of medical information breaches, due to SM usage. Whereby, the lowest level of medical information breaches were reported among MUST staff (27%), and the highest level were reported among KIU students (42%). Nevertheless, the percentage distribution of the breaches within demographic profiles include; medical students: yes (MUST: 40%, KIU: 42%) compared to medical staff: yes (MUST: 27%, KIU: 35%). Figure 3 below shows the response on medical information breaches reported within title categories (students, and staff), with respect to medical institutions (MUST n = 260 students, n = 63 staff; KIU n = 306 students, n = 80 staff).

Figure 2. Types of SM platform, with respect to medical institutions.

Figure 3. Medical information breaches within title, with respect to medical institutions.

According to Figure 3, higher levels of medical information breaches were reported among medical students, compared to medical staff. Thus, medical students: yes (MUST: 40%; KIU: 42%); compared to medical staff: yes (MUST: 27%; KIU: 36%). Comparatively, the percentage distributions among MUST, and KIU show higher percentage distributions, compared to related studies in Uganda, [3] [4] [8] [17] . For instance, Alunyu, et al. [8] study indicates that 22% to 31% of respondents reported IT related breaches in medical information in hospital sites in Uganda. Nevertheless, the disparity in percentage distribution could also be attributed to the slight over-edge in population and sample size used, or differences in study objectives or methodologies used. Figure 4 shows the responses on medical information breaches reported, within gender, with respect to medical institutions, (MUST n = 189 male, n = 134 female; KIU n = 218 male, n = 169 female).

Figure 4. Medical information breaches within gender, with respect to medical institutions.

Table 4 presents percentage distributions of medical information breaches within selected demographic profile, and SM usage engagement categories. In this case, the key categories selected include; gender, age-group, experience in SM usage, and contacts/friends connected.

Table 4. Medical information breaches, within key categories.

According to Table 4, the breaches were highly reported among; male respondents: yes (MUST: 60%, KIU: 58%) compared to female respondents: yes (MUST: 40%; KIU: 42%); age-group 18 - 25 years: yes (MUST: 63%; KIU: 54%) compared to the other categories, 26 - 46 years: yes (MUST: 37%; KIU: 46%); experience of SM usage: more than 6 years: yes (MUST: 58%; KIU: 43%) compared to the other categories, less than 6 years: yes (MUST: 42%; KIU: 57%); contacts/friends connected, more than 200: yes (MUST: 46%; KIU: 43%) compared to the other categories, less than 200: yes (MUST: 54%; KIU: 57%). However, with respect to types of SM platform, the breaches were highly reported among; WhatsApp users: yes (MUST: 61%; KIU: 66%) compared to the other categories: yes (MUST: 39%; KIU: 44%).

On the other hand, the frequency in medical information breaches category helps to gauge the rate at which medical information breaches occurs. The measures include; “1 = never”, “2 = rarely”, “3 = sometimes”, “4 = often”, and “5 = always”. Among the different categorical responses, 5% to 32% of the respondents acknowledged some level of frequency in medical information breaches, due to SM usage. Whereby, the lowest level of frequency was reported among KIU staff (5%), and the highest level was reported among MUST students (32%). With respect to demographic profiles, and SM usage engagement, higher level of frequency in medical information breaches was reported among male student category (11% to 58%), and WhatsApp users (44% to 62%). Figure 5 presents the percentage distribution in medical information breaches within title (students, and staff), with respect to medical institutions (MUST n = 260 students, n = 63 staff; KIU n = 306 students, n = 80 staff).

Figure 5. Frequency in medical information breaches, with respect to medical institutions.

Furthermore, with respect to the 5-Points Likert scale measures, 3 items were used to capture respondent’s opinions on the level of medical information breaches, due to SM usage. The items include; 1) medical information on Social Media are obtained and used without informed consent. 2) Identifiable medical information on Social Media are disclosed illegally. 3) Identifiable medical information on Social Media are shared to third party illegally, [22] [24] . Figure 6 below shows the percentage distribution level of agreement based on medical information breaches within gender, with respect to medical institutions, (MUST n = 260 students, n = 63 staff; KIU n = 306 students, n = 80 staff).

According to Figure 6, the level of agreement (agree + strongly agree) within gender, with respect to medical institutions include; male: agree + strongly agree (MUST: 53%, KIU: 42%) compared to female: agree + strongly agree (MUST: 35%, KIU: 31%). Overall, 31% to 53% of the respondents within gender category divides agreed with some levels of medical information breaches. However, the percentage distribution is higher among MUST, and male respondents compared to KIU, and female respondents, respectively. Relatively, the results for the Likert scale (31% to 53%) is slightly higher compared to the categorical response (yes/no) range (27% to 42%). The extreme percentage figure for Likert scale response for MUST (53%) could also be attributed to outlier factors, since the corresponding result for KIU (42%) is within the categorical range (27% to 42%).

Figure 6. Medical information breaches, levels of agreement.

However, with respect to age-group, the level of agreement (agree + strongly agree) include; 18 - 25 years: agree + strongly agree (MUST: 50%, KIU: 43%); 26 - 35 years: agree + strongly agree (MUST: 42% KIU: 31%); 36 - 45 years: agree + strongly agree (MUST: 34%, KIU: 33%); above 45 years: agree + strongly agree (MUST: 54%, KIU: 41%). Relatively, the levels of agreement is uniform within the age-group categories, but higher among MUST respondents compared to KIU respondents (Table 5). Overall, 31% to 54% of the respondents within age-group categories agreed with some levels of medical information breaches. Table 5 presents the levels of agreement in medical information breaches within age-group, with respect to medical institutions, (MUST n = 260 students, 63 staff; KIU n = 306 students, 80 staff).

Table 5. Levels of agreement within age-group, with respect to medical institutions.

It should be noted that, the percentage distributions in Table 5, and Figure 6 were interpreted within gender, and age-group categories, respectively. However, for detailed association between variables, Chi-square (x2) test was conducted to examine the level of association existing between selected demographic profiles, and medical information breaches occurrence.

3.2. Association between Variables

Eventually, Chi-square (x2) test was conducted to examine the level of association existing between selected categorical variables, and medical information breaches reported. The key categorical variables used include medical institution (MUST and KIU), gender, and age-group. Chi-square test was conducted at the critical alpha (α) value of 0.05. In this case, for all the 3 categorical variables, null hypothesis (H0) states that there is statistically no significant difference between medical institutions/gender/age-group, and medical information breaches occurrence reported. While alternative hypotheses include the following:

H1: there is statistically significant difference between medical institutions (MUST and KIU) and medical information breaches occurrence reported. In this case, Chi-square (x2) results generated (x2 = 7.890, df = 4, p = 0.096) show insignificant difference between medical institutions (MUST and KIU) and medical information breaches reported. The results also reinforce the earlier position reported, where MUST and KIU datasets showed similar trends in percentage distributions within the medical information breaches category divides, with respect to medical institution, (Table 4).

H2: there is statistically significant difference between gender and medical information breaches occurrence reported. In this case, Chi-square (x2) results generated (x2 = 17.348, df = 4, p = 0.002) show significant difference between gender and medical information breaches occurrence reported. However, within medical institutions, Chi-square (x2) results generated for MUST (x2 = 17.822, df= 4, p = 0.001) shows significant difference between gender and medical information breaches, while KIU (x2 = 6.084, df = 4, p = 0.193) shows insignificant association between gender and medical information breaches occurrence.

H3: state that there is significant difference between age-group and medical information breaches reported. In this case, Chi-square (x2) results generated (x2 = 23.738, df = 12, p = 0.022) show significant association between age-group and medical information breaches occurrence reported. However, within medical institutions, Chi-square (x2) results generated for MUST (x2 = 17.872, df = 12, p = 0.120), and KIU (x2 = 15.631, df = 12, p = 0.209) both show insignificant association between age-group and medical information breaches occurrence reported.

4. Demographic Profiles

According to Table 2, MUST and KIU datasets show similar trends in percentage distributions within the category divides, where male students (MUST: 58%, KIU: 56%) registered higher percentage compared to female students (MUST: 42%, KIU: 44%). However, the disparity in gender percentage distribution could also be attributed to gender inequality enrollment in medical programme in Uganda, as reported by other studies, [13] [17] [27] [33] [35] . Nevertheless, the higher percentage representation within student’s categories were recorded among; age-group: 18 - 25 (MUST: 75%, KIU: 64%); nationality: Ugandan (MUST: 90%; KIU: 88%); year of study: year 3 (MUST: 49%; KIU: 49%); denomination: catholic (MUST: 52%; KIU: 32%); medical department (MUST dermatology: 16%; KIU pediatrics: 13%). Nevertheless, the slight disparity in percentage distribution on the overall study outcome could be minimal since the respondents are normally subjected to similar operational conditions, [27] [28] . Remarkably, the leading types of SM platforms reported among respondents include; WhatsApp (MUST: 97%; KIU: 98%), Facebook (MUST: 78%; KIU: 76%), Twitter (MUST: 62%; KIU: 66%), and YouTube (MUST: 52%; KIU: 61%). Comparatively, the dataset for MUST, KIU, and related studies conducted in Uganda shows similar trends in percentage distributions among SM usage categories, [13] [17] [27] . While the other upcoming types of SM platforms reported among medical students include; TikTok, Instagram, Pinterest and Snapchat.

On the other hand, the leading SM usage engagement categories were reported among students; experience in SM usage: >5 years (MUST: 79%; KIU: 76%), frequency of SM usage: always and often (MUST: 75%; KIU: 74%), number of contacts/friends connected: >150 (MUST: 69%; KIU: 82%). Notably, the level of SM usage engagement categories among medical student ranges from 72% to 94%, compared to medical staff (55% to 70%). Overall, 77% to 87% of the respondents across category divides acknowledged sharing medical data on SM. Whereby, the lowest level were recorded among MUST staff (77%), and the highest level were recorded among KIU students (87%). The other SM usage engagement items (experience of SM usage, frequency of SM usage, and contacts/friends connected) in Table 4 also showed uniformity in percentage distribution between the two institutions (MUST and KIU).

4.1. Medical Information Breaches

With respect to specific objective 1, the researcher’s intention was to establish the prevalence of medical information breaches occurrence, due to SM usage. With respect to medical information breaches responses, items with yes/no responses (Figure 3), 27% to 42% of the respondents within category divides (yes/no) acknowledged occurrence of medical information breaches, due to SM usage. Whereby, the lowest level of medical information breaches were recorded among MUST staff (27%), and the highest level were recorded among KIU students (42%). Nevertheless, the percentage distribution of the breaches recorded within demographic profiles include; medical students: yes (MUST: 40%, KIU: 42%) compared to medical staff: yes (MUST: 27%, KIU: 35%). Comparatively, the percentage distributions recorded among MUST, and KIU show higher percentage distributions, compared to related studies in Uganda, [3] [4] [8] [17] . For instance, Alunyu, et al. [8] study indicates that 22% to 31% of respondents reported IT related breaches in medical records in hospital sites in Uganda. Nevertheless, the disparity in percentage distribution could also be attributed to the slight over-edge in population, sample size, or differences in study objectives, or methodologies used.

According to Table 4, the breaches were highly reported among; male: yes (MUST: 60%, KIU: 58%) compared to female: yes (MUST: 40%; KIU: 42%); age-group 18 - 25 years: yes (MUST: 63%; KIU: 54%) compared to the other categories, 26 - 46 years: yes (MUST: 37%; KIU: 46%); experience of SM usage: more than 6 years: yes (MUST: 58%; KIU: 43%) compared to the other categories, less than 6 years: yes (MUST: 42%; KIU: 57%); contacts/friends connected, more than 200: yes (MUST: 46%; KIU: 43%) compared to the other categories, less than 200: yes (MUST: 54%; KIU: 57%). However, with respect to types of SM platform, the breaches were highly recorded among; WhatsApp users: yes (MUST: 61%; KIU: 66%) compared to the other categories (TikTok, Instagram, Pinterest and Snapchat): yes (MUST: 39%; KIU: 44%). However, frequency in medical information breaches item helps to gauge the rate at which medical information breaches occurs (Figure 5). The measures included; “1 = never”, “2 = rarely”, “3 = sometimes”, “4 = often”, and “5 = always”. Among the different categorical responses, 5% to 32% of the respondents acknowledged some level of frequency in medical information breaches, due to SM usage. Whereby, the lowest level of frequency was reported among KIU staff (5%), and the highest level was reported among MUST students (32%). With respect to demographic profiles, and SM usage engagement, higher level of frequency in breaches was recorded among male student category (11% to 58%), and WhatsApp users (44% to 62%), respectively.

With respect to the 5-Points Likert scale measures (Figure 6), the level of respondents agreement (agree + strongly agree) on medical information breaches within gender, with respect to medical institutions include; male: agree + strongly agree (MUST: 53%, KIU: 42%) compared to female: agree + strongly agree (MUST: 35%, KIU: 31%). Overall, 31% to 53% of the respondents within gender category divides agreed with some levels of medical information breaches. However, the percentage distribution is higher among MUST and male categories compared to KIU and female categories, respectively. Relatively, the results for Likert scale (31% to 53%) is slightly higher compared to the categorical response—yes/no (27% to 42%). Notably, the extreme percentage figure for Likert scale response for MUST (53%) could also be attributed to outlier factors, since the corresponding result for KIU (42%) is within the categorical range (27% to 42%). However, with respect to age-group, the level of agreement (agree + strongly agree) include; 18 - 25 years: agree + strongly agree (MUST: 50%, KIU: 43%); 26 - 35 years: agree + strongly agree (MUST: 42% KIU: 31%); 36 - 45 years: agree + strongly agree (MUST: 34%, KIU: 33%); above 45 years: agree + strongly agree (MUST: 54%, KIU: 41%). Relatively, the levels of agreement are uniform within the age-group categories, but higher among MUST respondents compared to KIU respondents (Table 5). Overall, 31% to 54% of the respondents within age-group categories agreed with some levels of medical information breaches.

4.2. Association between Variables

Eventually, Chi-square (x2) test was conducted to examine the types of association existing between selected categorical variables, and medical information breaches occurrence. The key categorical variables used include medical institution (MUST and KIU), gender, and age-group. The test was performed at a critical alpha (α) value of 0.05. In this case, for all the 3 categorical variables, null hypothesis (H0) states that there is statistically no significant difference between medical institutions/gender/age-group, and medical information breaches occurrence. While alternative hypotheses include the following:

H1: there is statistically significant difference between medical institutions (MUST and KIU) and medical information breaches occurrence reported. In this case, Chi-square (x2) results generated (x2 = 7.890, df = 4, p = 0.096) show insignificant association between medical institutions (MUST and KIU) and medical information breaches occurrence. The results also reinforce the earlier position reported, where MUST and KIU datasets showed similar trends in percentage distributions within the medical information breaches categories, with respect to medical institution, (Table 4). Therefore, from the Chi-squares (x2) results obtained, since p > 0.05, we reject H1 and accept H0: that says there is statistically no significant difference between medical institutions and medical information breaches occurrence. However, for consistency in the research findings, more related studies could still be done to involve the other medical institutions in Uganda.

H2: there is statistically significant difference between gender and medical information breaches occurrence reported. In this case, Chi-square (x2) results generated (x2 = 17.348, df = 4, p = 0.002) show significant difference between gender and medical information breaches occurrence reported. However, within medical institutions, Chi-square (x2) results generated for MUST (x2 = 17.822, df= 4, p = 0.001) shows significant difference between gender and medical information breaches, while KIU results (x2 = 6.084, df = 4, p = 0.193) shows insignificant difference between gender and medical information breaches. From the Chi-squares (x2) results obtained, since p < 0.05, we reject H0and accept H2: that says there is statistically significant difference between gender and medical information breaches occurrence reported. However, within medical institution, Chi-square results for MUST shows significant result (p < 0.05), while KIU results shows insignificant level of association, where p > 0.05. Nevertheless, for consistency in the research outcomes, more related studies could still be done to involve the other medical institutions in Uganda.

H3: state that there is significant difference between age-group and medical information breaches accordance reported. In this case, Chi-square (x2) results generated (x2 = 23.738, df = 12, p = 0.022) show significant difference between age-group and medical information breaches occurrence. However, within medical institutions, Chi-square (x2) results generated for MUST (x2 = 17.872, df = 12, p = 0.120), and KIU (x2 = 15.631, df = 12, p = 0.209) both show insignificant association between age-group and medical information breaches occurrence. Therefore, from the Chi-squares (x2) result obtained, since p < 0.05, we reject H0 and accept H3: that says there are statistically significant associations between age-group and medical information breaches occurrence reported. However, within medical institution, Chi-square results for both MUST and KIU show insignificant result (p > 0.05). Nevertheless, for consistency in the findings, more related studies could still be done to involve the other medical institutions in Uganda.

5. Study Contributions

Generally, the study outcome provides guidance to medical institutions, researchers, SM practitioners, by pointing out the vulnerable areas of SM usage in medical operations. The study also provides empirical inputs into policy development process, in line with SM usage and medical operations. Formalizing SM usage in medical institutions would help to regulate and enforce accountability in SM usage, and protect medical institutions against uncensored usage of SM by stakeholders. This would protect medical institutions against negative implications such as loss of trust and reputations, legal suit, or financial harm, etc., [3] [4] [5] [10] [18] [19] . More so, the study outcomes would help to guide and improve on the level of awareness on the choice of SM functions, in line with medical information safety, and medical training activities—learning, teaching and research, [18] . This would enhance coordination and sharing of quality contents among medical students, and medical staff including supervisors.

Overall, addressing security gap in SM usage in medical operations is in the best interest of every SM user in healthcare fraternity. With better information security mechanism on SM usage, patients and community confidence, and trust in healthcare systems will improve. When patients and community are assured of the safety of their private healthcare information, they would be more willing to disclose sensitive information to physicians, and this will improve on the quality of medical care and services provided, (Jomin & Takura, 2019). According to Liaw & Hannan [20] , 49.1% of patients in Australia confirmed withholding information from clinicians based on privacy and confidentiality concerns, [21] .

6. Recommendations and Conclusion

The vulnerable areas of the breaches highlighted would serve as important reference points for SM practitioners, and researchers. However, further studies need to focus on identification of the key SM usage factors associated with medical information breaches in medical institutions in Uganda, [36] . In reference to the study limitations stated in Section 1, more empirical studies need to be conducted to enrich the empirical foundations supporting SM usage in medical education, [2] [3] . The few existing studies depend mainly on the descriptive approaches, or practitioner experience, or literature-search, which may be context specific, [2] [3] [5] . As such, their measures and findings could be limited in scopes, and prone to duplications, redundancy, or inconsistency. Formally, the subjective nature of SM concepts makes it complex for existing theories and studies to have a standard definition of SM concepts, [37] . This is mainly due to the casual nature of SM functions, where individual could use colloquial forms of subjective language to express their views and opinions. Therefore, to address the challenges, more empirical studies need to focus on generating quantitative evidence to substantiate some of the unique challenges associated with SM usage. However, to help enforce accountability in SM usage, medical institutions in Uganda need to ratify SM usage in their operations, [38] . This would protect the institutions against uncensored usage of SM by stakeholders. Thus, promote SM usage, and protect medical institutions against dreaded and negative consequences such as; loss of trust and reputations, legal suit, or financial harm, [5] [10] [18] [19] .

Conflicts of Interest

The authors declare no conflicts of interest regarding the publication of this paper.

References

[1] Katz, M. and Nandi, N. (2021) Social Media and medical Education in the Context of the COVID-19 Pandemics: Scoping Review. JMIR Medical Education, 7, e25892.
https://doi.org/10.2196/25892
[2] Whyte, W. and Hennessy, C. (2017) Social Media Use within Medical Education: A Systematic Review to Develop a Pilot Questionnaire on How Social Media Can Be Best Used at BSMS. MedEdPublish, 6, 1-36.
https://doi.org/10.15694/mep.2017.000083
[3] Roy, T.J., Cheston, C., Flickinger, T.E. and Chisolm, M.S. (2016) Social Media: Portrait of an Emerging Tool in Medical Education. Academic Psychiatry Journal, 40, 136-140.
https://doi.org/10.1007/s40596-014-0278-5
[4] Pander, T., Pinilla, S., Dimitriadis, K. and Fischer, M.R. (2014) The Use of Facebook in Medical Education—A Literature Review. GMS Zeitschrift für Medizinische Ausbildung, 31, Doc33.
[5] Surani, Z., et al. (2017) Social Media Usage among Health Care Providers. BMC Research Notes, 10, Article No. 654.
https://doi.org/10.1186/s13104-017-2993-y
[6] She, A.H., et al. (2020) Healthcare Data Breaches: Insights and Implications. Healthcare, 8, Article No. 133.
https://doi.org/10.3390/healthcare8020133
[7] HIPAA (2018) De-Identification of Protected Health Information. HPPA Journal.
[8] Alunyu, E.A., et al. (2021) Investigating the Impediments to Accessing Reliable, Timely and Integrated Electronic Patient Data in Healthcare Sites in Uganda. Proceedings of the 14th International Joint Conference on Biomedical Engineering Systems and Technologies (BIOSTEC 2021), Volume 5, 522-532.
https://doi.org/10.5220/0010266705220532
[9] Shenoy, A. and Appel, J.M. (2017) Safeguarding Confidentiality in Electronic Health Records. The Cambridge Quarterly of Healthcare Ethics, 26, 337-341.
https://doi.org/10.1017/S0963180116000931
[10] Nwankwo, W. and Chinecherem, U. (2020) Institunalising Social Network Solution in Tertiary Educational Institutions. Journal of Applied Sciences, Information and Computing, 1, 20-28.
[11] Alenezi, A.N. and Yaiesh, S.M. (2018) The Ubiquitous Invasion of Social Media in Lifelong Learning in Medical Education. Review Article Kuwait Medical Journal, 50, 271-277.
[12] Kuteesa, J., Musiime, V., Munabi, G., et al. (2021) Specialty Career Preferences among Final Year Medical Students at Makerere University College of Health Science, Uganda: A Mixed Methods Study. BMC Med Education Journal, 21, Article No. 215.
https://doi.org/10.1186/s12909-021-02630-x
[13] Olum, R., Kajjimu, J., Kanyike, A.M., et al. (2020) Perspective of Medical Students on the COVID-19 Pandemic: Survey of Nine Medical Schools in Uganda. JMIR Public Health and Surveillance, 6, e19847.
https://doi.org/10.2196/19847
[14] Wendy, M., Kendall, H. and Jason, L. (2015) Advancing Social Media in Medical Education. Canadian Medical Association Journal, 187, 549-550.
https://doi.org/10.1503/cmaj.141417
[15] Fenwick, T. (2016) Social Media, Professionalism and Higher Education: A Sociomaterial Consideration. Studies in Higher Education, 41, 664-677.
https://doi.org/10.1080/03075079.2014.942275
[16] Kaddu, S. and Mukasa, G. (2016) Social Media and Social Transformation in Uganda’s Families. African Research & Documentations, 129, 70-80.
https://doi.org/10.1017/S0305862X00021841
[17] Mirembe, D.P., Lubega, J.T. and Kibukamusoke, M. (2019) Leveraging Social Media in Higher Education: A Case of Universities in Uganda. European Journal of Open, Distance and eLearning, 22, 70-84.
https://doi.org/10.2478/eurodl-2019-0005
[18] Jomin, G. and Takura, B. (2019) Security, Confidentiality, and Privacy in Health of Healthcare Data. International Journal of Trends in Scientific Research and Development, 3, 2456-6470.
https://doi.org/10.31142/ijtsrd23780
[19] Adler, J., Demicco, M. and Neiditz, J. (2015) Critical Privacy and Data Security Risk Management Issues for the Franchisor. Franchise Law Journal, 35, 79-92.
[20] Liaw, S.T. and Hannan, T. (2011) Can We Trust the PCEHR Not to Leak? Medical Journal of Australia, 195, Article No. 222.
https://doi.org/10.5694/j.1326-5377.2011.tb03287.x
[21] Usher, K., Woods, C., Casella, E., Glass, N., Wilson, R., Mayner, L., Jackson, D., Brown, J., Duffy, E., Mather, C., Cummings, E. and Irwin, P. (2014) Australian Health Professions Student Use of Social Media. Collegian, 21, 95-101.
https://doi.org/10.1016/j.colegn.2014.02.004
[22] Nabimanya, D., Sembatya, R., Atuhaire, A. and Mbabazi, P. (2020) Patient’s Health Records Management in Ugandan Hospitals: A Case of Kabale Regional Referral Hospital. International Journal for e-Learning Security, 9, 631-640.
https://doi.org/10.20533/ijels.2046.4568.2020.0079
[23] Househ, M., Grainger, R., Petersen, C., Bamidis, P. and Merolli, M. (2018) Balancing between Privacy and Patient Needs for Health Information in the Age of Participatory Health and Social Media: A Scoping Review. Yearbook of Medical Informatics, 27, 29-36.
https://doi.org/10.1055/s-0038-1641197
[24] Kagoya, H.R., et al. (2013) Awareness of, Responsiveness to and Practice of Patient’s Rights at Uganda’s National Referral Hospital. African Journal of primary Health care and Family Medicine, 5, Article No. 491.
https://doi.org/10.4102/phcfm.v5i1.491
[25] Zamanzadeh, V., Ghahramanian, A., Rassouli, M., Abbaszadeh, A. and Alavi, H. (2015) Design and Implementation Content Validity Study: Development of an Instrument for Measuring Patient-Centered Communication. Journal of Caring Science, 4, 165-178.
https://doi.org/10.15171/jcs.2015.017
[26] Joshi, A., Kale, S., Chandel, S. and Pal, D.K. (2015) Likert Scale: Explored and Explained. Current Journal of Applied Science and Technology, 7, 396-403.
https://doi.org/10.9734/BJAST/2015/14975
[27] Bongomin, F., et al. (2021) Internal Medicine Clerkship amidst COVID-19 Pandemic: A Cross-Sectional Study of the Clinical Learning Experience of Undergraduate Medical Students at Makerere University, Uganda. Advances in Medical Education and Practices, 12, 253-262.
https://doi.org/10.2147/AMEP.S300265
[28] UMDPC (2017) Resources: Medical Schools. Uganda Medical and Dental Practitioners Council, Kampala.
[29] Khamala, D.F., Makori, O. and Njiraine, M. (2018) Webometrics Ranking and Its Relationship to Quality Education and Research in Academic Institutions in Kenya. Library Philosophy and Practice (e-journal).
[30] Taherdoost, H. (2016) Sampling Methods in Research Methodology; How to Choose a Sampling Technique for Research. International Journal of Advance Research in Management, 5, 18-27.
https://doi.org/10.2139/ssrn.3205035
[31] Gill, J., Johnson, P. and Clark, M. (2010) Research Methods for Managers. SAGE Publications, Washington DC.
[32] Amin, M.E. (2005) Foundations of Statistical Inference for Social Science Research. Makerere University Printery, Kampala.
[33] Casteel, A. and Bridier, N.L. (2021) Describing Populations and Samples in Doctoral Student Research. International Journal of Doctoral Studies, 16, 339-362.
https://doi.org/10.28945/4766
[34] Bhattacherjee, A. (2012) Social Science Research: “Principles, Methods and Practices”. 2nd Edition, University of South Florida, Tampa.
[35] Odaga, G. and Kibuka-Sebitosi, E. (2021) The Fair Share Dimension of Tertiary Educational Distribution. Progress in Development Studies, 21, 26-50.
https://doi.org/10.1177/1464993420968651
[36] Mutebi, J., Kareyo, M., Chinecherem, U. and Paul, A. (2022) Identification and Validation of Social Media Socio-Technical Information Security Factors with Respect to Usable-Security Principles. Journal of Computer and Communications, 10, 41-63.
https://doi.org/10.4236/jcc.2022.108004
[37] Emamjome, F.F., Rabaai, A.A., Gable, G.G. and Bandara, W. (2013) Information Quality in SM: A Conceptual Model. Proceedings of the Pacific Asia Conference on Information Systems (PACIS 2013), Jeju Island, 18-22 June 2013, 72.
[38] Akampurira, P., et al. (2022) A Framework for Evaluating the Usability of Mobile Learning Applications in Universities. Journal of Science and Technology, 7, 42-59.

Journals Menu
Follow SCIRP
Contact us
+1 323-425-8868
customer@scirp.org
WhatsApp +86 18163351462(WhatsApp)
Click here to send a message to me 1655362766
Paper Publishing WeChat

Copyright © 2024 by authors and Scientific Research Publishing Inc.

Creative Commons License

This work and the related PDF file are licensed under a Creative Commons Attribution 4.0 International License.