Exploring Nurses’ Compliance Behavioural Factors with EHR Data Privacy Policy in Saudi Arabia: A Q- Methodology Study

Abstract

Background: The widespread implementation of electronic health records (EHRs) worldwide has raised health data privacy and security issues for healthcare providers, patients, and regulators. Yet, relatively little is known about healthcare professionals’ intentions to remain complaint with current EHR data privacy policy, and it has not been extensively tested in either general or specific cultural contexts. Many influential factors that potentially influence attitudes and intentions toward data privacy is unknown. Thus, this study explores nurses’ behavioural intentions regarding healthcare data privacy. Aims and objectives: This study aims to explore the driving factors and barriers that influence nurses’ intentions to comply with EHR data privacy policies in Saudi Arabia. Method: This study employed a Q-Methodology approach to investigate nurses’ compliance behaviour toward the EHR privacy policy. A series of Q statements (known as a concourse) was constructed from relevant literature review and guided by the Decomposed Theory of Planned Behaviour and Deterrence Theory derived from our scoping review. Participants were then requested to sort these statements to indicate their agreement using a grid, ranging from “strongly agree” to “strongly disagree. ” This was followed by a post-sorting interview, in which all responses were narratively coded. Exploratory factor analysis was employed to determine every statement in the Q sample, in order to analyse and group correlation scores for the statements, identifying different factors or positions taken by different nurses in relation to their intentions to comply with EHR data security. Finally, factors were interpreted, complemented by the narrative qualitative views of participants. Findings: Two factors emerged from the analysis, indicating that nurses in both factors generally value patient privacy. In total, 26 out of 54 nurses were loaded on the two factors, then the post-sorting interview was used to interpret the nurses’ sorting activity. The first factor, “Professionally Pragmatic,” included 19 nurses who believed that the hospital environment, the desire to benefit patients, and relevant legal consequences played a major role for those who wished to comply with the EHR privacy policy. Consequently, they had to be pragmatic in their policy compliance. The second factor, “Professionally Obligated,” included 7 nurses who ii believed that hospital and patient-related work obligations motivated them to adhere to the EHR privacy policy. Implications: This study provides a better understanding of the factors that contribute to nurses’ behavioural intentions regarding compliance with EHR data privacy policies. It contributes to current knowledge of the nurses’ behavioural intentions regarding compliance with EHR data privacy policies. Several theories were generated from the study’s outcomes regarding the factors that influenced nurses’ compliance with the EHR privacy policies, which needed to be tested in upcoming studies. Despite the fact that this study examined the level of personal compliance, it is evident that nurses face workplace obstacles in protecting sensitive EHR information.