Data Breach Mitigation in Hospital Database Management Systems – The Case of a Hospital in South-South Nigeria

Data Breach Mitigation in Hospital Database Management Systems – The Case of a Hospital in South-South Nigeria

Harare, Zimbabwe and Virtual

The damaging effects of data breaches result in the loss of sensitive data, operational downtime, financial losses, and, in extreme cases, legal action. This study investigates the Hospital Database Management systems (HDMS) in a selected hospital in South-South Nigeria for the mitigation of data breaches. The deployment of an Incident Response Framework for data breach mitigation on HDMS has yet to be fully researched, creating a gap literature. The research objectives were accomplished through mixed methods and design science research (DSR). About 180 participants including forty employees from the medical records unit and 140 patients/patient relatives, who interact with the HDMS participated in the study. A conducted penetration test on the system revealed several threats and vulnerabilities in the HDMS for which DSR was deployed to co-create the data breach mitigation framework (DBMF). The study recommends that hospitals carry out successive penetration tests on their information systems to uncover red flags for data breaches. Also, the DBMF should be implemented on systems to mitigate breaches.