Cognizance About Privacy and Security of Patients Health Information Among Medical and Dental Students

: Background: The proliferation of electronic health records and digital medical systems has brought about significant advancements in patient care and information management. However, concerns regarding the privacy and security of patients' health information have also intensified. As future healthcare practitioners, medical and dental students play a pivotal role in ensuring the safeguarding of sensitive patient data. This study aims to assess the awareness and understanding of privacy and security issues related to patients' health information among medical and dental students. Methods: A cross-sectional study was conducted among a representative sample of medical and dental students from diverse academic institutions. A structured questionnaire was administered to assess participants' knowledge, attitudes, and practices concerning patient data privacy and security. Descriptive statistics were used to analyse the data, and associations between demographic factors and awareness levels were explored. Results: The study findings reveal that while a substantial portion of medical and dental students recognize the importance of patient data privacy, a significant knowledge gap exists regarding the specific measures and protocols to ensure security. The research found that 232(71.7%) of the participants preferred electronic patient records for their ease of accessibility and 198 (61.4%) strongly valued privacy. Students expressed varying levels of understanding concerning encryption methods, access controls, and legal frameworks governing patient information. Conclusion: This study underscores the imperative for comprehensive education and training programs focusing on privacy and security of patients' health information within medical and dental curricula. As future healthcare practitioners, medical and dental students must be equipped with the necessary skills and knowledge contributing to a more secure and privacy-aware healthcare environment.


INTRODUCTION
In the rapidly evolving landscape of healthcare, the digitization of patient health information has brought forth unprecedented opportunities for improved patient care, research, and data management.The electronic exchange of health records and the utilization of digital health platforms have become integral components of modern healthcare systems. 1 However, this digital transformation has also ushered in new challenges, particularly concerning the privacy and security of patients' health information.The national adoption of electronic health records (EHR) promises to make an unprecedented amount of data available for clinical research, ensuring the confidentiality and protection of this sensitive data is not only a legal and ethical imperative but also a crucial factor in maintaining patient trust and upholding the integrity of the healthcare system. 2 The proliferation of health emergencies, such as epidemics, natural disasters, and artificial crises, further underscores the urgency of this investigation.In times of crisis, the availability, accuracy, and security of health information become paramount for effective decision-making and response coordination. 3he global pandemic COVID-19 has vividly demonstrated the critical role of electronic health records (EHRs) and digital health data exchange in managing public health emergencies.As the pandemic highlighted the interconnectedness of healthcare systems and the need for swift and secure information sharing, it has also accentuated the significance of equipping future healthcare practitioners with the knowledge and skills to ensure the privacy and security of patient health information. 4In this context, medical and dental students represent the future of healthcare, poised to play a pivotal role in shaping and navigating the complexities of the digital healthcare landscape.As these students prepare to become healthcare practitioners, it is imperative that they possess a comprehensive understanding of the privacy and security considerations associated with handling patient health information.Their awareness and adherence to best practices in data protection will significantly influence the effectiveness and integrity of healthcare delivery, research, and patient trust.This study seeks to contribute to the broader discourse on healthcare data management and privacy by shedding light on the current state of awareness among medical and dental students.

MATERIALS AND METHODS
A structured questionnaire was designed which collected information on the demographics of the study population and comprised 14 questions that addressed awareness of data privacy and security concepts, familiarity with encryption methods and access controls, and perceptions about the importance of patient health information protection.The study was approved by the ethics committee board of Dr. MGR Educational and Research Institute, Chennai, India.The questionnaire was circulated amongst medical and dental students across various states in India as google forms via social media platforms-WhatsApp, Gmail, Instagram over a period of 4 months and the total responses, i.e., 323 responses, were included in this study.To analyse the data SPSS IBM SPSS Statistics for Windows, Version 23.0, Armonk, NY: IBM Corp. Released 2015 was used to calculate frequency and percentage of the variables.The level of significance was fixed as 5% (α = 0.05)

RESULTS
In a study conducted with 323 participants, the respondents were primarily from Tamil Nadu, the age range of the sample ranged from 17 to 29 with mean age being 20.23+1.79,with a majority of 237 participants being females (73.3%).Notably, a significant portion, 211 (65.3%), were pursuing dental education, and 244 (75.5%) were attending private colleges.The research found that 232 (71.7%) of the participants preferred electronic patient records for their ease of accessibility, and 198 (61.4%) strongly valued privacy.Security measures varied, with 127 (39.3%) indicating that staff education was part of these measures, and a substantial 246 (76.0%) used CCTV for security.Most institutions, 263 (81.4%), informed patients about data usage, but only 98 (30.3%) retained records for 10 years.Additionally, 191 (59.2%) of the participants reported mechanisms for data deletion, and 138 (42.7%) mentioned the use of biometric systems.Interestingly, 212 (65.6%) of the respondents were aware of an Indian patient data security act.These findings shed light on the preferences and security measures that were in place within the context of patient data management.

DISCUSSION
A cross-sectional study was conducted to assess the cognizance about privacy and security of patients' health information among medical and dental students.Out of a total 323 participants in the study, a substantial portion 198(61.1%)comprising medical and dental students strongly agreed that maintaining the privacy of patient data was crucial.Pratiwi AB et al.'s study in Indonesia revealed that general practitioners and dentists at primary health care centers also shared similar views in expressing a need to uphold patient privacy. 11he participants in the present study cited reasons for choosing electronic records over conventional paperbased records, such as easy handling, accessibility, retrievability, user-friendliness, patient access, and efficient backup options.This preference reflects a shift towards embracing technology for enhanced efficiency and accessibility in managing patient records.The present study revealed participants employing various methods, including security risk assessment, encryption, EHR software and hardware, staff education, and access controls in their respective institutions to ensure data security.This emphasis aligns with the results of Masresha Derese Tegegne's study, where majority of participants also highlighted the significance of these factors. 7ata security is a fundamental element of comprehensive privacy practices, as emphasized by Hodge et al. 12 About 229(70.7%)respondents overwhelmingly agree on the importance of integrating privacy and security for reasons such as personal autonomy, human dignity, maintaining relationships with patients, and adherence to medical ethical principles.The primary reasons for ensuring privacy and security in patient data management included upholding ethical principles, meeting societal expectations, building trust between patients and medical professionals, and maintaining confidentiality.The present study acknowledges the ongoing challenges related to maintaining data privacy and security in the healthcare sector, which resonate with the findings of Redspin's 7 th annual breach report on Protected Health Information (PHI).These findings underscore the potential adverse effects of security breaches, including economic harm, social and psychological harm, and identity theft, as corroborated by the study conducted by Gostin et al. 10 .The data from our questionnaire indicates that healthcare institutions employ various methods, including threat detection, malware attack monitoring, intrusion detection and prevention systems, CCTV, and locker room security, to continuously monitor security incidents.This proactive approach suggests a commitment to identifying and addressing potential security threats promptly.While these systems offer advanced healthcare services, there is a growing awareness of security issues concerning e-health data, which contains highly sensitive information. 13n the present study, most respondents 209(64.5%)believed that doctors, nurses, insurance, and patients should have access to patient health records.Also, a majority of 262 (80.9%) of them agreed that they inform their patients regarding how their health information is used or disclosed and this demonstrates transparency and compliance with privacy regulations.There exists a varying opinion regarding the duration of maintaining patient health records.While a significant portion suggested 10 years 98(30.2%),others favoured shorter durations like 3 years 91(28.1%)and 5 years 90(27.8%).
A notable majority 191(59.0%)confirmed having mechanisms instilled by their institutions to destroy or delete health information records upon request.Eliminating health records upon request is good as it respects patient privacy, complies with data protection laws, enhances security, and fosters trust in patients through transparency.It also aligns with ethical principles, accommodates changing patient preferences, and helps limit unnecessary data retention.
The respondents in our study confirmed that there were various security solutions, including private examination and consultation rooms, eavesdropping risk attention, passwords, biometric identification, and automatic logouts, all of which were employed to avoid breaching of privacy regarding patient health information by their institutions.A substantial majority 212(65.4%)were aware of the patient data security act in India, indicating a greater consciousness of regulatory frameworks governing patient data.

CONCLUSION
The study revealed that medical and dental students generally have a high level of awareness regarding the privacy and security of patients' health information.This awareness is a positive sign as it reflects the recognition of the sensitive nature of patient data in healthcare settings and there is growing recognition of importance of digital solutions, privacy, and security in managing patient records in the healthcare sector in India.These findings also suggest that educational institutions play a significant role in fostering awareness among students and highlights the importance of incorporating data privacy and security into the curriculum.