Challenges Encountered in Using Information Security Metrics to Improve Patient Safety in Public Hospitals, Nairobi Metropolitan, Kenya
| dc.contributor.author | Mwaura, Maryanne Waithera | |
| dc.date.accessioned | 2026-02-11T12:38:06Z | |
| dc.date.available | 2026-02-11T12:38:06Z | |
| dc.date.issued | 2025-11 | |
| dc.description | A Research Project Submitted to the School of Law, Arts and Social Sciences in Partial Fulfilment of the Requirements for the Award of the Degree of Masters in Security Management and Police Studies, Kenyatta University. November, 2025 Supervisor: Bernard Munyao Muiya | |
| dc.description.abstract | Ideally, majority of people who visit a healthcare facility do so with the purpose of getting medical treatment. The person goes in with the confidence that medical treatment is accurate and safe, so they have the best chance possible of achieving the desired outcome. The sad reality is that correct and safe medical treatment is not always achieved. Patient information is one of the resources that hospitals heavily rely on to achieve its goals. This study investigated the challenges of using Information Security Metrics in public referral hospitals in Nairobi Metropolitan, Kenya. The specific objectives were to; examine the technical components of Information Security Metrics and their effects on promoting patient safety, determine security controls that protect the Privacy, Integrity and Accessibility of data in Information Security Metrics in promoting patient safety, ascertain key patient safety reporting systems in Information Security Metrics that help in reducing medical errors and analyse the legal challenges of using Information Security Metrics to promote patient safety with reference to the Kenyan Data Protection Act, No. 24 of 2019. Socio-Technical Systems Theory guided the study. The study adopted a cross-sectional survey design. Data was collected using questionnaires and interview guide. Two hundred and eighty-eight respondents from healthcare workers, ICT staff and health records personnel were sampled through cluster, simple random and purposive sampling methods. Quantitative data analysis was done using SPSS through illustrative, correlation and Principal Component Analysis, while thematic analysis was used for qualitative data. The findings revealed that technical components such as data collection software and backup generators promoted patient safety, but challenges included inadequate staff training. Security controls like firewalls and antivirus software were critical, though procedural weaknesses, such as inconsistent password management, limited their impact. Patient safety reporting systems lacked well-developed infrastructure, with 50.9% disagreeing that adequate systems were in place, while mandatory reporting of ISM issues was key to improving reporting culture. Moreover, legal frameworks prioritized patient privacy and confidentiality, though patient engagement remained moderate. The study demonstrated that while technical, procedural, and legal elements of ISM contribute significantly to patient safety, gaps in implementation and engagement persist. The study thus concludes that effective implementation of Information Security Metrics (ISM) is necessary for improving patient safety in healthcare facilities. In view of the findings, the study recommends improvement of infrastructure, enforcement of procedural consistency, and strengthening patient engagement to maximize the effectiveness of ISM in healthcare facilities. Also, the hospitals should consider prioritizing the development and implementation of comprehensive training programs for staff on the use of ISM tools and protocols. | |
| dc.identifier.uri | https://ir-library.ku.ac.ke/handle/123456789/32374 | |
| dc.language.iso | en | |
| dc.publisher | Kenyatta University | |
| dc.title | Challenges Encountered in Using Information Security Metrics to Improve Patient Safety in Public Hospitals, Nairobi Metropolitan, Kenya | |
| dc.type | Thesis |