White Coat, Black Box: How Do Healthcare Workers Protect Personal Data?

Year 2025, Volume: 9 Issue: 2, 745 - 769, 31.12.2025

Faruk Dursun

https://doi.org/10.26650/acin.1763293

https://izlik.org/JA42HB93ZY

Abstract

The protection of personal health data has become critical with the widespread adoption of EHRs in healthcare systems. This study evaluates the knowledge, attitudes, and awareness of healthcare professionals regarding the recording and protection of personal health data across diverse occupational groups and institutional contexts in Turkey. Data were collected from 346 healthcare professionals working in public and private hospitals through a structured questionnaire using a causal-comparative design. Statistical analyses included confirmatory factor analysis, independent samples t-tests, one-way analysis of variance, correlation analysis, and structural equation modeling. The scale demonstrated excellent reliability and structural validity, explaining 85.2% of variance across five dimensions: knowledge of personal health data, legal knowledge, legal data sharing, personal health data sharing, and personal health data recording. Significant differences were observed across educational levels, occupational groups, work units, and frequency of digital document usage. Postgraduate-educated professionals demonstrated higher awareness levels; however, this association may reflect confounding factors such as occupational role, professional responsibility levels, and work experience rather than education alone. Physicians exhibited significantly higher awareness levels than other healthcare professionals. Structural equation modeling revealed that PHDS, legal knowledge, and legal data sharing collectively explained 81.7% of variance in data recording awareness. The findings indicate that rather than isolated information acquisition, data protection awareness is shaped by an integrated framework of legal knowledge, ethical sensitivity, and institutional context. The study reveals critical awareness gaps among support staff and emergency service personnel, highlighting the need for profession-specific, unit-based educational interventions and strengthened data security culture across healthcare institutions.

Keywords

Personal Health Data , Data Security , Health Information Systems , Jurisprudence , Confidentialy

References

• Ajzen, I. (1991). Theory of planned behavior Organizational Behavior and Human Decision Processes, 50(2), 179-211. https://doi.org/10.1016/0749-5978(91)90020-T google scholar
• Alçin, A. A. (2022). Personal health data in Turkish law and the obligation of the administration to protect personal health data. Türkiye adalat Akademisi Dergisi, 10(51), 365–410. https://doi.org/10.54049/taad.1140182 google scholar
• Anderson, J. R. (1982). Acquisition of cognitive skills. Psychological Review, 89(4), 369-406. https://doi.org/10.1037/0033-295X.89.4.369 google scholar
• Ataklıoğlu Başkan, S., Karakurt, P. & Kasımoğlu, N. (2021). Nursing students’ attitudes toward recording and protecting patients’ personal health data: A descriptive study Galician Medical Journal, 28(3), 1-7. https://doi.org/10.21802/gmj.2021.3.3 google scholar
• Atalay, H. (2021). Mahremiyet kapsamında kişisel sağlık verilerinin korunması ve depolanması. Journal of Academic Perspective on Social Studies, (1), 01-20. https://doi.org/10.35344/japss.786353 google scholar
• Atalay, H. N. & Yücel, Ş. (2023). Kişisel sağlık verileri paylaşımı ile ilgili değişkenlerin sosyo-demografik özellikler bakımından farklılıkları. Bilgi Yönetimi Dergisi, 6(2), 231 – 245. https://doi.org/10.33721/by.1242514 google scholar
• Basit, G. (2021). Hemşirelik öğrencilerinin hastaların kişisel sağlık verileri ile ilgili görüşleri. Ege Üniversitesi Hemşirelik Fakültesi Dergisi, 37(3), 189-195. https://doi.org/10.53490/egehemsire.792537 google scholar
• Bezirgan Gözmener, S., Şenol, S. & Seren İntepeler, Ş. (2019). Hemşirelik öğrencilerinin kişisel sağlık verilerinin kayıt ve korunması tutum ölçeği geçerlik ve güvenirlik çalışması*. Dokuz Eylül Üniversitesi Hemşirelik Fakültesi Elektronik Dergisi, 12(1), 21-30. google scholar
• Bilgiç, İ., Paslı Gürdoğan, E. & Uslu, B. (2025). Nursing students’ attitudes toward the security of personal health data. Balkan Journal of Health Sciences, 3(3), 135-143. https://doi.org/10.61830/balkansbd.1614742https://doi.org/10.61830/balkansbd.1614742 google scholar
• Büyüköztürk, Ş., Çakmak, E., Akgün, Ö., Karadeniz, Ş. ve Demirel, F. (2008). Bilimsel araştırma yöntemleri (1. Baskı). Ankara: Pegem Akademi, google scholar
• Cabana, M. D., Rand, C. S., Powe, N. R., Wu, A. W., Wilson, M. H., Abboud, P. A., and Rubin, H. R. (1999). Why do physicians not follow clinical practice guidelines? A framework for improvement. JAMA, 282(15), 1458-1465. https://doi.org/10.1001/jama.282.15.1458 google scholar
• Çavdar Lokumcu, P. (2024). Hekimlerin hastalarına ilişkin sosyal medya paylaşımlarından doğan sorumluluğu. Sakarya Üniversitesi Hukuk Fakültesi Dergisi, 12(1), 429-453. https://doi.org/10.56701/shd.1462767 google scholar
• Demir Karabayır, E., Karaca Dedeoğlu & Kurşun, A. (2023). Sağlık Bilimleri Fakültesi öğrencilerinin kişisel sağlık verilerinin kayıt ve korunmasına ilişkin tutumlarının incelenmesi. R&S- Research Studies Anatolia Journal, 6(2), 145-168. https://doi.org/10.33723/rs.1257657 google scholar
• Dündar, A., Hacivelioğlu, D., Erdoğdu, S., & Gündüz, N. (2024). Attitudes toward the recording and protection of personal health data: An example of a public hospital in Istanbul The Turkish Journal of Bioethics, 11(1), 17-27. google scholar
• Durmuş İskender, M. & Durmuş, A. (2022). Determining the correlation between the privacy consciousness of midwifery and nursing students and their attitudes toward the recording and protection of personal health data. Euroasia Journal of Mathematics, Engineering, Natural & Medical Sciences, 9(21), 67-78. https://doi.org/10.38065/euroasiaorg.960 google scholar
• Durmuş, V. (2021). Kişisel sağlık verilerinin korunmasında idarenin hukuki sorumluluğu. Dokuz Eylül Üniversitesi Hemşirelik Fakültesi Elektronik Dergisi, 2014, 14(1), 67-76. google scholar
• Dutta, J. Barman, S. (2025). Smart contract and blockchain-based secured approach for storing and sharing electronic health records. Multimed Tools Applied, 84, 16883–16907. https://doi.org/10.1007/s11042-024-19714-7 google scholar
• Ericsson, K. A., Prietula, M. J. and Cokely, E. T. (2007). Making an expert. Harvard Business Review, 85(7-8), 114-121. google scholar
• Eskimez, Z. & Köse Tosunöz, İ. (2023). Nursing students’ attitudes toward the registration and preservation of personal health data Etkileşimli Hemşirelik Dergisi, 16(4), 513-523. https://doi.org/10.46483/jnef.1375543 google scholar
• Evci Eralp, Ö. (2023). İşyerlerinde kişisel sağlık verilerinin işlenmesinde sır saklama yükümlülüğünün kapsamı. Kişisel Verileri Koruma Dergisi, 5(2), 28-38. https://doi.org/10.1016/j.kişiselverilerikorumadergisi google scholar
• Farrell, A. M. (2010). Insufficient discriminant validity: A comment on Bove et al. (2009). Journal of Business Research, 63(3), 324-327. https://doi.org/10.1016/j.jbusres.2009.05.003 google scholar
• Fraenkel, J. R., & Wallen, N. E. & Hyun, H. H. (2003). How to design and evaluate research in education. McGraw-Hill Higher Education, 366-386. google scholar
• Gollwitzer, P. M. (1999). Implementation intentions: The strong effects of simple plans. American Psychologist, 54(7), 493-503. https://doi.org/10.1037/0003-066X.54.7.493 google scholar
• Graber, M. L., Franklin, N., & Gordon, R. (2005). Diagnostic errors in internal medicine Archives of Internal Medicine, 165(13), 1493-1499. https://doi.org/10.1001/archinte.165.13.1493 google scholar
• Grol, R., & Grimshaw, J. (2003). From best evidence to best practice: Effective implementation of change in patient care The Lancet, 362(9391), 1225-1230. https://doi.org/10.1016/S0140-6736(03)14546-1https://doi.org/10.1016/S0140-6736(03)14546-1 google scholar
• Gupta, N., Vashist, S., & Verma, R. & Terang, P. P. (2025). Cybersecurity and Privacy Concerns in Digital Health Navigating Innovations and Challenges in Travel Medicine and Digital Health. https://doi.org/10.4018/979-8-3693-8774-0.ch019 google scholar
• Hair, J. F.; Black, W. C.; Babin, B. J.; Anderson, R. E. (2010). Multivariate data analysis (7th ed.). Pearson, Prentice Hall. google scholar
• İster, E. D. (2022). Nursing students’ attitudes toward registration and protection of personal health data and related factors Turkish Journal of Bioethics, 9(3), 95-104 google scholar
• Kahneman, D. (2011). Thinking, Fast and Slow. Farrar, Straus, and Giroux. google scholar
• Kaiser, H. F. (1974). An index of factorial simplicity. Psychometrika, 39(1), p. google scholar
• Kalyuga, S., Ayres, P., Chandler, P., & Sweller, J. (2003). The expertise reversal effect. Educational Psychologist, 38(1), 23-31. https://doi.org/10.1207/S15326985EP3801_4 google scholar
• Keshta, I. Odeh, A. (2021). Security and Privacy of Electronic Health Records: Concerns and Challenges Journal of Egyptian Informatics, 22(2), 177–183. google scholar
• Kırca, N., Bademli, K., Ozgonul, M. L. Karacar, Y. (2025). Relationship between the awareness of privacy, registration, and preservation of personal health data of nursing students: A cross-sectional study International Journal of Caring Sciences, 18(1), 152-164. google scholar
• Kruger, J., & Dunning, D. (1999). Unskilled and unaware of it: How difficulties in recognizing one’s own incompetence lead to inflated self-assessments Journal of Personality and Social Psychology, 77(6), 1121-1134. https://doi.org/10.1037/0022-3514.77.6.1121 google scholar
• Kurt Konca, & Badur, E. (2023). Avukatın müvekkilinin kişisel sağlık verilerine erişimine ilişkin değerlendirmeler. Selçuk Ünviersitesi Hukuk Fakültesi Dergisi, 31(1), 193-228. https://doi.org/10.15337/suhfd.1238540 google scholar
• MacCallum, R., and C. Widaman, K. F. (1999). Sample size in the factor analysis Psychological Methods, 4 (1), 84-99. https://doi.org/10.1037/1082-989X.4.1.84. google scholar
• Mahammad, S. & Rani, K. U. (2025). Secure sharing of health records stored in a cloud using cryptographic secret sharing schemes through computational intelligence: A review Computational Intelligence in Sustainable Computing and Optimization, 281-301. https://doi.org/10.1016/B978-0-443-23724-9.00015-3 google scholar
• Maraş, G. & Ceyhan, Ö. (2021). Nursing students’ attitudes toward the registration and protection of personal health data. Journal of Inonu University Health Services Vocational School, 9(2), 498-509. https://doi.org/10.33715/inonusaglik.851192 google scholar
• Mehmedović, E., & Mehmedović, A. (2023). Personal health data and the significance of its administrative protection. Uprava, 14(2), 11–37. https://doi.org/10.53028/1986-6127.2023.14.2.11 google scholar
• Olğun, S. & Adıbelli, D. (2022). Hemşirelik öğrencilerinin hastaların kişisel sağlık verilerinin kayıt ve korunmasına yönelik tutumlarının belirlenmesi. Sürekli Tıp Eğitimi Dergisi, 31(6), 441-450. https://doi.org/10.17942/sted.1063958 google scholar
• Pakiş Çetin S. & Çevik K. (2021). Hemşirelik öğrencilerinin hastaların kişisel sağlık verilerinin kayıt ve korunmasına ilişkin tutumları. Dokuz Eylül Üniversitesi Hemşirelik Fakültesi Elektronik Dergisi, 14(3), 199- 206. https://doi.org/10.46483/deuhfed.779557 google scholar
• Putnick, D. L. and Bornstein, M. H. (2016). Measurement invariance conventions and reporting: State of the art and future directions for psychological research. Developmental Review, 41, 71-90. https://doi.org/10.1016/j.dr.2016.06.004 google scholar
• Shabir, G. Kenzie, F. (2025). Enhancing Patient-Doctor Communication with Digital Tools: A Path to Better Health Literacy and Outcomes https://doi.org/10.13140/RG.2.2.15931.94248 google scholar
• Shah, S. M., & Khan, R. A. (2020). Secondary use of electronic health record: Opportunities and challenges. IEEE Access, 8, 136947–136965. google scholar
• Silva, R. R. T. (2025). A Privacy Aware Architecture for Electronic Health Records. Thesis. Faculdade de Ciências e Tecnologia da Universidade de Coimbra. google scholar
• Taber, K. S. (2018). Cronbach’s alpha is used when developing and reporting research instruments in science education. Research in Science Education, 48, 1273-1296. https://doi.org/10.1007/s11165-016-9602-2. google scholar
• Tao, X., Shi, S. & Liu, J. (2025). Established but unused? Empirical study on the impact of health records on the use of basic public health services in China Evaluation and Program Planning, 112. DOI: 10.1016/j.evalprogplan.2025.102654 google scholar
• Tural Büyük, E. & Ünaldı Baydın, N. (2020). Relationship between EI and ethical sensitivity in Turkish nursing students Turkish Journal of Bioethics, 19(2), 341-351. https://doi.org/10.5505/tjob.2020.93685 google scholar
• Türk, F., & Topuz, İ., (2024). Yeni kuşak hemşirelik öğrencilerinde hasta mahremiyetinin incelenmesi. Sivas Cumhuriyet Üniversitesi Sağlık Öğrencileri Kongresi. Sivas, Turkey google scholar
• Ülker, T. & Korkut, S. (2023). Does the consciousness of nursing students regarding privacy affect their attitudes toward the registration and preservation of personal health data? A descriptive study Ordu University Journal of Nursing Studies, 6(3), 640-648. https://doi.org/10.38108/ouhcd.1099347 google scholar
• Vandenberg, R. J., & Lance, C. E. (2000). A review and synthesis of the literature on measurement invariance: suggestions, practices, and recommendations for organizational research. Organizational Research Methods, 3(1), 4-70. https://doi.org/10.1177/109442810031002 google scholar
• Ware, S., Sukte, C., Patil, S., Patil, T., Keripale, S. & Nikam, Y. (2025). HealthX: Smart Health Record Management System with Speech Input, 2025 International Conference on Advanced Computing Technologies (ICoACT), Sivalasi, India, 1-7, doi: 10.1109/ICoACT63339.2025.11004679. google scholar
• Xu, G. & Zhao, L. (2024). Classification and retrieval of personal health data based on differential privacy International Journal of Data Mining and Bioinformatics, 29(1-2). google scholar
• Yılmaz, D. Uysal, O. (2024). Nursing students’ attitudes toward the recording and protection of patient health data: A cross-sectional study Makara Journal of Health Research, 28(2), 148-154. https://doi.org/10.7454/msk.v28i2.1604 google scholar