Security practices and insider threats in Spanish healthcare centers: a survey-based risk assessment

Abstract

Introduction: Insider threats pose a critical risk in healthcare environments, where Hospital Information Systems (HIS) manage sensitive patients data. Authorized users may intentionally or accidentally compromise data confidentiality, integrity, and availability. This study assessed information security practices from the perspec- tive of healthcare professionals in Spanish medical centers. Methods: A descriptive, analytical, cross-sectional study was conducted using a survey administered to 41 healthcare professionals with access to confidential data. The survey covered access control, encryption at rest and in transit, communication channels, and data usage control. Descriptive statistics, Chi-square tests, and Cram´er’s V were applied to identify significant associations. K-means clustering and Silhouette coefficient were used to define user profiles. Principal Component Analysis (PCA) was used to visualize behavior patterns. A Random Forest model identified the most relevant predictive variables. Results: Critical security gaps were detected, 31.7 % reported no control over data usage. Only 29.3 % encrypted data at rest and 36.6 % during transmission. Over 40 % used personal email or messaging apps to share sensitive data, and 97.6 % relied solely on passwords for authentication. These practices are inadequate to mitigate insider threats. Conclusion: There is an urgent need to strengthen insider data protection. Security strategies should be tailored to user risk profiles. Measures must include strong authentication, full encryption, and stricter control of data transmission to reduce exposure to insider threats (intentionally or unintentionally) in healthcare settings. Additionally, there is a need to promote continuous cybersecurity training.