2026-04-14T00:28:13Zhttps://uvadoc.uva.es/oai/request

oai:uvadoc.uva.es:10324/795072025-11-10T20:01:12Zcom_10324_1191com_10324_931com_10324_894col_10324_1379

Security practices and insider threats in Spanish healthcare centers: a survey-based risk assessment Herrera Montano, Isabel Góngora Alonso, Susel Sañudo García, Soledad García Aranda, José Javier Rodrígues, Joel J.P.C. Torre Díez, Isabel de la Cybersecurity Healthcare Insider threats Information security Survey 3304.13 Dispositivos de Transmisión de Datos Producción Científica Introduction: Insider threats pose a critical risk in healthcare environments, where Hospital Information Systems (HIS) manage sensitive patients data. Authorized users may intentionally or accidentally compromise data confidentiality, integrity, and availability. This study assessed information security practices from the perspec- tive of healthcare professionals in Spanish medical centers. Methods: A descriptive, analytical, cross-sectional study was conducted using a survey administered to 41 healthcare professionals with access to confidential data. The survey covered access control, encryption at rest and in transit, communication channels, and data usage control. Descriptive statistics, Chi-square tests, and Cram´er’s V were applied to identify significant associations. K-means clustering and Silhouette coefficient were used to define user profiles. Principal Component Analysis (PCA) was used to visualize behavior patterns. A Random Forest model identified the most relevant predictive variables. Results: Critical security gaps were detected, 31.7 % reported no control over data usage. Only 29.3 % encrypted data at rest and 36.6 % during transmission. Over 40 % used personal email or messaging apps to share sensitive data, and 97.6 % relied solely on passwords for authentication. These practices are inadequate to mitigate insider threats. Conclusion: There is an urgent need to strengthen insider data protection. Security strategies should be tailored to user risk profiles. Measures must include strong authentication, full encryption, and stricter control of data transmission to reduce exposure to insider threats (intentionally or unintentionally) in healthcare settings. Additionally, there is a need to promote continuous cybersecurity training. Instituto da Telecomunicações da Delegação da Covilhã, Portugal. This work is partially funded by Brazilian National Council for Scientific and Technological Development - CNPq, via Grant No. 306607/2023-9. Ministerio de Ciencia, Innovación y Universidades (MICINN), a la Agencia Estatal de Investigación (AEI), así como al Fondo Europeo de Desarrollo Regional (FEDER, UE) M0CIN/AEI/10.13039/501100011033 y “FEDER Una manera de hacer Europa” (grant number PID2021-122210OB-I00) 2025-11-10T11:43:17Z 2025-11-10T11:43:17Z 2026 info:eu-repo/semantics/article info:eu-repo/semantics/publishedVersion https://doi.org/10.1016/j.ijmedinf.2025.106107 International Journal of Medical Informatics, 2025, vol. 205, p. 106107 1386-5056 https://uvadoc.uva.es/handle/10324/79507 106107 International Journal of Medical Informatics 205 eng https://www.sciencedirect.com/science/article/pii/S1386505625003247 Attribution-NonCommercial-NoDerivatives 4.0 Internacional info:eu-repo/semantics/openAccess http://creativecommons.org/licenses/by-nc-nd/4.0/ © 2025 The Author(s) application/pdf Elsevier