MedISA
Medical Centre Employee Centered Information Security Awareness
Catalogue
As part of the MedISA research, various instruments for measuring Information Security Awareness have been compiled in a catalogue, which can be used for further research and practical applications. The compiled instruments provide evidence of reliability and validity; however, the scientific quality criteria vary. For more information, please refer to the associated publications.
Name: The Human Aspects of Information Security Questionnaire (HAIS-Q) DOI: https://doi.org/10.1016/j.cose.2017.01.004
Added: 2017
Added: 2017
Name: Simplified Information Security Awareness Scale (SISA) DOI: https://doi.org/10.3233/SHTI210248
Added: 2021
Added: 2021
Name: Information Security Attitude Questionnaire for Nurses (ISA-Q) DOI: https://doi.org/10.1002/nop2.1353
Added: 2022
Added: 2022
Name: Mobile Information Security Awareness Scale (MISAS) DOI: https://doi.org/10.1108/OIR-04-2020-0129
Added: 2021
Added: 2021
Name: Security Behavior Intentions Scale (SeBIS) DOI: https://doi.org/10.1145/2702123.2702249
Added: 2015
Added: 2015
Name: SABS ISO/IEC 17799 Scale with Focus on Hospitals (SIIS) DOI: https://www.cabidigitallibrary.org/doi/full/10.5555/20163074395
Added: 2015
Added: 2015
Name: Cyber Security Awareness Scale Based on Recommendation of ENISA and the U.S. HHS (CSAS) DOI: http://hdl.handle.net/10125/64215
Added: 2020
Added: 2020
Name: End-User Security Attitudes Scale (SA-6) DOI: https://www.usenix.org/conference/soups2019/presentation/faklaris
Added: 2019
Added: 2019
Name: Security Awareness Scale for Health Care Information Systems (SAS-HIPAA) DOI: https://doi.org/10.48009/1_iis_2011_224-236
Added: 2011
Added: 2011
Name: Hospital Staff’s Risky Cybersecurity Practices Scales (RCSPS) DOI: https://doi.org/10.1145/3465481.3470094
Added: 2021
Added: 2021
Cyber Security Awareness Scale Based on Recommendation of ENISA and the U.S. HHS (CSAS)
Response Specification: Single and multiple-choice questions
| Item |
|---|
| Did you have cyber security training at work? |
| Do you think that the electronic circulation of documents at your healthcare site is adequately protected? |
| Do you use a mobile device (smartphone or tablet) to read electronic medical records? |
| Can you copy medical records to a non-secured portable storage? |
| The program for creating and processing electronic medical records does not allow granting physicians the rights to: |
| When making an incorrect entry in the electronic medical records system, the entry...: (3 correct answers) |
| Does the electronic medical record system allow you to: (multiple choice, 2 correct answers) |
| Item |
|---|
| Do you know the legal consequences related to the public disclosure of a patient’s medical data? |
| Can you securely send a patient’s medical records by email? |
| Are you aware of the existence of simple online tools that allow you to impersonate any email address? |
| Can you electronically sign documents? |
| Do you issue medical certificates in the form of digitally signed documents? |
| What conditions must exist to consider edocuments secure? |
| Does a pdf file containing the scan of a printed and signed document have more legal value than a pdf document without an electronic signature (in Poland)? |
| Is the software on your computer continuously updated? (2 correct answers) |
| Item |
|---|
| If you find a pen drive in a cafe, will you connect it to your computer at work? ...: (2 correct answers) |
| You received an email in your work inbox with information from the system administrator asking you to click on a link, log in, and confirm your password to conduct administrative tasks in the system. What will you do? ...: (3 correct answers) |
| You received medical documentation (in the form of a.pdf file) as an email attachment regarding a patient from another specialist. Can you trust that the documentation received is authentic? How can you check it? (multiple choice, 2 correct answers) |