Conceptualising People, Process, Technology, Data, Governance and Continuous Improvement (2PTDGC) as a Framework to Explore the Cybersecurity Awareness and Process of Australian Medical Practices

Authors

Dany Duong, University of Canberra, Faculty of Science and TechnologyFollow
Hamed Sarbazhosseini, University of Canberra, Faculty of Science and TechnologyFollow
Mohammad Abu Alsheikh, University of Canberra, Faculty of Science and TechnologyFollow
Wanli Ma, University of Canberra, Faculty of Science and TechnologyFollow

Abstract

Australian medical practices (AMPs) form the backbone of primary healthcare in Australia’s health system and mandated legislatively to protect patient information. Located at the juncture between the small business and healthcare sectors, industry reporting indicates small medical practices face significant cyber threat and increasing risk of cyberattacks (Barrett and Parisi 2023). Yet, there is sparse scholarly work in this area. This paper conceptualises people, process, technology, data, governance and continuous improvement (2PTDGC) as a framework to explore the cybersecurity awareness and process of AMPs; the results of which could inform the development of a cybersecurity assessment framework tailored specifically for AMPs. Grounded in a socio-technical systems of governance, the 2PTDGC framework builds on the tripartite pillars of cybersecurity: people, process and technology. The framework could be utilised to inform research design, structure information collection requirements and analyse collected data.

Recommended Citation

Duong, Dany; Sarbazhosseini, Hamed; Alsheikh, Mohammad Abu; and Ma, Wanli, "Conceptualising People, Process, Technology, Data, Governance and Continuous Improvement (2PTDGC) as a Framework to Explore the Cybersecurity Awareness and Process of Australian Medical Practices" (2024). ACIS 2024 Proceedings. 127.
https://aisel.aisnet.org/acis2024/127