<p>This study examines physicians’ perceptions of privacy and data protection in Turkey’s national personal health record system, e-Nabız. While e-Nabız enhances continuity of care through centralized access to prescriptions, laboratory results, imaging, and clinical records, its centralized governance model raises concerns regarding unauthorized access, accountability, and alignment with professional privacy norms. To empirically investigate these concerns, we conducted a survey with 309 healthcare professionals. The results reveal a pronounced usage–trust paradox: although system usage is high (87%), only 56% of respondents consider existing data-protection mechanisms adequate, and a substantial proportion express concerns about potential misuse or leakage of health data. Importantly, physicians’ concerns are not primarily directed at the absence of role-based access control (RBAC), but at the lack of verifiable enforcement, transparent oversight, and tamper-evident auditability of access decisions. This indicates a perceived misalignment between expected information flows grounded in the physician–patient confidentiality context and the opaque governance of access practices within the system. Based on these findings, the study derives a governance-oriented design implication: a supplementary layer in which RBAC decisions and access events are recorded through blockchain-supported immutable logs and smart contracts to enhance accountability and auditability. The proposed approach does not store medical data on the blockchain; rather, it aims to make authorization and access histories verifiable and resistant to manipulation. The study contributes a physician-centered empirical assessment of privacy governance in a nationwide digital health system and highlights the importance of transparent, enforceable access governance for sustaining professional trust.</p>

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

A study on physicians’ perceptions of privacy in the context of the e-Nabiz (e-Pulse) in the Turkish healthcare system

  • Cihan Unal,
  • Hakan Yildirim

摘要

This study examines physicians’ perceptions of privacy and data protection in Turkey’s national personal health record system, e-Nabız. While e-Nabız enhances continuity of care through centralized access to prescriptions, laboratory results, imaging, and clinical records, its centralized governance model raises concerns regarding unauthorized access, accountability, and alignment with professional privacy norms. To empirically investigate these concerns, we conducted a survey with 309 healthcare professionals. The results reveal a pronounced usage–trust paradox: although system usage is high (87%), only 56% of respondents consider existing data-protection mechanisms adequate, and a substantial proportion express concerns about potential misuse or leakage of health data. Importantly, physicians’ concerns are not primarily directed at the absence of role-based access control (RBAC), but at the lack of verifiable enforcement, transparent oversight, and tamper-evident auditability of access decisions. This indicates a perceived misalignment between expected information flows grounded in the physician–patient confidentiality context and the opaque governance of access practices within the system. Based on these findings, the study derives a governance-oriented design implication: a supplementary layer in which RBAC decisions and access events are recorded through blockchain-supported immutable logs and smart contracts to enhance accountability and auditability. The proposed approach does not store medical data on the blockchain; rather, it aims to make authorization and access histories verifiable and resistant to manipulation. The study contributes a physician-centered empirical assessment of privacy governance in a nationwide digital health system and highlights the importance of transparent, enforceable access governance for sustaining professional trust.