Data protection and information security in biomedical research: A sequential explanatory mixed study

Abstract

Purpose

Biomedical research is a pillar of every medical student’s career. When collecting data, several regulations are established to ensure the protection of individuals. Most medical students are not compliant with the guidelines, and this is probably due to a lack of knowledge. The aim of our research is to evaluate the knowledge and behavior of medical students regarding these rules, then attempt to explain the results obtained.

Methods

This is a sequential explanatory mixed study including an initial quantitative section followed by an explanatory qualitative section. For the quantitative part, we administered a questionnaire based on the information security regulation and the GDPR to third- and fourth-year medical students. We evaluated their knowledge and behaviors and their correlation. For the qualitative part, we conducted semi-structured interviews with eight students followed by thematic analysis to explain the results.

Results

Most students have a lack of knowledge. A correlation was found between the non-compliant behavior of keeping the laptop unattended in a public place and a low level of knowledge. For the qualitative section, the thematic analysis represents three groups to explain non-compliant behavior: lack of knowledge, work overload, and consideration of the hospital as a safe place.

Conclusion

Data collection and information security rules are rarely followed by medical students. This is mainly due to lack of knowledge, work overload and assuming the hospital as a safe place. Future awareness interventions would be necessary to improve non-compliant behavior and subsequently ensure a more secure environment during medical research.