The purpose of this study was to understand healthcare staffs' information security (IS) practices towards mitigating data breaches. A literature survey was conducted to understand the state-of-the-art methods, tools, evaluation techniques and the challenges to their implementation. The results would be used for emperical studies in a hospital setting in Norway on Healthcare Security Practice Analysis, Modeling and Incentivization (HSPAMI). Human Aspect of Information Security Questionnaire was identified as robust and comprehensive tool for gathering staff security practices. Integrated theories was being adopted to form a comprehensive staffs' characteristics. A mixed-method for evaluating the theories was also identified to be the best strategy.
Keywords: Healthcare Staff; Information Security; Social Demography; Social-Culture.