Revision of the Measurement Tool for Patients' Health Information Protection Awareness

Article information

Healthc Inform Res. 2016;22(3):206-216
Publication date (electronic) : 2016 July 31
doi :
1College of Nursing, Chungnam National University, Daejeon, Korea.
2College of Nursing, Eulji University, Daejeon, Korea.
3Department of Nursing, Daejeon University, Daejeon, Korea.
4Department of Public Administration, Pai Chai University, Daejeon, Korea.
Corresponding Author: Heonman Lim, PhD. Department of Public Administration, Pai Chai University, 155-40, Baejae-ro, Seo-gu, Daejeon 35345, Korea. Tel: +82-42-520-5861,
Received 2016 April 11; Revised 2016 June 18; Accepted 2016 July 05.



Despite the importance of the protection of patients' health information in clinical settings, little is known about the awareness of this concept in nursing students due to the lack of a suitable measurement tool. Hence, this study attempted to redevelop the Patients' Health Information Protection Awareness Scale, and evaluate its construct validity and reliability for nursing students.


A cross-sectional descriptive study was conducted. Nursing students who were in their 3rd and 4th year were recruited from 10 universities in Korea to assess the construct validity, and 30 experts (27 nurses and 3 faculty members) participated in the content validation process.


The content validity assessment indicated that 23 items were ideal. The assessment of construct validity using exploratory factor analysis revealed three factors: communication, management, and referrals. They together accounted for 54.1% of the variance in scale scores. The three-factor scale had good fit in the confirmatory factor analysis. Scale reliability was confirmed, with a Cronbach's alpha of 0.94 for all items.


This study was the first attempt to redevelop the Patients' Health Information Protection Awareness Scale for student nurses. The 23-item scale was shown to be a reliable and valid tool. It facilitates the assessment of nursing students' awareness of patient information protection. Academic nursing programs and health organizations can use its scores to implement adequate education plans to safeguard information in nursing students.

I. Introduction

Along with the growing area of Electronic Health Records (EHRs), healthcare providers in hospitals may easily access the health information of patients for clinical decisions. As EHRs are personal health records (PHR) [1], from the perspective of patients, enabling access to an increased number of users poses threats to security and privacy. While many countries worldwide are transitioning from paper-based to EHRs infrastructures, compliance with data protection laws has emphasized information management. For example, the European Union states may allow the processing of health data without patient consent for the purposes of preventive medicine, diagnosis, treatment, management of medical services, or otherwise under professional confidentiality obligations, only if suitable safeguards are provided [2]. Hospital accreditation standards in Korea have strengthened the security and protection of patients' information and the preservation of their privacy. Health organizations have provided guidelines and policies and offered education to their users regarding the protection of the security and privacy of EHRs. Despite these efforts, healthcare providers, including physicians and nurses, lack information on how to protect medical information and what information should be protected in Korea [3]. One possible reason is that healthcare providers are not instructed on how to manage their patients' information during their education.

Although nursing students cannot access patients' information in the same way as healthcare providers, medical records may be partially open to nursing students to enable them to acquire clinical experience during their clinical placement. According to organizational policy, limited information might be offered to nursing students in terms of personal identification [4]. In a study by Kim et al. [4], most nursing students received education on patient privacy protection in schools or hospitals, but over half of programs provided 10 minutes or less of education and the content was not specific. When nursing students encounter various types of patient information, they may not know how to handle them properly because of their brief education. Generally, behavior change is linked to a change in awareness. As shown in previous studies, a higher level of awareness regarding health information protection is associated with greater protection of private patient information among both healthcare providers and nursing students [345]. Despite the importance of health information security and privacy protection, little is known about nursing students' awareness of these concepts because no proper measurement scale exists.

Recently, Lee et al. [6] developed a 15-item tool for measuring privacy concerns regarding personal health information for citizens based on guidelines in Korea. Nevertheless, most studies on safeguarding health information have surveyed public awareness using unstructured questionnaires or have introduced principles and guidelines for healthcare professionals [78]. As such, studies that have measured awareness and performance of patients' information protection have assessed perspectives on private health information using invalid scales. For example, Lee and Park [3] investigated private health information of healthcare providers using four subdomains (primary nursing, referral activities, patients' information, and communication) with a 39-item scale that was developed by the authors. Since then, this four-subdomain 39-item scale was also used with nursing students for assessing recognition and behavior regarding health information protection after the items were reworded [49]. Those researchers pointed out that Lee and Park's scale should be revised with simpler or shorter items because it did not reflect the role of nursing students. For this reason, several items could have an ambiguous meaning and may not be clear to nursing students.

Thus, the purpose of this study was to redevelop the Patients' Health Information Protection Awareness (PHIPA) scale and evaluate its construct validity and reliability for nursing students.

II. Methods

1. Study Design

A cross-sectional descriptive study was conducted to develop the PHIPA scale and evaluate its validity and reliability for nursing students.

2. Participants

Two different groups of participants were involved in the development and validation of the PHIPA scale. First, 27 nursing experts who had worked in hospitals for at least 15 years and 3 nursing faculty members who were teaching clinical nursing checked each item for content validity.

Second, nursing students in their 3rd and 4th year were recruited from 10 universities in Korea for the validation of the PHIPA scale. The inclusion criteria for this study were nursing students who were in a clinical placement and who agreed to the research objectives. One thousand self-administered paper-and-pencil questionnaires were distributed to nursing students. Of these, 819 participants agreed to participate, and their data were collected. The response rate for this study was 81.9%. Data were collected in April 2015.

3. Questionnaire Revision Process

To generate the initial items, two steps were performed.

First, we reviewed existing instruments and prior studies to generate items [3410]. Each item of the PHIPA scale was derived from Lee and Park [3] and Kim et al. [4] scales. Based on the items of Kim et al. [4], the initial items were generated and then compared with Lee and Park's tool. During this process, the meaning of Kim et al.'s tool was not changed. Items were scored on a 5-point Likert scale from 'absolutely agree' (score of 5) to 'absolutely do not agree' (score of 1).

Second, the response format and redundancy/clarity of wording were inspected by 5 nursing students to determine whether the questionnaire measured what it purported to measure. Through this process, we rechecked the appropriateness and comprehensiveness of each item for the target population of nursing students. No inappropriate items were identified.

4. Data Analysis

It was confirmed that there were no missing values and no ceiling or floor effect existed before the mean (SD) score for each item was calculated before validation.

To develop the PHIPA scale, content validity, construct validity, and reliability were assessed. The 39-item scale was distributed to experts, namely, 3 nursing professionals in nursing schools and 27 clinical nurses in hospitals, to assess the content face validity. The focus was to evaluate the items sampled for inclusion on the PHIPA scale [11]. The content validity index (CVI) was used to evaluate content validity [11]. We checked whether the items sampled for inclusion in the tool adequately represented the domain of content. The content validity of each item was rated using a 4-point rating scale: 1, not relevant; 2, somewhat relevant; 3, quite relevant; and 4, very relevant. The CVI is defined as the proportion of items given a rating of quite/very relevant [11]. CVIs were calculated for each item to assess content validity, and items with values of 0.78 or higher were selected [12].

After the evaluation of content validity, Exploratory Factor Analysis (EFA) and Confirmatory Factor Analysis (CFA) using a pool of items were then performed to assess the PHIPA's construct validity. Before the EFA analysis, the Kaiser-Meyer-Olkin (KMO) index and Bartlett's test were conducted to determine the appropriateness of EFA. KMO index values between 0.5 and 1.0 indicate that factor analysis is appropriate. However, when the probability level (p) of Bartlett's test is greater than 0.05, factor analysis is not appropriate. In our study, the value of the KMO index was 0.978, and the probability level (p) of Bartlett's test was <0.001. We then performed an EFA using principal axis factoring with a direct oblimin rotation in subsample A because this method effectively identifies the component parts of a scale according to the correlations between the factors [13]. Factors were initially extracted based on their eigenvalues (>1.0) and the scree plot [14]. Consistent with Costello and Osborne's guidelines [13], after rotation, we selected items with loadings above 0.32 and ensured that there were no items with cross-loadings of over 0.20 on more than two factors.

CFA was performed using SPSS AMOS ver. 21 with subsample B to confirm the model fit for the chosen factors. Chi-square goodness-of-fit (χ2/df), the normed fit index (NFI), the standardized root mean square residual (SRMR), and the comparative fit index (CFI) were used to estimate the model's fit. The chi-square goodness-of-fit test revealed a difference between the observed covariance matrix and the one predicted by the specified model. However, this index is sensitive to sample size; therefore, the relative goodness of fit indices, such as the NFI, CFI, and SRMR, are strongly recommended [15]. A low chi-square value that is not significant indicates that the hypothesized model is a good fit [16]. Values of other indices indicating an acceptable fit are NFI ≥ 0.80, CFI ≥ 0.80, and SRMR ≤ 0.08 [17]. Convergence was also estimated by analyzing the composite reliability (CR, >1.965), standardized regression weight (>0.5), and average variance extracted (AVE, >0.5) [18]. For discriminant validity, the correlation coefficient r-values among factors were compared with the value of AVE. If the value of AVE was higher than each r-value among factors, discriminant validity can established.

Internal consistency reliability was assessed using Cronbach's alpha. The value of Cronbach's alpha after each item had been deleted was also considered for item selection. During item analysis, item-total correlations were checked to ensure their values were at least 0.30 [19]. Finally, known-groups validity was examined by comparing the PHIPA scores of the 3rd and 4th grade nursing student groups.

IBM SPSS Statistics ver. 20 and SPSS AMOS ver. 21 statistical software programs (SPSS Inc., Chicago, IL, USA) were used for data analyses, and a significance level of 0.05 was applied.

5. Ethical Considerations

All study procedures were approved by Chungnam National University Institutional Review Board (2-1046881-A-N-01-201503-HR-011-01-03). Before collecting data, we explained the research objectives and procedures (including voluntary participation, withdrawal, anonymous data collection, and the use of data solely for research purposes). Participants provided their written informed consent before participation. The informed consent form included the aims, procedure, and anonymity policy of the study. A pen and envelope were provided along with the survey questionnaire and instructions that the completed survey should be sealed in the provided envelope to ensure that the survey information would be kept confidential as it was returned to the researchers.

III. Results

1. Demographics of Participants

Table 1 summarizes the sample's demographic characteristics.

Table 1

General characteristics of subsamples A and B

To establish construct validity, data from the total sample (n = 819) were randomly divided into subsample A (n = 409) for the EFA group and subsample B (n = 410) for the CFA group using SPSS. Demographics between the two subsamples did not significantly differ in terms of age, sex, academic year, and religion.

The mean ages of subsamples A and B were 21.79 (SD = 2.70) and 21.48 (SD = 2.42), respectively, and the majority of participants (about 98.0%) were female in both subsamples. The number of participants in 3rd year was 417 (50.9%), and the number in 4th year was 402 (49.1%) in both subsamples combined. The numbers of participants having religion were 224 (54.8%) and 204 (49.8%) for subsamples A and B, respectively.

2. Content Validity

Twenty-three items had CVIs of 0.78 or higher [12]. Based on the results, 16 items were eliminated from the pool for inclusion, which had CVIs ranging from 0.50 to 0.77. Therefore, we generated a 23-item PHIPA scale to assess construct validity and reliability. Table 2 presents the items eliminated as a result of the CVIs.

Table 2

Sixteen items eliminated through content validity analysis

3. Item Analysis and Internal Consistency

After the 23 PHIPA items had been confirmed in terms of content validity, the item-total correlation and reliability of subsample A were calculated. All items were retained because each item had an item-total correlation of more than 0.3, with a range from 0.38 to 0.75. As shown in Table 3, the mean scores of all items ranged from 3.09 (SD = 0.97) to 4.35 (SD = 0.74).

Table 3

Exploratory factor analysis

The internal consistency of the 23 PHIPA items in subsample A was calculated using Cronbach's alpha. The Cronbach's alpha of all 23 items was 0.94. The Cronbach's alpha values for the three subscales measuring communication, patient information management, and referral were 0.92, 0.90, and 0.80, respectively.

4. Exploratory Factor Analysis

The EFA for the 23 PHIPA items revealed that the three-factor solution was the best way to categorize the subsample A data. The scree plot of eigenvalues showed an elbow point between three and four factors; factors with an eigenvalue greater than 1 could be retained. The first factor had an eigenvalue of 9.882 and accounted for 42.97% of the variance in the scale. The eigenvalues of the second and third factors were 1.462 and 1.101, respectively, and explained an additional 11.141% of the variance. The oblimin rotation revealed a separation of items with loadings ≥0.40 onto three factors. None of the items on any of the three factors needed to be dropped. Nine items had loadings on Factor 1 ranging from 0.656 to 0.800. Of the remaining 14 items, 11 items and 3 items with loadings above 0.4 were placed in Factor 2 and Factor 3, respectively. Given that we designated orthogonal factors, we named Factor 1 the 'communication domain', Factor 2 the 'management domain', and Factor 3 the 'referral domain'.

The communication domain consisted of nine items about how to protect information when nursing students explain various procedures to patients and discuss patients' information with their colleagues, etc. For example, the item "When nursing students explain hospital admission procedures, they do it so that they are not heard by other patients, guardians, or unrelated staff" was designated in the communication domain.

The management domain comprised 11 items about what nursing students should be aware of for assessing and managing the private information of patients. The item "Nursing students log out when they finish using the medical information system" was included in the management domain.

The referral domain included items on medical records or personal computers in the unit that contained patients' information and should not be available to visitors. For example, "Patient notice boards containing patient records in the units should not be accessible to persons other than patients and medical staff, such as visitors, insurers, or dealers of medical appliances." Table 3 shows the EFA results.

5. Confirmatory Factor Analysis

The CFA results revealed that the three-factor solution had a good model fit. Generally, CFA involves inferential statistics that allow for hypothesis testing about the unidimensionality of a set of measures, which can lead to a more objective interpretation of unidimensionality than does EFA [20]. Although χ2 values for this three-factor solution model were significant due to larger sample sizes and relatively small discrepancies between the observed data matrix and the predicted matrix [21], the other indices of model fit were acceptable: NFI = 0.848, SRMR = 0.059, and CFI = 0.881 for the PHIPA scale with three factors.

To establish convergent validity, the CR, standardized regression weight, and AVE were estimated for each factor. The values of CR and standardized regression weight were higher than 0.5 in each item. The value of AVE for communication, management, and referral were 0.917, 0.911, and 0.919, respectively (Table 4). Those values of AVE (range, 0.911–0.919) in each factor were higher than correlation coefficient r-values between factors (range, 0.453–0.709) (Table 4). The model is shown in Figure 1.

Table 4

Correlation matrix among three factors (communication, management and referral)

Figure 1

The Patients' Health Information Protection Awareness (PHIPA) construct using confirmatory factor analysis (italic value: squared multiple correlation, normal value: regression weight).

6. Correlation among Factors

Significant associations among factors are shown in Table 4. The communication factor was positively correlated with management (r = 0.709, p < 0.001) and referral (r = 0.453, p < 0.001). The factor for management was also significantly positively correlated with referral (r = 0.525, p < 0.001).

7. Known-Groups Validity

To test known-groups validity, the factor and total scores were compared between 3rd and 4th grade nursing students using subsample A. The factor scores (communication, management, and referral) did not differ between the two grades. However, the 4th grade nursing students tended to have higher scores on all factors than 3rd grade nursing students. Table 5 presents these results.

Table 5

Comparison of PHIPA score between 3rd and 4th grade

IV. Discussion

The protection of patients' information in healthcare settings is crucial in terms of ethical and legal responsibilities. In the present study, we revised an existing scale for assessing awareness of patients' information protection among nursing students, and then evaluated its psychometric properties. Our findings showed that the 23-item PHIPA scale was reliable and had good construct validity.

Through the content validity process, 16 items were eliminated from the scale. Most of the eliminated items did not reflect nursing students' roles during clinical placements. For instance, nursing students are able to observe the admission and discharge process of patients but are not involved in explaining the procedure actively. For that reason, one item ("When nursing students explain hospital admission procedures, they do it so that it is not heard by other") was eliminated. Likewise, several nursing care items such as "taking written permission" and "communicating with staff who work in other departments" did not apply to nursing students. However, some items could be merged because of having the same contexts. For instance, the items "Medical records should not be used for education without patients' permission" and "Medical records should not be used for research without patients' permission" were merged into one item: "Medical records should not be used for education/research without patients' permission." Therefore, these excluded items did not adequately capture the context of the nursing students' role.

The 23-item PHIPA scale was categorized into three factors: communication, management, and referral using EFA and CFA. These factors included fewer items in this study. Lee and Park [3] used a 5-subdomain scale to measure nurses' perceptions and performance of protecting patient privacy, and Kim et al. [4] used a modified 4-subdomain version of Lee and Park's scale with nursing students. Because the tool that was used in Lee and Park's study [3] was developed for nurses in clinical settings, it included a wide range of health information protection behaviors. In contrast, the tool used by Kim et al. [4] may reflect the limited role of nursing students in terms of information protection; however, the meaning of the subdomains (primary nursing, patient referral activities, patient information, and private conversation) was not clear. Compared to the tool used by Kim et al. [4], the use of three factors (communication, management, referral) may contribute to reduced confusion and may result in a shortened scale.

These three factors were similar to those identified in a prior study, in terms of perspective [6]. Lee et al. [6] developed a tool for measuring citizens' privacy concerns regarding personal medical information within three domains: "Concerns about unauthorized secondary use of personal medical information," "Concerns about the collection of personal medical information," and "Concerns about errors in personal medical information". Surprisingly, "Concerns about personal medical information" might have a similar meaning in terms of context from a patient's perspective. For example, the communication subdomain may correspond to "Concerns about collection" and the referral factor may be associated with "Concerns about secondary use and access" from Lee et al.'s tool. Although we could not test concurrent validity with a tool designed to measure patients' perspectives regarding their private information, such as by measuring correlations with Lee et al.'s tool, this could be done in the future.

In our study, the internal consistency of the 23-item PHIPA scale was high, as shown by the Cronbach's alpha values for the subdomains: communication (0.92), management (0.90), and referral (0.80). Values of Cronbach's alpha higher than 0.70 for self-report instruments indicate a reliable instrument. That is, each item within the three factors of the PHIPA scale measured the same construct. Ceiling and floor effects were not observed for the PHIPA scale, indicating that responses were accurate. When the score using 28 items was compared to the results of Kim et al. [4], several differences were found. The mean score for 'referral' was the highest among factors in this study, whereas the subdomain 'communication' showed the highest score in the study by Kim et al. [4]. This may be due to differences in constructs between items.

Based on our findings, we can provide practical, educational, and ethical suggestions for nursing education. First, awareness of patients' information protection can be adequately assessed using the PHIPA scale for nursing students because the PHIPA scale is composed of three factors, which can be administered easily. To date, studies have focused on the perspectives of patients or health professionals regarding the protection of private information [367]. Using the PHIPA scale, we can investigate the awareness of nursing students and compare awareness among students attending health-related university programs, such as medical school.

Second, we can build a curriculum to enhance ethical attitudes regarding private health information based on the level of awareness of nursing students. Nursing schools in Korea have already included general ethics and legal issues in the curriculum. However, the content and amount in the curriculum do not meet the needs of students in terms of social responsibility for protecting information. Therefore, a tailored educational program could be applied based on assessments of the awareness of private information using the PHIPA scale with nursing students.

Third, use of the PHIPA scale may guide the organization of the healthcare system and policies about safeguarding patient privacy for nursing students who belong to various nursing schools. According to the guide to privacy and security for health information by the Office of the National Coordinator (ONC), staff are not only routinely educated about guidelines for information security in their organization at least once a year, but also when procedures change [22]. Through routine education, students can apply updated procedures and policies on protecting patients' information to patients in clinical settings. However, guidelines for safeguarding health information in Korea have not been clearly presented in policies for students attending medical or nursing school, due to aspects of their level of awareness. Thus, the PHIPA scale can provide a foundation to guide the development of students during their clinical experience.

Lastly, educational institutions, such as nursing schools and healthcare organizations, ultimately can identify the level of access to information based on results from the PHIPA scale. Only authorized individuals in healthcare settings should have access to information to preserve confidentiality [23]. That is, the level of information access needed by authorized users can be determined through the process of controlling access to who can see what information. However, many healthcare organizations including university hospitals in Korea do not consider students fully included in the process of controlling access. According to the Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security Rules, nursing students should be able to access information that they need to fulfill the different tasks required within their role [23]. As a designating user privilege is critical in medical record security, the PHIPA scale can be used to analyze the practice of nursing students in terms of information use.

Nevertheless, this study had some limitations. First, we collected data using self-report questionnaires that may be subject to socially desirable responding. Second, the items of the PHIPA scale were derived from guidelines and experts' suggestions in clinical settings in Korea. This item generation process may not reflect the present state of health information security. Therefore, the PHIPA scale may have a biased view of the Korean healthcare environment. In further study, other political and cultural contexts should be included in PHIPA to include various clinical implications. Methodological limitations indicate the need for further revision of the PHIPA scale. First, the stability of the PHIPA scale using the test-retest method was not assessed. Second, in the process of item analysis, the item-total correlation guideline of r > 0.03 was applied following the guideline of Nunnally and Bernstein [19], despite a higher item-total r value (>0.4) being recommended in a prior study [24]. Items of the PHIPA scale would be reduced if this stricter criterion were applied. Third, when factors were extracted, the eigenvalue-greater-than-one rule was applied; however, this method can overestimate the number of factors, whereas the parallel analysis can provide an estimate of eigenvalues for items that have no common factors. We have evaluated the convergent and discriminant validity in CFA; however, a multitrait-multimethod analysis should be conduct to appropriately confirm the convergent and discriminant validity in future study.

Despite these limitations, the PHIPA scale provides information on the level of education that should be delivered to nursing students and the kinds of information that should be accessible to nursing students. Moreover, the policies of educational institutions and health organizations should determine the level of information that is accessible to nursing students.

The 23-item PHIPA scale revised in this study was shown to be a reliable and valid tool consisting of three domains: communication, information, and referral. Nursing students' awareness regarding patient information in healthcare settings can be assessed using the PHIPA scale. Based on this assessment of the PHIPA, education regarding patients' private information in academic nursing environments and level of information access in healthcare organizations can be appropriately applied.


Conflict of Interest: No potential conflict of interest relevant to this article was reported.


1. Haas S, Wohlgemuth S, Echizen I, Sonehara N, Muller G. Aspects of privacy for electronic health records. Int J Med Inform 2011;80(2):e26–e31. 21041113.
2. Agrawal R, Johnson C. Securing electronic health records without impeding the flow of information. Int J Med Inform 2007;76(5-6):471–479. 17204451.
3. Lee MY, Park YI. A study on the nurse's perception and performance of protecting patient privacy. Clin Nurs Res 2005;11(1):7–20.
4. Kim CH, Jeong SY, Song YS. Recognition and performance of patient private information protection (PPIP) in nursing students. J Digit Policy Manag 2013;11(11):479–490.
5. Lee IH, Shin AM, Son CS, Park SY, Park HJ, Yoon KI, et al. Understanding the behavior of physical therapists and occupational therapists in protecting patient's medical information: an application of the theory of planned behavior. J Korean Soc Phys Ther 2010;22(2):55–60.
6. Lee KH, Chung YC, Han KS, Song TM. Development and validation of privacy concern measurement tool in personal medical information. KIPS Trans Comput Commun Syst 2014;3(6):197–208.
7. Riordan F, Papoutsi C, Reed JE, Marston C, Bell D, Majeed A. Patient and public attitudes towards informed consent models and levels of awareness of Electronic Health Records in the UK. Int J Med Inform 2015;84(4):237–247. 25649841.
8. Yang CM, Lin HC, Chang P, Jian WS. Taiwan's perspective on electronic medical records' security and privacy protection: lessons learned from HIPAA. Comput Methods Programs Biomed 2006;82(3):277–282. 16730852.
9. Jung KI, Jung HY. A study on the student nurse's perception and performance protecting behavior for the patient medical information. Korean J Health Serv Manag 2011;5(4):65–79.
10. Buppert C. Safeguarding patient privacy. Establish department compliance with new federal regulations on individually identifiable health information. Nurs Manage 2002;33(12):31–35. 12488636.
11. Waltz CF, Strickland O, Lenz ER. Measurement in nursing and health research 4th edth ed. New York (NY): Springer; 2010.
12. Polit DF, Beck CT, Owen SV. Is the CVI an acceptable indicator of content validity? Appraisal and recommendations. Res Nurs Health 2007;30(4):459–467. 17654487.
13. Costello AB, Osborne JW. Best practice in exploratory factor analysis: four recommendations for getting the most from your analysis. Pract Assess Res Eval 2005;10(7):1–9.
14. Thompson B, Daniel LG. Factor analytic evidence for the construct validity of scores: a historical overview and some guidelines. Educ Psychol Meas 1996;56(2):197–208.
15. Bentler PM. Comparative fit indexes in structural models. Psychol Bull 1990;107(2):238–246. 2320703.
16. Schaufeli WB, Salanova M, Gonzalez-roma V, Bakker AB. The measurement of engagement and burnout: a two sample confirmatory factor analytic approach. J Happiness Stud 2002;3(1):71–92.
17. Hu LT, Bentler PM. Cutoff criteria for fit indexes in covariance structure analysis: conventional criteria versus new alternatives. Struct Equ Modeling 1999;6(1):1–55.
18. Fornell C, Larcker DF. Evaluating structural equation models with observable variables and measurement error. J Mark Res 1981;18(1):39–50.
19. Nunnally JC, Bernstein IH. Psychometric theory 3rd edth ed. New York (NY): McGraw-Hill; 1994.
20. O'Leary-Kelly SW, Vokurka RJ. The empirical assessment of construct validity. J Oper Manag 1998;16(4):387–405.
21. Birch LL, Fisher JO, Grimm-Thomas K, Markey CN, Sawyer R, Johnson SL. Confirmatory factor analysis of the Child Feeding Questionnaire: a measure of parental attitudes, beliefs and practices about child feeding and obesity proneness. Appetite 2001;36(3):201–210. 11358344.
22. The Office of the National Coordinator for Health Information Technology. Guide to privacy and security of health information (version 1.2) Washington (DC): US Department of Health and Human Services; 2005.
23. Harman LB, Flite CA, Bond K. Electronic health records: privacy, confidentiality, and security. Virtual Mentor 2012;14(9):712–719. 23351350.
24. Kim SY, Shim JY, Won WJ, Sun WS, Park HK, Lee JK. The development of the Korean Health Related Quality of Life Scale (KQUOLS): testing reliability and validity. J Korean Acad Fam Med 2000;21(3):382–394.

Article information Continued

Figure 1

The Patients' Health Information Protection Awareness (PHIPA) construct using confirmatory factor analysis (italic value: squared multiple correlation, normal value: regression weight).

Table 1

General characteristics of subsamples A and B

Table 1

Values are presented as mean ± SD or number (%).

Table 2

Sixteen items eliminated through content validity analysis

Table 2

CVI: Content Validity Index.

Table 3

Exploratory factor analysis

Table 3

Table 4

Correlation matrix among three factors (communication, management and referral)

Table 4

AVE: average variance extracted.

Table 5

Comparison of PHIPA score between 3rd and 4th grade

Table 5

Values are presented as mean (SD).