CHAPTER THREE

3.0 Research Methodology

3.1 Introduction

This chapter aims to outline the carefully planned methodological steps that will be employed
in this study. The primary objective of this research is to comprehensively investigate the
multifaceted challenges and consequences of cybersecurity within the healthcare sector. The
healthcare industry has undergone a profound digital transformation, where technology and
data management play pivotal roles. This emphasizes the significance of understanding and
addressing the complex issues within this sector, where technology, patient confidentiality,
well-being, and data security are major concerns.

The healthcare domain represents a unique and critical area in which technology, patient care,
and data management are intricately interwoven, presenting both substantial opportunities
and a myriad of risks. The convergence of these three domains necessitates a robust research
methodology capable of effectively capturing the complexities and challenges faced by
healthcare institutions in securing their digital infrastructure.

3.2 Research Philosophy

A positivist philosophy will be adopted. It is believed that knowledge, especially in the realm
of social contexts, can be observed and documented objectively.

3.3 Research Approach

A deductive approach will be used. This approach is deemed suitable because it allows a
systematic way to gather data and draw conclusions based on established theories.

3.4 Research Design

A descriptive research design will be chosen to gain a detailed understanding of the topic.
This design will aid in presenting a comprehensive view of the effects of cybersecurity on the
healthcare sector.
3.5 Data Types and Collection Methods

Qualitative Data: Insights, opinions, and detailed narratives will be sought.

Collection Method: Semi-structured interviews will be conducted with relevant stakeholders

in the healthcare sector.

Quantitative Data: Factual data and measurable feedback related to cybersecurity threats.

Collection Method: Surveys will be distributed across selected healthcare institutions in the
UK.

3.6 Data Collection Targets

The following groups will be targeted for data collection:

Interviews: IT professionals, healthcare administrators, and cybersecurity experts will be

interviewed.

Surveys: Employees in healthcare institutions will be asked to participate in surveys to offer a

broader perspective on the issue.

3.7 Reason for Participant Selection

Selected participants will be those who intersect with both the healthcare provision and
cybersecurity. They are seen as the most valuable sources of information due to their direct
experience with the topic.

3.8 Data Analysis Techniques

Quantitative Data: Tools like SPSS or MS Excel will be used. Various statistical methods
will be applied to draw meaningful conclusions.

Qualitative Data: The gathered data from the interviews will undergo a thematic analysis to
determine common themes and insights.

3.9 Timeline
The research is expected to span an 8-week period. Here is a tentative breakdown:

Week 1-2: Selection and outreach to participants

Week 3-4: Collection of data

Week 5-6: Initial data processing and analysis

Week 7: Deeper data analysis

Week 8: Drawing up findings and conclusions

This chapter, thus, sets a clear direction for the research process, detailing the kind of data
that will be sought, the participants who will be approached, and the techniques that will be
employed for