A Descriptive Study of Webpage Designs for Posting Privacy Policies for Different-Sized US Hospitals to Create an Assessment Framework

Abstract

In the United States, there are laws and standards guiding how people should be informed about the use of their private data. However, the challenge of communicating these guidelines to the naïve user is still at its peak. Research has shown that the willingness to read privacy statements is influenced by attitudes toward privacy risks and privacy benefits. Many websites publish privacy policies somewhere on their web pages, and it can be difficult to navigate to them. In the healthcare field, research has found that health information websites’ key information is presented poorly and inconsistently. For the policies to be legally binding, a person must be able to find them. In the healthcare industry, where sensitive data are being collected, research on how a user navigates to privacy policies for different size hospital websites is limited. Studies exist about privacy policies or website design and not both. This descriptive study involved ascertaining commonalities and differences among different-sized hospitals’ website designs for supporting privacy policies. A foundation framework was created using Web Content Accessibility Guidelines (WGAC) principles and the literature review findings for evaluating practices for website publishing of privacy policies. The results demonstrated a very low variance in the website design concepts employed by hospitals to publish their privacy policy.