Privacy concerns regarding personal health information in Myanmar: A cross-sectional survey in a least developed country

Privacy concerns regarding personal health information in Myanmar: A cross-sectional survey in a least developed country | medRxiv /* */ /* */ <!-- <!-- /*! * yepnope1.5.4 * (c) WTFPL, GPLv2 */ (function(a,b,c){function d(a){return"[object Function]"==o.call(a)}function e(a){return"string"==typeof a}function f(){}function g(a){return!a||"loaded"==a||"complete"==a||"uninitialized"==a}function h(){var a=p.shift();q=1,a?a.t?m(function(){("c"==a.t?B.injectCss:B.injectJs)(a.s,0,a.a,a.x,a.e,1)},0):(a(),h()):q=0}function i(a,c,d,e,f,i,j){function k(b){if(!o&&g(l.readyState)&&(u.r=o=1,!q&&h(),l.onload=l.onreadystatechange=null,b)){"img"!=a&&m(function(){t.removeChild(l)},50);for(var d in y[c])y[c].hasOwnProperty(d)&&y[c][d].onload()}}var j=j||B.errorTimeout,l=b.createElement(a),o=0,r=0,u={t:d,s:c,e:f,a:i,x:j};1===y[c]&&(r=1,y[c]=[]),"object"==a?l.data=c:(l.src=c,l.type=a),l.width=l.height="0",l.onerror=l.onload=l.onreadystatechange=function(){k.call(this,r)},p.splice(e,0,u),"img"!=a&&(r||2===y[c]?(t.insertBefore(l,s?null:n),m(k,j)):y[c].push(l))}function j(a,b,c,d,f){return q=0,b=b||"j",e(a)?i("c"==b?v:u,a,b,this.i++,c,d,f):(p.splice(this.i++,0,a),1==p.length&&h()),this}function k(){var a=B;return a.loader={load:j,i:0},a}var l=b.documentElement,m=a.setTimeout,n=b.getElementsByTagName("script")[0],o={}.toString,p=[],q=0,r="MozAppearance"in l.style,s=r&&!!b.createRange().compareNode,t=s?l:n.parentNode,l=a.opera&&"[object Opera]"==o.call(a.opera),l=!!b.attachEvent&&!l,u=r?"object":l?"script":"img",v=l?"script":u,w=Array.isArray||function(a){return"[object Array]"==o.call(a)},x=[],y={},z={timeout:function(a,b){return b.length&&(a.timeout=b[0]),a}},A,B;B=function(a){function b(a){var a=a.split("!"),b=x.length,c=a.pop(),d=a.length,c={url:c,origUrl:c,prefixes:a},e,f,g;for(f=0;f<d;f++)g=a[f].split("="),(e=z[g.shift()])&&(c=e(c,g));for(f=0;f<b;f++)c=x[f](c);return c}function g(a,e,f,g,h){var i=b(a),j=i.autoCallback;i.url.split(".").pop().split("?").shift(),i.bypass||(e&&(e=d(e)?e:e[a]||e[g]||e[a.split("/").pop().split("?")[0]]),i.instead?i.instead(a,e,f,g,h):(y[i.url]?i.noexec=!0:y[i.url]=1,f.load(i.url,i.forceCSS||!i.forceJS&&"css"==i.url.split(".").pop().split("?").shift()?"c":c,i.noexec,i.attrs,i.timeout),(d(e)||d(j))&&f.load(function(){k(),e&&e(i.origUrl,h,g),j&&j(i.origUrl,h,g),y[i.url]=2})))}function h(a,b){function c(a,c){if(a){if(e(a))c||(j=function(){var a=[].slice.call(arguments);k.apply(this,a),l()}),g(a,j,b,0,h);else if(Object(a)===a)for(n in m=function(){var b=0,c;for(c in a)a.hasOwnProperty(c)&&b++;return b}(),a)a.hasOwnProperty(n)&&(!c&&!--m&&(d(j)?j=function(){var a=[].slice.call(arguments);k.apply(this,a),l()}:j[n]=function(a){return function(){var b=[].slice.call(arguments);a&&a.apply(this,b),l()}}(k[n])),g(a[n],j,b,n,h))}else!c&&l()}var h=!!a.test,i=a.load||a.both,j=a.callback||f,k=j,l=a.complete||f,m,n;c(h?a.yep:a.nope,!!i),i&&c(i)}var i,j,l=this.yepnope.loader;if(e(a))g(a,0,l,0);else if(w(a))for(i=0;i (function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start':new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0];var j=d.createElement(s);var dl=l!='dataLayer'?'&l='+l:'';j.src='//www.googletagmanager.com/gtm.js?id='+i+dl;j.type='text/javascript';j.async=true;f.parentNode.insertBefore(j,f);})(window,document,'script','dataLayer','GTM-P4HH5NV'); Skip to main content Home About Submit ALERTS / RSS Search for this keyword Advanced Search Privacy concerns regarding personal health information in Myanmar: A cross-sectional survey in a least developed country View ORCID Profile Khaing Zin Zin Htwe , Saranath Lawpoolsri , Ngamphol Soonthornworasiri , Panithee Thammawijaya , View ORCID Profile Jaranit Kaewkungwal doi: https://doi.org/10.1101/2025.08.25.25334356 Khaing Zin Zin Htwe 1 Department of Tropical Hygiene, Faculty of Tropical Medicine, Mahidol University , Bangkok, Thailand Find this author on Google Scholar Find this author on PubMed Search for this author on this site ORCID record for Khaing Zin Zin Htwe Saranath Lawpoolsri 1 Department of Tropical Hygiene, Faculty of Tropical Medicine, Mahidol University , Bangkok, Thailand 2 C enter of Excellence for Biomedical and Public Health Informatics (BIOPHICS), Faculty of Tropical Medicine, Mahidol University , Bangkok, Thailand Find this author on Google Scholar Find this author on PubMed Search for this author on this site Ngamphol Soonthornworasiri 1 Department of Tropical Hygiene, Faculty of Tropical Medicine, Mahidol University , Bangkok, Thailand Find this author on Google Scholar Find this author on PubMed Search for this author on this site Panithee Thammawijaya 3 Bureau of Epidemiology, Department of Disease Control, Ministry of Public Health , Thailand Find this author on Google Scholar Find this author on PubMed Search for this author on this site Jaranit Kaewkungwal 1 Department of Tropical Hygiene, Faculty of Tropical Medicine, Mahidol University , Bangkok, Thailand 2 C enter of Excellence for Biomedical and Public Health Informatics (BIOPHICS), Faculty of Tropical Medicine, Mahidol University , Bangkok, Thailand Find this author on Google Scholar Find this author on PubMed Search for this author on this site ORCID record for Jaranit Kaewkungwal For correspondence: jaranit.kae{at}mahidol.ac.th Abstract Full Text Info/History Metrics Data/Code Preview PDF Abstract Protecting personal health information has long been a key ethical concern in healthcare. With the rise of digital health systems, privacy concerns have intensified. In least developed countries like Myanmar, where digital literacy is low, public and governmental awareness of privacy issues is limited, and data protection laws are lacking, the health information privacy area remains largely unaddressed and understudied. This study, therefore, aimed to assess the extent of privacy concerns related to personal health information in Myanmar and identify the factors associated with these concerns. A cross-sectional survey was conducted from March to May 2024 among 424 participants recruited online and through two private clinics. A validated 21-item scale measuring six domains: Collection, Errors, Unauthorized Secondary Use, Improper Access, Control, and Awareness, was used. Confirmatory factor analysis was performed to validate the scale, and logistic regression was used to identify factors associated with the concerns. Among the 424 participants, 77.83% reported high concerns. The highest concern was observed in the Awareness domain (mean 5.02, SD 1.65), while the Collection domain showed the lowest (mean 3.41, SD 1.44). Participants aged 45 years or older had significantly lower odds of high concerns compared to those aged 18-24 years, with an adjusted odds ratio (aOR) of 0.29 (95% CI 0.09-0.88). In contrast, those reporting good health (aOR 3.72, 95% CI 1.69-8.23) and high health concerns (aOR 5.26, 95% CI 3.02-9.45) had increased odds of high privacy concerns. These findings highlight the need for robust privacy safeguards, legal frameworks, and trust-building measures to support Myanmar’s transition to digital health systems. They also provide insights relevant for other least developed countries facing similar challenges in balancing digital innovation with the protection of personal health information. Author Summary We examined the extent of personal health information privacy concerns of people in Myanmar at a time when digital health tools are growing but legal protections and public awareness remain limited. From March to May 2024, we surveyed 424 adults online and in two private clinics. We asked about six kinds of concerns, related to the amount of personal health information collected, errors in the information, who can access the information, whether they are reused without permission, how much control people have over their own information, and how clearly rules are explained. More than three in four participants reported high overall concern. People were more worried about not knowing how their information would be used, and least worried about the act of collection itself. Older adults tended to be less concerned than younger adults, while those who felt in good health and those who were more worried about their health showed greater concern. Patterns also varied by sex, place of residence, type of occupation, and familiarity with electronic medical records. Our findings point to practical steps for Myanmar’s digital health transition: communicate clearly about data practices, give people meaningful control, prevent misuse and improper access, and strengthen organizational and legal safeguards. These actions can build trust and support safe, more equitable health information systems in Myanmar and in similar settings. Introduction Background Personal health information (PHI) encompasses any health-related data collected or shared by entities within or outside health information systems. In the past, healthcare services primarily involved healthcare professionals and patients only, placing the responsibility for PHI privacy solely on medical personnel. However, the inevitable change of health information systems into electronic systems and information exchange has expanded the volume of collected health data, giving rise to growing privacy issues [ 1 ]. As electronic medical records (EMRs) often contain sensitive and detailed personal information, and with the increasing risk of data breaches, safeguarding PHI privacy and security has become a critical concern [ 2 ]. A systematic review identified privacy and security as the second most frequently mentioned barrier to digital health implementation, as cited by both healthcare professionals and patients [ 3 ]. Moreover, privacy concerns are strong predictors of patient acceptance when new digital health technologies are introduced [ 4 ]. Privacy concerns are shaped by cultural values, trust in the institutions, and confidence in data handlers [ 5 ]. Socio-political beliefs and contextual norms influence individuals’ risk-benefit perceptions regarding data exchange. Notably, trust in political institutions shapes views of surveillance technology: those with higher trust may see such systems as protective, while others may view them as threats to privacy [ 6 ]. In developing countries, privacy concerns are growing as PHI is increasingly shared among various stakeholders [ 7 ]. Among ASEAN (Association of Southeast Asian Nations) member states, only Cambodia and Myanmar have yet to implement laws specifically protecting medical and health data [ 8 ]. Regarding the current situation in Myanmar, the digital health index is lower than the regional average due to several constraints [ 9 ], such as inadequacy of electricity supply, poor internet connectivity, and heightened data sensitivity in a setting where security considerations overwhelm everything [ 10 ]. In the private sector, however, there have been success stories regarding EMR implementation [ 11 ] and telemedicine services during the COVID-19 pandemic [ 12 ]. Since the military coup in February 2021, healthcare operations have been disrupted, and surveillance practices have intensified. Reports have emerged of breaches involving individuals’ PHI [ 13 ]. Although Myanmar’s digital health system is still in its infancy, addressing public concerns about PHI privacy is essential. Proactively mitigating these concerns will be critical for the successful adoption of health information systems once national stability is restored. Domains of PHI privacy concerns Over the past two decades, a widely used measurement scale for information privacy concerns has been developed and applied in both developed and developing countries. Originally designed for organizational practices and digital environments such as internet use, social networking, and mobile applications [ 14 – 18 ], the scale focused on four primary domains: Collection, Errors, Unauthorized Secondary Use, and Improper Access, modeled as correlated first-order factors [ 19 , 20 ]. This framework was later revised into a second-order construct to improve its conceptual structure [ 21 ]. Subsequently, the scale was adapted for healthcare settings, where terms such as “companies” were replaced with “healthcare providers,” “healthcare entities,” or “medical facilities” in studies on health information exchange and EMR adoption [ 22 – 24 ]. The scale was further expanded to include two additional domains: Control and Awareness, bringing the total to six domains [ 25 , 26 ]. These six domains comprehensively capture essential concerns about PHI privacy in healthcare environments [ 19 , 20 , 24 ]. Concerns about Collection are those related to the amount of PHI collected by healthcare facilities relative to the benefits provided. Concerns about Errors refer to those regarding potential mistakes in handling PHI, including accidental and intentional errors. Unauthorized secondary use involves the use of PHI for purposes other than those originally authorized by the individual. Improper access refers to unauthorized individuals gaining access to PHI. Control addresses whether individuals have control over their own PHI within healthcare facilities. Awareness measures individuals’ knowledge of healthcare facilities’ privacy practices regarding their PHI. Previous research on PHI privacy concerns Studies evaluating PHI privacy concerns (PHIPC) using 7-point Likert scales across diverse settings have revealed varying outcomes influenced by country-specific contexts. For instance, an early study conducted in the United States reported relatively high concern levels in three of four key domains: Unauthorized secondary use (6.01), Improper access (5.95), Collection (5.22), and Errors (4.73) [ 27 ]. A study in New Zealand found moderate concern levels across the domains: Collection (3.79), Errors (4.13), Unauthorized secondary use (4.40), and Improper access (4.49) [ 28 ]. In South Africa, participants reported high concern levels in Collection (6.10), Control (6.00), and Awareness (6.40) [ 25 ]. In contrast, a study from Ghana showed high concerns in Errors (6.28), Unauthorized secondary use (6.01), and Improper access (6.37), but low concerns about Collection (3.36) [ 29 ]. Studies in Asia indicated moderate to low levels of concern. In Taiwan, the scores were Collection (3.54), Errors (4.09), Unauthorized secondary use (4.60), and Improper access (4.39) [ 24 ]. In Hong Kong, concerns across all six domains were moderate: Collection (4.27), Errors (4.33), Unauthorized secondary use (4.28), Improper access (4.61), Control (4.12), and Awareness (4.87) [ 26 ]. Several studies have investigated the antecedents of PHIPC, generally group them into five main categories: socio-demographic factors (such as demographic characteristics, personality traits, and personal knowledge and experience), social-relational factors, organizational and task environmental factors, macro-environmental factors, and information contingencies like the type and sensitivity of information [ 22 – 31 ]. In this study, we focused on eight socio-demographic predictors: age, sex, education, occupation, residence, EMR awareness, perceived health status, and health concerns. Prior research has demonstrated inconsistent findings regarding the influence of these factors on PHIPC [ 7 , 20 , 23 , 25 , 28 , 29 , 31 ]. Regarding age, studies in New Zealand, South Africa, Ireland, and the United States found that older individuals expressed greater privacy concerns. However, research from Ghana reported higher concerns among younger individuals, while a Taiwanese study observed no age-related differences. In terms of sex, findings also varied: studies in South Africa and Taiwan found no significant sex differences, whereas studies in the United States and Ghana indicated that males exhibited higher levels of concern. Education levels showed mixed results as well: higher privacy concerns were associated with lower education levels in South Africa, but the opposite was observed in Taiwan. In Ghana, no significant differences were found based on education. Regarding occupation, a Taiwan study found no occupational differences in privacy concerns, but individuals with EMR awareness demonstrated heightened concerns. Health status and health concerns also revealed diverse outcomes. Studies in Ireland reported no association between perceived health status and privacy concerns, whereas a U.S. study linked perceived poor health status to moderate concerns. In Ghana, individuals with higher health concerns showed greater privacy concerns. These findings underscore the variability of PHIPC across different populations and settings, reflecting cultural, social, and systemic differences. In Myanmar, where public awareness of data privacy regulations is still emerging, concepts such as control, consent, and secondary use of health data may not be as widely recognized or emphasized as in other countries where the PHIPC framework has been tested. This highlights the importance of adapting and validating the PHIPC framework in the Myanmar context. Myanmar is classified as a Least Developed Country (LDC), a status based on three primary criteria: per capita income, economic vulnerability, and human assets, which encompass indicators such as nutrition, health, education, and literacy. The United Nations postponed Myanmar’s graduation from LDC status to 2027, citing setbacks from the 2021 military takeover [ 32 ]. To date, the country lacks a comprehensive data protection law, relying on limited provisions in existing legislation. For example, the 2008 Constitution, specifically Section 3 of the Law for Protection of Privacy, includes vague guarantees of personal privacy, while the Electronic Transactions Law (2004, amended in 2014 and 2021) focuses on electronic transactions and includes some privacy-related provisions. However, these protections are undermined by broad governmental authority that permits intervention under vague justifications such as “stability,” “tranquility,” and “national security [ 33 ]. Myanmar’s healthcare system faces profound challenges in service delivery and accessibility, which have worsened due to the combined impact of the COVID-19 pandemic and ongoing political instability since the February 2021 coup. These events have reduced service capacity and further eroded public trust, prompting a growing number of individuals to turn to alternative or private healthcare services. Additionally, the ongoing armed conflict has introduced severe logistical and operational barriers for healthcare delivery and health data collection, further complicating efforts to safeguard PHI and implement digital health initiatives [ 34 ]. Objectives Given the substantial differences in PHIPC observed between developed and developing countries, this study aimed to investigate PHIPC in the unique context of Myanmar, an LDC experiencing ongoing political instability. These conditions may exacerbate vulnerabilities related to health information privacy. The primary objectives of this study were to assess the level of PHIPC in Myanmar and to identify key factors associated with these concerns. Methods Study design We conducted a cross-sectional online survey to assess PHIPC among Myanmar citizens. The study was designed to evaluate the extent of privacy concerns and identify associated factors across six domains of PHI privacy. Setting Data collection occurred between March and May 2024. The online survey link was distributed primarily via Facebook and Messenger, which are the most widely used social media platforms in Myanmar [ 35 ], and through two private outpatient clinics located in Kyaukpadaung and Pakokku townships. These clinics were selected to supplement online recruitment and reach individuals who may not be actively using social media, ensuring the inclusion of individuals with varying levels of digital literacy who may not actively use social media. The study took place during a period of ongoing political instability in Myanmar following the February 2021 military coup. However, no major political incidents that could affect data collection were reported during the study period. Participants Eligible participants were Myanmar citizens aged 18 years or older who provided informed consent to participate. A convenience sampling approach was used, combining online and clinic-based recruitment. Given the recruitment strategy and platform reliance, the sample may not be fully representative of Myanmar’s general population. Study size The sample size was calculated using the formula for estimating infinite population proportions [ 36 ], assuming 50% of Myanmar citizens had high PHIPC, with a 95% confidence level: where: This yielded a required minimum sample size of 385 participants. A total of 424 complete responses were ultimately collected and analyzed. The finite population correction was not applied. Assessments The primary outcome was PHIPC, measured using a validated scale covering six domains: Collection, Errors, Unauthorized Secondary Use, Improper Access, Control, and Awareness. Each domain contained 2-3 items rated on a 7-point Likert scale (1 = strongly disagree to 7 = strongly agree), with higher scores indicating greater privacy concerns. At the beginning of the questionnaire, a brief explanation of PHI, based on the Health Insurance Portability and Accountability Act (HIPAA), was provided to ensure respondents understood the concept of PHI. Independent variables included age, sex, residence (urban or rural), education, occupation, EMR awareness, perceived health status, and health concerns. Perceived health status was self-assessed by participants using a 7-point Likert scale ranging from “poor” to “well,” reflecting their overall subjective evaluation of health. Health concerns were similarly self-rated on a 7-point Likert scale from “not concerned” to “very concerned,” indicating the extent to which individuals were concerned about their current health status. Data sources All variables were self-reported through the online survey. The PHIPC scale was adapted from a previously validated instrument [ 26 ], which has been tested to be relevant in the health information setting by previous studies [ 37 , 38 ]. Translation process The translation and cultural adaptation of the questionnaire followed established international guidelines [ 39 – 41 ]. A multi-step forward-backward translation process was conducted to ensure linguistic accuracy, conceptual equivalence, and cultural relevance of the PHIPC scale. In the forward translation phase, two independent bilingual translators, fluent in English and Burmese and familiar with Myanmar’s healthcare context, translated the original English version into Burmese. Their translations were compared and synthesized into a single preliminary version by a reviewer. For the back translation phase, two additional bilingual translators with healthcare experience translated the synthesized Burmese version back into English. These two translators had never seen the original English version before or during the translation process, nor did they know who the forward translators were. Another reviewer compared and reconciled those backward-translated versions into only one. This back-translated version was compared to the original to identify any semantic discrepancies, cultural mismatches, or conceptual inconsistencies. Any discrepancies were resolved collaboratively by the previous two reviewers, who both are bilingual and have experience with Myanmar’s healthcare setting. This preliminary Burmese version was pilot-tested with a convenience sample of 32 participants recruited via Messenger. Participants were asked to provide feedback on comprehension and ease of understanding. Based on their input, minor wording adjustments were made to improve while retaining the intended meaning of each item. Data analysis Responses from Google Forms were exported and analyzed using RStudio (version 2024,12.0+467). To validate the conceptual model of PHI privacy in the developed questionnaire, confirmatory factor analysis (CFA) with a second-order construct was conducted to evaluate factor loadings and model fit indices. Goodness-of-fit was assessed based on Hair et al.’s guideline, suggesting acceptable fit when Comparative Fit Index (CFI) > 0.92 with Standardized Root Mean Square Residual (SRMR) ≤ 0.08 [ 42 ]. The reliability of the questionnaire was assessed using Cronbach α to determine internal consistency for each domain and the overall PHIPC. Demographic information was summarized descriptively. Perceived health status and health concerns, measured in a 7-point Likert scale, were classified into two groups: high level (>4) and low level (≤4). PHIPC scores were calculated as average scores of all domains and categorized into two groups: high concerns (>4) and low concerns (≤4). This dichotomization approach was selected to facilitate the practical interpretation of predictors relevant to health policy decisions and to account for the bounded distribution of Likert-based scores. Preliminary analyses using continuous PHIPC scores yielded similar results, supporting the robustness of the dichotomous approach. Additionally, comparative model diagnostics further justified dichotomization, with the logistic regression model demonstrating substantially better model fit (AIC = 391.26; BIC = 452.01) compared to linear regression using continuous PHIPC scores (AIC = 1378.02; BIC = 1442.81). The association between antecedent factors and the PHIPC (overall and domain-specific) was analyzed using logistic regression. Crude odds ratios (ORs), adjusted odds ratios (aORs), and corresponding 95% confidence intervals were calculated. To further explore whether these associations varied across key subgroups, we conducted stratified analyses by residence (urban vs. rural) and education level (bachelor’s degree or higher vs. below bachelor). These subgroup analyses were informed by notable sample imbalances: our study population had a disproportionately higher proportion of urban and highly educated participants compared to the general population of Myanmar. By performing stratified logistic regressions, we aimed to assess whether patterns of privacy concerns differed within more representative subpopulations. There was no missing data because all fields were set as required to be filled in the Google Form. Ethical considerations Ethical approval was granted by the Ethics Committee of the Faculty of Tropical Medicine, Mahidol University (MUTM 2024-007-01). Participants were informed of detailed study information in the introduction of the online survey and were required to provide electronic consent before proceeding to the questionnaire. To ensure anonymity, no personally identifiable information, including names, email addresses, or IP addresses, was collected. The data platform was secured and accessible only to authorized investigators. These procedures also helped safeguard participants during ongoing political instability in Myanmar by ensuring that no sensitive or identifying information was collected. No compensation was provided to participants. Results Characteristics of study participants As shown in Table 1 , out of 424 usable responses, 59.2% (251/424) of the respondents were female, and 75.47% (320/424) resided in urban areas. The largest age group was 25-31 years (44.58%, 189/424). Regarding education, 61.08% (259/424) held a bachelor’s degree or higher. In terms of occupation, 56.37% (239/424) were employed in non-healthcare sectors, 27.59% (117/424) in healthcare-related roles, and 16.04% (68/424) were unemployed. On a 7-point scale measuring perceived health status, 90.33% (383/424) rated their health as “well” (scores >4). Similarly, for health concerns (1 = not concerned, 7 = very concerned), 57.31% (243/424) were classified as having high health concerns (scores >4). Regarding EMR awareness, 44.34% (188/424) reported understanding EMRs, 33.96% (144/424) had heard of EMRs but did not fully understand them, and 21.7% (92/424) had never heard of EMRs. View this table: View inline View popup Table 1. Profile of study participants (n=424). Conceptual model validation of PHIPC The six-domain structure of PHIPC was validated using CFA with a second-order factor model. As shown in Fig 1 , the first-order model demonstrated good fit across all six domains: Collection, Errors, Unauthorized Secondary Use, Improper Access, Control, and Awareness. Most items yielded standardized factor loadings above the recommended threshold of 0.70, except for Col1 (0.56) and Err3 (0.68), which showed slightly lower loadings within acceptable limits [ 42 ]. Download figure Open in new tab Fig 1. PHIPC model. In the second-order model, each domain demonstrated strong loadings onto the higher-order PHIPC construct, ranging from 0.71 to 0.98, except for Collection (0.44). The overall model fit indices indicated good model fit, with CFI of 0.93 and SRMR of 0.06, meeting recommended cutoffs for acceptable fit. The reliability of the overall PHIPC scale was high, as indicated by a Cronbach α of 0.93. The reliability indices for the individual domains were also satisfactory: Collection (0.75), Errors (0.80), Unauthorized secondary use (0.88), Improper access (0.86), Control (0.79), and Awareness (0.80). Note: Col: Collection; Err: Errors; Sec: Unauthorized secondary use; Acc: Improper access; Con: Control; Awa: Awareness Levels of PHIPC As presented in Table 2 , the overall mean (SD) score of PHIPC across all domains was 4.64 (1.25). Most domains had average scores ranging between 4.5 and 5.0, indicating moderate concern levels. The Collection domain was an exception, with a lower mean score of 3.41 (1.44). A cut-off score of ≤4 was used to define “low concerns,” and “>4 to indicate “high concerns.” Based on this classification, 77.83% (33/424) of participants exhibited high overall PHIPC. View this table: View inline View popup Download powerpoint Table 2. Levels of PHIPC (n=424). When analyzed by domain, over 70% of participants expressed high concerns regarding Unauthorized Secondary Use, Improper Access, Control, and Awareness. Concern levels were slightly lower for the Errors domain, with 64.62% (274/424) reporting high concerns. Notably, only 24.53% (104/424) reported high concerns in the Collection domain. Fig 2 displays the distribution of PHIPC scores for each domain using histograms. Table 3 provides the mean scores for each item within the six PHIPC domains. Download figure Open in new tab Fig 2. Distribution of PHIPC. View this table: View inline View popup Table 3. Mean scores of each item in the six domains of PHIPC. Factors associated with PHIPC Tables 4 and 5 present the associations between antecedent factors and high PHIPC scores overall, as well as stratified by residence and education level. Variance inflation factor (VIF) testing indicated no multicollinearity between predictor variables (VIF < 3). Overall, compared to individuals aged 18-24 years, those aged 45 years and older had lower adjusted odds of reporting high PHIPC (aOR 0.29, 95% CI 0.09-0.88). Perceived health status and health concerns showed robust associations with PHIPC. Individuals perceiving their health status as “well” had significantly higher adjusted odds of reporting high PHIPC (aOR 3.72, 95% CI 1.69-8.23). Likewise, those with higher health concerns had greater odds of high PHIPC (aOR 5.26, 95% CI 3.02-9.45). View this table: View inline View popup Table 4. Proportions of participants with high PHIPC scores (>4). Subgroup analyses indicated variation in factors associated with high PIPC scores by residence and education levels ( Table 5 ). Among urban residents, lower odds of high PIHPC were observed in individuals aged 25-31 years (aOR 0.24, 95% CI 0.06-0.82) and 32-38 years (aOR 0.16, 95% CI 0.04-0.60) compared to those aged 18-24 years. In rural settings, having an education below a bachelor’s degree significantly increased odds of high PHIPC (aOR 27.00, 95% CI 2.51-659.00). Males with below bachelor’s degree education also demonstrated significantly higher odds of reporting high PHIPC (aOR 3.88, 95% CI 1.13-15.90). In the group of participants with lower than bachelor’s degree, those who had heard of EMRs but did not understand them had higher odds of PHIPC compared to those who had never heard of EMRs (aOR 4.53, 95% CI 1.03-19.70). View this table: View inline View popup Table 5. Adjusted odds ratio (aORs) and 95% CIs for high PHIPC scores among all participants and subgroups stratified by residence and education. Consistent findings persisted regarding health status (for all subgroups except urban and bachelor’s degree or higher) and health concerns (for all subgroups), reinforcing their importance as robust predictors of PHIPC. Additional analyses by individual PHIPC domains (Supplementary Tables S2-S7) revealed domain-specific variations in associations. For the Collection domain, participants who reported health concerns had significantly lower odds of expressing high privacy concerns (aOR 0.46, 95% CI 0.28-0.74). Regarding the Errors domain, urban residents exhibited significantly higher odds of concern (aOR 2.30, 95% CI 1.28-4.17), whereas those with partial EMR awareness (having heard but not understood) showed lower odds of concern (aOR 0.40, 95% CI 0.20-0.76). In the Unauthorized Secondary Use domain, significant associations were identified for males (aOR 1.93, 95% CI 1.12-3.39), participants older than 45 years (aOR 0.26, 95% CI 0.09-0.74), those with good perceived health status (aOR 2.94, 95% CI 1.36-6.38), and individuals with high health concerns (aOR 4.71, 95% CI 2.80-8.13). For the Improper Access domain, significant predictors included being older than 45 years (aOR 0.35, 95% CI 0.12-0.98), good perceived health status (aOR 2.44, 95% CI 1.11-5.29), and high health concerns (aOR 4.80, 95% CI 2.80-8.46). Within the Control domain, participants reporting good health status (aOR 2.86, 95% CI 1.29-6.36) and high health concerns (aOR 6.15, 95% CI 3.61-10.80) had significantly greater odds of expressing concerns. Lastly, the Awareness domain showed significant associations with employment status and health-related variables: unemployed individuals (aOR 4.41, 95% CI 1.54-13.70), non-healthcare workers (aOR 2.03, 95% CI 1.03-4.09), those with good health status (aOR 4.04, 95% CI 1.82-9.06), and those reporting high health concerns (aOR 6.87, 95% CI 3.93-12.50) demonstrated significantly higher odds of expressing privacy concerns. Discussion We gathered data from individuals recruited online and from two private clinics in Myanmar, obtaining 424 valid responses. The participant demographic was relatively specific: approximately two-thirds (32/424) resided in urban areas, around 60% (259/424) held a bachelor’s or higher degree, and about one-fourth of the participants (117/424) worked in the healthcare sector. Despite the limited implementation of EMR systems in Myanmar, only about 20% of participants (92/424) reported being unfamiliar with EMRs, possible because the survey was distributed to healthcare personnel and patients visiting outpatient clinics. The level of PHIPC in Myanmar was found to be moderate, with average scores ranging from 4 to 5 on a 7-point Likert scale across most domains, except Collection, which scored below 4. This suggests that while individuals in Myanmar were less concerned about the collection of PHI, they placed greater emphasis on its management, particularly regarding errors, misuse, and access controls. These findings align with studies conducted in New Zealand, Taiwan, and Hong Kong, but contrast with higher levels of concern reported in the United States, South Africa, and Ghana [ 24 , 26 – 29 ]. Some studies indicated that national contexts, such as socio-political systems, cultural beliefs, and the availability of data privacy laws, shape PHIPC [ 5 – 7 ], resulting in variations across countries. For example, a study during the COVID-19 pandemic found a much higher general willingness to share data in China compared to the United States and Germany [ 5 ]. Yet, our study reveals that the levels of PHIPC among Myanmar’s population, even in its current LDC status and under instability, were not significantly different from those in countries with contrasting national contexts. Recent publicized data breaches and surveillance developments in Myanmar likely heightened public awareness of certain privacy risks. By 2024, the military’s expanded surveillance infrastructure under the pretense of e-government development included building a national e-ID system with extensive and detailed biometric data [ 43 ]. This political context likely contributed to increased concerns in domains such as Unauthorized Secondary Use and Improper Access, even if Collection concerns remained lower. Many studies highlight that high PHIPC can significantly hinder the development and adoption of digital health systems [ 44 – 48 ]. Conversely, individuals with lower levels of privacy concerns may consent to use technologies without fully understanding their privacy rights. This could result in a lower demand for comprehensive privacy protection measures, leaving them vulnerable to potential misuse of their data [ 49 , 50 ]. Research has generally found a strong link between PHIPC and trust in health information technologies, emphasizing the need to integrate core privacy principles and employ trusted design features [ 47 , 48 , 51 ]. However, there is no universally optimal level of PHIPC to ensure the successful implementation of digital health systems. It remains uncertain whether the moderate PHIPC levels observed in Myanmar will act as a barrier or a facilitator for developing future digital health systems in the country. In this study, perceived health status and health concerns were significantly associated with PHIPC in several domains: individuals with greater health concerns or those who perceived themselves as healthier tended to exhibit higher levels of PHIPC. These findings are consistent with some previous studies [ 29 , 52 , 53 ]. However, other studies found no significant differences in privacy concerns based on general health condition or perceived health status [ 48 , 54 , 55 ]. Sociodemographic variables exhibited domain-specific association: older individuals showed lower concerns in Unauthorized Secondary Use and Improper Access, males expressed higher Unauthorized Secondary Use concerns, urban residents had higher Errors concerns, and non-healthcare and unemployed individuals had higher Awareness concerns. EMR awareness influenced the Errors domain uniquely, with partially aware individuals reporting lower concerns. This finding contradicts a previous study that suggested familiarity with EMRs increased privacy concerns [ 23 ]. This could be attributed to the fact that some participants in this study, being healthcare providers, were somewhat familiar with the technology, which may have fostered trust in the system and its data quality. A previous survey conducted in Myanmar found that healthcare staff in non-governmental clinics viewed EMRs as useful and intended to adopt them [ 11 ]. Additionally, another study highlighted that patients are more likely to share information when they trust the accuracy and confidentiality of their electronic records. In contrast, privacy concerns can lead to withholding information or delaying treatment [ 56 ]. This emphasizes the importance of building trust in EMR systems through strong controls and ensuring data integrity.[ 52 ][ 20 ][ 57 ] Subgroup analyses highlighted notable demographic variations. Younger urban individuals had lower privacy concerns compared to their rural counterparts, and rural residents with education below a bachelor’s degree exhibited particularly elevated concerns. These results emphasize the vulnerability of certain demographic groups linked to limited digital literacy and highlight the importance of targeted interventions to address privacy concerns. Previous literature also shows varying results depending on the setting and different healthcare technologies. A systematic review of 33 studies on patients’ perspectives regarding the confidentiality, privacy, and security of collected data revealed both conflicting and aligned views, influenced by factors like age, income, marital status, and experience with health technologies [ 58 ]. Some studies found no significant differences in PHIPC based on sex, age, and education level [ 25 , 31 , 54 , 55 , 59 ] while others found associations with age and education [ 7 , 23 , 29 , 57 ]. These findings carry several implications for the development of health information systems in Myanmar, both in the public and private sectors. Although a National Health Information System had been planned for 2017-2021 [ 60 ], its progress has effectively halted due to the political instability following the 2021 military coup. As such, our findings are most immediately applicable to the design and governance of health data systems in the private sector, where digital health initiatives continue to expand despite national-level stagnation. However, these insights may significantly inform future efforts to revitalize the National Health Information System once political conditions stabilize. In particular, the relatively low level of concern reported in the Collection domain highlights the need to raise public awareness of privacy risks related to data capture, whether led by government or private entities. This was the first study conducted in Myanmar to address information privacy in the healthcare sector. As a partially online survey conducted during a period of national instability, the study has several limitations. First, the participant sample was not fully representative of Myanmar’s population as a result of convenience sampling. While over 70% of Myanmar’s citizens reside in rural areas and only 7.3% have completed a bachelor’s degree [ 61 ], this study included 25% rural residents and 61% participants with bachelor’s degrees. However, in line with literature recommendations to establish baseline insights for the design, development, and implementation of systems in developing countries [ 62 – 64 ], the study targeted internet users while also collecting data from healthcare providers, patients, and their relatives in clinical settings. Despite its underrepresentation, the study encompassed a broader sociodemographic spectrum of stakeholders critical to future system development. Although the sample size was not specifically calculated for subgroup analysis, we conducted it to explore potential differences, given that the distribution of study participants differed notably from that of the target population. While we acknowledge the limitations in statistical power, the exploratory subgroup analysis adds valuable context and may help generate hypotheses for future research. Second, the concept of privacy in Myanmar does not readily translate into the local language or cultural framework [ 65 ]. With low digital literacy levels, limited privacy awareness in public and governmental sectors, and a lack of effective data protection laws [ 65 , 66 ], ensuring respondents understood privacy protections posed challenges. To address this, key terms were explained at the start of the questionnaire. Third, the survey gathered a limited range of potential influencing factors. A significant finding, perceived health status, was self-reported and may not accurately reflect reality. Future research exploring the relationship between actual health status and perceptions of PHIPC is recommended. Moreover, due to the voluntary nature of participation and the online survey format, response bias cannot be entirely ruled out. Individuals who are more interested in privacy topics or who are more digitally literate may have been more likely to participate. Lastly, the moderate PHIPC level observed may fluctuate given the study’s timing during political instability. Myanmar has faced ongoing cybersecurity issues, including regular hacking of government websites and cases of identity theft and privacy breaches during the COVID-19 pandemic [ 65 , 66 ]. Thus, the PHIPC levels reported may only represent the conditions at the time and could change under different circumstances. Due to the nature of the questionnaire, we did not collect data on prior privacy violations or previous healthcare experiences, which may influence individual privacy concerns. As such, unmeasured confounding cannot be entirely ruled out. We recommend future studies to employ representative sampling and to study the association of PHIPC with the success/failure of implementation of digital health information systems in LDCs, including Myanmar. Conclusions This study explored PHIPC in Myanmar, an LDC with limited public awareness of data privacy and the absence of comprehensive data protection laws. Drawing from a diverse sample, our findings revealed moderate levels of privacy concerns, particularly in domains related to data management, namely Errors, Unauthorized Secondary Use, Improper Access, Control, and Awareness, while concerns regarding data collection were comparatively lower. The most influential factors associated with high PHIPC were perceived health status and health concerns. Individuals who rated their health as good or expressed greater concern for their health were significantly more likely to report high levels of privacy concern. Although overall PHIPC was not significantly influenced by demographic factors such as age, sex, education level, residence, or EMR awareness, subgroup and domain-specific analyses indicated that these variables may play a role in shaping concerns within specific domains of PHIPC. While the moderate concern levels observed may not present a direct barrier to the rollout of digital health initiatives in Myanmar, the findings underscore the importance of building public trust and establishing robust privacy safeguards. To ensure the successful adoption and long-term sustainability of digital health systems, policymakers and developers must prioritize clear privacy policies, transparent communication, and secure data management practices. These considerations are not only critical for Myanmar but also offer valuable insights for other nations navigating similar digital health transformations under constrained political or infrastructural conditions. Data Availability All data analyzed during this study are available in supporting files. Author contributions KZZH contributed to conceptualization, data curation, formal analysis, investigation, methodology, and writing. JK contributed to conceptualization, formal analysis, methodology, supervision, and writing. SL and NS contributed to conceptualization, methodology, and supervision. PT contributed to supervision. Review and editing were done by KZZH and JK. All authors approved the final version of the manuscript and agreed on the decision to submit it for publication. Conflicts of interest The authors declare no competing interests. Data sharing All data analyzed during this study are available in supporting files. Supporting information S1 data. Survey responses and variable coding. S2 supplementary tables. Additional regression results. S3 questionnaire English. Survey questionnaires in English. S4 questionnaire Myanmar. Survey questionnaires in Myanmar. Acknowledgements The authors extend their gratitude to the Faculty of Tropical Medicine, Mahidol University, for funding and supporting this research project. Portions of the manuscript preparation involved the use of generative AI (ChatGPT by OpenAI, Grammarly, and Elicit) to assist with language editing, phrasing refinement, literature search, and providing coding assistance during R script development for data analysis. All AI-generated content was carefully reviewed, edited, and validated by the authors to ensure scientific accuracy, integrity, and compliance with ethical standards. No AI tools were used for the conceptualization, translation, data collection, or generation of study results. Abbreviations aOR adjusted odds ratio CFA confirmatory factor analysis CFI comparative fit index EMR electronic medical records LDC least developed country OR odds ratio PHI personal health information PHIPC personal health information privacy concerns SRMR standardized root mean square residual VIF variance inflation factor References 1. ↵ Gastin LO . Health Information Privacy . Cornell Law Rev 1995 . p. 451 . Available from: http://scholarship.law.cornell.edu/clr/vol80/iss3/1 [accessed Dec 20, 2024 ] 2. ↵ Rockwern B , Johnson D , Snyder Sulmasy L . Health Information Privacy, Protection, and Use in the Expanding Digital Health Ecosystem: A Position Paper of the American College of Physicians . Ann Intern Med American College of Physicians ; 2021 Jul 1 ; 174 ( 7 ): 994 – 998 . doi: 10.7326/M20-7639 OpenUrl CrossRef 3. ↵ McGinn CA , Grenier S , Duplantie J , Shaw N , Sicotte C , Mathieu L , Leduc Y , Légaré F , Gagnon M-P . Comparison of user groups’ perspectives of barriers and facilitators to implementing electronic health records: a systematic review . BMC Med 2011 Dec 28 ; 9 ( 1 ): 46 . doi: 10.1186/1741-7015-9-46 OpenUrl CrossRef PubMed 4. ↵ Dhagarra D , Goswami M , Kumar G . Impact of Trust and Privacy Concerns on Technology Acceptance in Healthcare: An Indian Perspective . Int J Med Inform Elsevier Ireland Ltd ; 2020 Sep 1 ; 141 : 104164 . doi: 10.1016/j.ijmedinf.2020.104164 OpenUrl CrossRef 5. ↵ Habich-Sobiegalla S , Kostka G . Sharing is caring: willingness to share personal data through contact tracing apps in China , Germany, and the US. Inf Commun Soc Routledge ; 2023 Oct 26 ; 26 ( 14 ): 2797 – 2824 . doi: 10.1080/1369118X.2022.2113421 OpenUrl CrossRef 6. ↵ Pavone V , Esposti SD . Public assessment of new surveillance-oriented security technologies: Beyond the trade-off between privacy and security . Public Understanding of Science SAGE Publications Ltd ; 2012 Jul 26 ; 21 ( 5 ): 556 – 572 . doi: 10.1177/0963662510376886 OpenUrl CrossRef PubMed 7. ↵ Adu EK , Mills A , Todorova N . Factors influencing individuals’ personal health information privacy concerns . A study in Ghana. Inf Technol Dev Routledge ; 2021 Apr 3 ; 27 ( 2 ): 208 – 234 . doi: 10.1080/02681102.2020.1806018 OpenUrl CrossRef 8. ↵ ASEAN-Japan Centre . A ssessing Digital Health Adoption in ASEAN. 2024 . Available from: https://www.asean.or.jp/main-site/wp-content/uploads/2024/07/Assessing-Digital-Health-Adoption-in-ASEAN.pdf [accessed Dec 20, 2024 ] 9. ↵ World Health Organization . A rapid self-assessment of digital health implementation in the WHO South-East Asia Region - Assessment summary for Myanmar . Available from: https://cdn.who.int/media/docs/default-source/health-information-system/dh-profiles/myanmar_dipsticksurvey_countryprofile.pdf [accessed Dec 20, 2024 ] 10. ↵ World Health Organization . Regional Office for the Western Pacific . The Republic of the Union of Myanmar health system review. Health Syst Transit WHO Regional Office for the Western Pacific ; 2014 . Available from: https://iris.who.int/handle/10665/208211 [accessed Dec 20, 2024 ]ISBN:9789290616665 11. ↵ Thit WM , Thu SWYM , Kaewkungwal J , Soonthornworasiri N , Theera-Ampornpunt N , Kijsanayotin B , Lawpoolsri S , Naing S , Pan-Ngum W . Uwser acceptance of electronic medical record system: Implementation at marie stopes international, Myanmar . Healthc Inform Res Korean Society of Medical Informatics ; 2020 ; 26 ( 3 ): 185 – 192 . doi: 10.4258/hir.2020.26.3.185 OpenUrl CrossRef 12. ↵ Leroux EJ , Ohn T , Lwin PM , Wagner A , Mahadevan SV . The first Myanmar-based telemedicine solution for the people of Myanmar: A pilot study at 3 diverse facilities. Ann Glob Health Ubiquity Press , Ltd .; 2016 Aug 20 ; 82 ( 3 ): 458 . doi: 10.1016/j.aogh.2016.04.259 OpenUrl CrossRef 13. ↵ Mi-Kun . Surveillance regime and threats to privacy: Digital authoritarianism in Myanmar . 2023 . Available from: https://engagemedia.org/2023/pandemic-control-myanmar/ [accessed Dec 20, 2024 ] 14. ↵ Castañeda JA , Montoso FJ , Luque T . The dimensionality of customer privacy concern on the internet . Online Information Review 2007 ; 31 ( 4 ): 420 – 439 . doi: 10.1108/14684520710780395 OpenUrl CrossRef 15. Dinev T , Hart P . Internet privacy concerns and their antecedents - measurement validity and a regression model . Behaviour & Information Technology 2004 Nov ; 23 ( 6 ): 413 – 422 . doi: 10.1080/01449290410001715723 OpenUrl CrossRef 16. Koohang A . Social media sites privacy concerns: Empirical validation of an instrument . Online Journal of Applied Knowledge Management 2017 May 4 ; 5 ( 1 ): 14 – 26 . doi: 10.36965/OJAKM.2017.5(1)14-26 OpenUrl CrossRef 17. Xu H , Gupta S , Rosson MB , Carroll JM . Measuring Mobile Users’ Concerns for Information Privacy . ICIS 2012 Proceedings 2012 . p. 10 . Available from: https://aisel.aisnet.org/icis2012/proceedings/ISSecurity/10 [accessed Dec 20, 2024 ] 18. ↵ Bartol J , Vehovar V , Petrovčič A . Should we be concerned about how information privacy concerns are measured in online contexts? A systematic review of survey scale development studies . Informatics MDPI AG ; 2021 Jun 1 ; 8 ( 2 ). doi: 10.3390/informatics8020031 OpenUrl CrossRef 19. ↵ Smith HJ , Milberg SJ , Burke SJ . Information Privacy: Measuring Individuals’ Concerns about Organizational Practices . MIS Quarterly 1996 Jun ; 20 ( 2 ): 167 . doi: 10.2307/249477 OpenUrl CrossRef Web of Science 20. ↵ Bansal G , Davenport R . Moderating Role of Perceived Health Status on Privacy Concern Factors and Intentions to Transact with High versus Low Trustworthy Health Websites . MWAIS 2010 Proceedings 7 2010 . Available from: http://aisel.aisnet.org/mwais2010/7 [accessed Dec 20, 2024 ] 21. ↵ Stewart KA , Segars AH . An empirical examination of the concern for information privacy instrument . Information Systems Research INFORMS Inst.for Operations Res.and the Management Sciences ; 2002 ; 13 ( 1 ): 36 – 49 . doi: 10.1287/isre.13.1.36.97 OpenUrl CrossRef Web of Science 22. ↵ Angst CM , Agarwal R . Adoption of electronic health records in the presence of privacy concerns: The elaboration likelihood modeland individual persuasion . MIS Q Management Information Systems Research Center ; 2009 ; 33 ( 2 ): 339 – 370 . doi: 10.2307/20650295 OpenUrl CrossRef 23. ↵ Hwang H-G , Han H-E , Kuo K-M , Liu C-F . The Differing Privacy Concerns Regarding Exchanging Electronic Medical Records of Internet Users in Taiwan . J Med Syst 2012 Dec 20 ; 36 ( 6 ): 3783 – 3793 . doi: 10.1007/s10916-012-9851-1 OpenUrl CrossRef PubMed 24. ↵ Malhotra NK , Kim SS , Agarwal J . Internet users’ information privacy concerns (IUIPC): The construct, the scale, and a causal model . Information Systems Research. INFORMS Inst.for Operations Res.and the Management Sciences ; 2004 . p. 336 – 355 . doi: 10.1287/isre.1040.0032 OpenUrl CrossRef Web of Science 25. ↵ Zukowski T , Brown I . Examining the influence of demographic factors on internet users’ information privacy concerns . Proceedings of the 2007 annual research conference of the South African institute of computer scientists and information technologists on IT research in developing countries New York , NY, USA: ACM ; 2007 . p. 197 – 204 . doi: 10.1145/1292491.1292514 OpenUrl CrossRef 26. ↵ Hong W , Thong JYL . Internet Privacy Concerns: An Integrated Conceptualization and Four Empirical Studies . MIS Quarterly 2013 Jan 1 ; 37 ( 1 ): 275 – 298 . doi: 10.25300/MISQ/2013/37.1.12 OpenUrl CrossRef 27. ↵ Bellman S , Johnson EJ , Kobrin SJ , Lohse GL . International differences in information privacy concerns: A global survey of consumers . Information Society 2004 Nov ; 20 ( 5 ): 313 – 324 . doi: 10.1080/01972240490507956 OpenUrl CrossRef 28. ↵ Rose EA . An examination of the concern for information privacy in the New Zealand regulatory context . Information and Management Elsevier ; 2006 ; 43 ( 3 ): 322 – 335 . doi: 10.1016/j.im.2005.08.002 OpenUrl CrossRef 29. ↵ Adu EK , Todorova N , Mills A . Do Individuals in Developing Countries Care about Personal Health Information Privacy? An Empirical Investigation . CONF-IRM 2019 Proceedings 2019 . p. 16 . Available from: https://aisel.aisnet.org/confirm2019/16 [accessed Dec 20, 2024 ] 30. Li Y . Empirical studies on online information privacy concerns: Literature review and an integrative framework . Communications of the Association for Information Systems. Association for Information Systems ; 2011 . p. 453 – 496 . doi: 10.17705/1cais.02828 OpenUrl CrossRef 31. ↵ Fox G , Connolly R . Drivers of Health Information Privacy Concern: A Comparison Study . AMCIS 2016 Proceedings 2016. p. 3. Available from: https://aisel.aisnet.org/amcis2016/Health/Presentations/3 [accessed Dec 20, 2024 ] 32. ↵ Committee for Development Policy . The 2024 triennial review of the list of least developed countries *. 2024 . Available from: www.un.org/development/desa/dpad/least-developed-country-category/ldc-data-retrieval.html . [accessed Dec 20, 2024 ] 33. ↵ Thean-Ngarm Y. Data Privacy Law in Myanmar . 2022 . Available from: https://www.tbam1997.com/media/1592/data-privacy-laws_myanmar.pdf [accessed Dec 20, 2024 ] 34. ↵ World Bank . Analysis of Access to Essential health Services in Myanmar 2021-2023 . 2024 . Available from: https://documents.worldbank.org/en/publication/documents-reports/documentdetail/099040524035028779/p18007318b279c0471b8691b0990b874f62 [accessed Dec 20, 2024 ] 35. ↵ Hamza A , Poudel A , Yonghong D , Ullah I , Dipak D , Ashok poudel, Bk LB. Evolving Social Media Landscape: Trends and Usage Patterns in Myanmar . Available from: https://www.researchgate.net/publication/383861320 36. ↵ Daniel WW. Biostatistics: A Foundation for Analysis in the Health Sciences . 1995 ; 37. ↵ Kenny G , Connolly R . Examining Citizens’ Health Information Privacy Concerns: An Extension of the IPC Instrument . AMCIS 2017 Proceedings 2017 . p. 1 . Available from: https://aisel.aisnet.org/amcis2017/Replication/Presentations/1 [accessed Dec 20, 2024 ] 38. ↵ Fox G , James TL . Toward an Understanding of the Antecedents to Health Information Privacy Concern: A Mixed Methods Study . Information Systems Frontiers Springer ; 2021 Dec 1 ; 23 ( 6 ): 1537 – 1562 . doi: 10.1007/s10796-020-10053-0 OpenUrl CrossRef 39. ↵ Wild D , Grove A , Martin M , Eremenco S , McElroy S , Verjee-Lorenz A , Erikson P . Principles of good practice for the translation and cultural adaptation process for patient-reported outcomes (PRO) measures: Report of the ISPOR Task Force for Translation and Cultural Adaptation . Value in Health Blackwell Publishing Inc .; 2005 ; 8 ( 2 ): 94 – 104 . PMID: 15804318 OpenUrl CrossRef PubMed Web of Science 40. Beaton DE , Bombardier C , Guillemin F , Ferraz MB . Guidelines for the Process of Cross-Cultural Adaptation of Self-Report Measures . Spine (Phila Pa 1976) 2000 Dec ; 25 ( 24 ): 3186 – 3191 . doi: 10.1097/00007632-200012150-00014 OpenUrl CrossRef PubMed Web of Science 41. ↵ Cruchinho P , López-Franco MD , Capelas ML , Almeida S , Bennett PM , da Silva MM , Teixeira G , Nunes E , Lucas P , Gaspar F. Translation , Cross-Cultural Adaptation, and Validation of Measurement Instruments: A Practical Guideline for Novice Researchers . J Multidiscip Healthc Dove Medical Press Ltd ; 2024 ; 17 : 2701 – 2728 . doi: 10.2147/JMDH.S419714 OpenUrl CrossRef 42. ↵ Hair JF. , Black WC. , Babin BJ. , Anderson RE . Multivariate data analysis . Pearson Education Limited ; 2014 . ISBN: 9781292021904 43. ↵ accessnow . Myanmar’s Digital Dictatorship . 2024 . Available from: https://www.accessnow.org/myanmar/ [accessed Jun 10, 2025 ] 44. ↵ Iott BE , Campos-Castillo C , Anthony DL . Trust and Privacy: How Patient Trust in Providers is Related to Privacy Behaviors and Attitudes . AMIA Annu Symp Proc 2019 ;2019: 487 – 493 . PMID: 32308842 OpenUrl PubMed 45. Kisekka V , Giboney JS . The effectiveness of health care information technologies: Evaluation of trust, security beliefs, and privacy as determinants of health care outcomes . J Med Internet Res JMIR Publications Inc .; 2018 Apr 1 ; 20 ( 4 ). PMID: 29643052 OpenUrl PubMed 46. Platt JE , Jacobson PD , Kardia SLR . Public Trust in Health Information Sharing: A Measure of System Trust . Health Serv Res Blackwell Publishing Inc .; 2018 Apr 18 ; 53 ( 2 ): 824 – 845 . doi: 10.1111/1475-6773.12654 OpenUrl CrossRef 47. ↵ McGraw D , Dempsey JX , Harris L , Goldman J . Privacy As An Enabler, Not An Impediment: Building Trust Into Health Information Exchange . Health Aff 2009 Mar ; 28 ( 2 ): 416 – 427 . doi: 10.1377/hlthaff.28.2.416 OpenUrl Abstract / FREE Full Text 48. ↵ Cherif E , Bezaz N , Mzoughi M . Do personal health concerns and trust in healthcare providers mitigate privacy concerns? Effects on patients’ intention to share personal health data on electronic health records . Soc Sci Med Elsevier Ltd ; 2021 Aug 1 ; 283 : 114146 . doi: 10.1016/j.socscimed.2021.114146 OpenUrl CrossRef PubMed 49. ↵ Holzer A , Bergram K , Bezençon V , Gjerlufsen T . DIGITAL NUDGES FOR PRIVACY AWARENESS: FROM CONSENT TO INFORMED CONSENT? ECIS 2020 2020 . Available from: https://www.researchgate.net/publication/346915885 [accessed Dec 20, 2024 ] 50. ↵ Milberg SJ , Smith HJ , Burke SJ . Information Privacy: Corporate Management and National Regulation . Organization Science 2000 Feb ; 11 ( 1 ): 35 – 57 . doi: 10.1287/orsc.11.1.35.12567 OpenUrl CrossRef Web of Science 51. ↵ Shen N , Sequeira L , Silver MP , Carter-Langford A , Strauss J , Wiljer D . Patient privacy perspectives on health information exchange in a mental health context: Qualitative study . JMIR Ment Health JMIR Publications Inc .; 2019 Nov 1 ; 6 ( 11 ). PMID: 31719029 OpenUrl PubMed 52. ↵ Esmaeilzadeh P , Maddah M . The effects of perceived health status on privacy concerns and opt-in intention toward Health Information Exchanges (HIEs) . AMCIS 2018 Proceedings 3 2018 . Available from: https://aisel.aisnet.org/amcis2018/Health/Presentations/3/ [accessed Dec 20, 2024 ] 53. ↵ Ermakova T , Fabian B , Kelkel S , Wolff T , Zarnekow R . Antecedents of health information privacy concerns . Procedia Comput Sci Elsevier B.V .; 2015 . p. 376 – 383 . doi: 10.1016/j.procs.2015.08.356 OpenUrl CrossRef 54. ↵ Agaku IT , Adisa AO , Ayo-Yusuf OA , Connolly GN . Concern about security and privacy, and perceived control over collection and use of health information are related to withholding of health information from healthcare providers . Journal of the American Medical Informatics Association 2014 ; 21 ( 2 ): 374 – 378 . PMID: 23975624 OpenUrl CrossRef PubMed 55. ↵ Shi J , Yuan R , Yan X , Wang M , Qiu J , Ji X , Yu G . Factors Influencing the Sharing of Personal Health Data Based on the Integrated Theory of Privacy Calculus and Theory of Planned Behaviors Framework: Results of a Cross-Sectional Study of Chinese Patients in the Yangtze River Delta . J Med Internet Res JMIR Publications Inc .; 2023 Jul 6 ; 25 : e46562 . doi: 10.2196/46562 OpenUrl CrossRef 56. ↵ Basil NN , Ambe S , Ekhator C , Fonkem E . Health Records Database and Inherent Security Concerns: A Review of the Literature . Cureus Springer Science and Business Media LLC ; 2022 Oct 11 ; doi: 10.7759/cureus.30168 OpenUrl CrossRef 57. ↵ Busch-Casler J , Radic M . Trust and Health Information Exchanges: Qualitative Analysis of the Intent to Share Personal Health Information . J Med Internet Res JMIR Publications Inc .; 2023 Aug 30 ; 25 : e41635 . doi: 10.2196/41635 OpenUrl CrossRef 58. ↵ Alhammad N , Alajlani M , Abd-Alrazaq A , Epiphaniou G , Arvanitis T . Patients’ Perspectives on the Data Confidentiality, Privacy, and Security of mHealth Apps: Systematic Review. J Med Internet Res . JMIR Publications Inc .; 2024 . PMID: 38820572 OpenUrl PubMed 59. ↵ Pitta DA , Katsanis LP . Consumer concerns for healthcare information privacy: A comparison of US and Canadian perspectives . Research in Healthcare Financial Management 2009 ; 12 ( 1 ): 93 – 111 . Available from: https://www.researchgate.net/publication/289205355 [accessed Dec 20, 2024 ] OpenUrl 60. ↵ Ministry of Health and Sports . Strategic Action Plan for Strengthening Health Information 2017-2021 . https://moh.gov.mm/page/5087 . 61. ↵ The 2014 Myanmar Population and Housing Census . https://themimu.info/sites/themimu.info/files/documents/Census_Atlas_Myanmar_the_2014_Myanmar_Population_and_Housing_Census.pdf.2014 . Available from: https://myanmar.unfpa.org/sites/default/files/pub-pdf/MyanmarCensusAtlas_lowres.pdf [accessed Dec 20, 2024 ] 62. ↵ Chang LYC , Coppel N . Building cyber security awareness in a developing country: Lessons from Myanmar . Comput Secur Elsevier Ltd ; 2020 Oct 1 ; 97 . doi: 10.1016/j.cose.2020.101959 OpenUrl CrossRef 63. Policy Engagement Network . Electronic Health Privacy and Security in Developing Countries and Humanitarian Operations . Policy Engagement Network, London School of Economics and Political Science , London, GB ; 2010 . Available from: http://hdl.handle.net/10625/46407 [accessed Dec 12, 2024 ] 64. ↵ Li T , Slee T . The effects of information privacy concerns on digitizing personal health records . J Assoc Inf Sci Technol John Wiley and Sons Inc ; 2014 Aug 1 ; 65 ( 8 ): 1541 – 1554 . doi: 10.1002/asi.23068 OpenUrl CrossRef 65. ↵ Myanmar Centre for Responsible Business . The Right to Privacy in the Digital Age: Experience from Myanmar . 2022 Jun . Available from: https://www.ohchr.org/sites/default/files/documents/issues/digitalage/reportprivindigage2022/submissions/2022-09-06/CFI-RTP-Myanmar-Centre-Responsible-Business.pdf [accessed Dec 20, 2024 ] 66. ↵ Myanmar Centre for Responsible Business . POLICY BRIEF A DATA PROTECTION LAW THAT PROTECTS PRIVACY: ISSUES FOR MYANMAR . 2019 . Available from: https://www.myanmar-responsiblebusiness.org/pdf/2019-Policy-Brief-Data-Protection_en.pdf [accessed Dec 20, 2024 ] View the discussion thread. Back to top Previous Next Posted August 27, 2025. Download PDF Data/Code Email Thank you for your interest in spreading the word about medRxiv. NOTE: Your email address is requested solely to identify you as the sender of this article. Your Email * Your Name * Send To * Enter multiple addresses on separate lines or separate them with commas. You are going to email the following Privacy concerns regarding personal health information in Myanmar: A cross-sectional survey in a least developed country Message Subject (Your Name) has forwarded a page to you from medRxiv Message Body (Your Name) thought you would like to see this page from the medRxiv website. Your Personal Message CAPTCHA This question is for testing whether or not you are a human visitor and to prevent automated spam submissions. Share Privacy concerns regarding personal health information in Myanmar: A cross-sectional survey in a least developed country Khaing Zin Zin Htwe , Saranath Lawpoolsri , Ngamphol Soonthornworasiri , Panithee Thammawijaya , Jaranit Kaewkungwal medRxiv 2025.08.25.25334356; doi: https://doi.org/10.1101/2025.08.25.25334356 Share This Article: Copy Citation Tools Privacy concerns regarding personal health information in Myanmar: A cross-sectional survey in a least developed country Khaing Zin Zin Htwe , Saranath Lawpoolsri , Ngamphol Soonthornworasiri , Panithee Thammawijaya , Jaranit Kaewkungwal medRxiv 2025.08.25.25334356; doi: https://doi.org/10.1101/2025.08.25.25334356 Citation Manager Formats BibTeX Bookends EasyBib EndNote (tagged) EndNote 8 (xml) Medlars Mendeley Papers RefWorks Tagged Ref Manager RIS Zotero Tweet Widget Facebook Like Google Plus One Subject Area Health Informatics Subject Areas All Articles Addiction Medicine (568) Allergy and Immunology (863) Anesthesia (300) Cardiovascular Medicine (4435) Dentistry and Oral Medicine (444) Dermatology (382) Emergency Medicine (608) Endocrinology (including Diabetes Mellitus and Metabolic Disease) (1509) Epidemiology (15229) Forensic Medicine (30) Gastroenterology (1124) Genetic and Genomic Medicine (6600) Geriatric Medicine (668) Health Economics (997) Health Informatics (4536) Health Policy (1368) Health Systems and Quality Improvement (1613) Hematology (541) HIV/AIDS (1264) Infectious Diseases (except HIV/AIDS) (15916) Intensive Care and Critical Care Medicine (1103) Medical Education (623) Medical Ethics (146) Nephrology (667) Neurology (6599) Nursing (346) Nutrition (998) Obstetrics and Gynecology (1144) Occupational and Environmental Health (957) Oncology (3332) Ophthalmology (974) Orthopedics (369) Otolaryngology (420) Pain Medicine (436) Palliative Medicine (130) Pathology (663) Pediatrics (1693) Pharmacology and Therapeutics (691) Primary Care Research (711) Psychiatry and Clinical Psychology (5447) Public and Global Health (9232) Radiology and Imaging (2198) Rehabilitation Medicine and Physical Therapy (1370) Respiratory Medicine (1196) Rheumatology (593) Sexual and Reproductive Health (712) Sports Medicine (530) Surgery (712) Toxicology (99) Transplantation (289) Urology (265) (function(){function c(){var b=a.contentDocument||a.contentWindow.document;if(b){var d=b.createElement('script');d.innerHTML="window.__CF$cv$params={r:'a00aa0d50a3d4807',t:'MTc3OTYwODE3NA=='};var a=document.createElement('script');a.src='/cdn-cgi/challenge-platform/scripts/jsd/main.js';document.getElementsByTagName('head')[0].appendChild(a);";b.getElementsByTagName('head')[0].appendChild(d)}}if(document.body){var a=document.createElement('iframe');a.height=1;a.width=1;a.style.position='absolute';a.style.top=0;a.style.left=0;a.style.border='none';a.style.visibility='hidden';document.body.appendChild(a);if('loading'!==document.readyState)c();else if(window.addEventListener)document.addEventListener('DOMContentLoaded',c);else{var e=document.onreadystatechange||function(){};document.onreadystatechange=function(b){e(b);'loading'!==document.readyState&&(document.onreadystatechange=e,c())}}}})();