Post-Quantum Cryptography for securing Electronic Health Records in the South African Public Healthcare System
DOI:
https://doi.org/10.63158/journalisi.v8i1.1423Keywords:
Electronic Health Records, Post-Quantum Cryptography, Quantum Computing Threats, Cybersecurity Policy, South African Public HealthcareAbstract
The growing dependency on Electronic Health Records (EHRs) has intensified the exposure of sensitive patient information to advanced cybersecurity threats, including those posed by quantum computing technologies. South African public hospitals depend on conventional encryption mechanisms to secure EHRs; however, these methods are susceptible to quantum threats. The study explored quantum-resistant cryptography for securing EHRs in South African healthcare. The study adopted a phenomenological approach, employing semi-structured interviews with 12 ICT specialists, policymakers, health information managers and cybersecurity practitioners. The study established a misalignment between national digital health and cybersecurity strategies and future quantum threats, as they prioritise digital transformation, data security and interoperability. Public hospitals were found to be reliant on conventional encryption methods, resulting in structural lock-in and impeding adaptability of post-quantum cryptography. Although stakeholders demonstrated awareness of quantum threats, organisational readiness remains constrained by technical, institutional and capacity barriers. It is concluded that South African public healthcare system remains behind towards post-quantum security transformation. The study recommends the development of a roadmap for post-quantum cryptographic migration, system modernisations and capacity building to strengthen the security of EHRs. The findings provide evidence-based guidance for policymakers to strengthen digital health security and resilience of EHRs in public healthcare systems.
Downloads
References
[1] M. K. Hossain, J. Sutanto, P. W. Handayani, A. A. Haryanto, J. Bhowmik, and V. Frings-Hessami, “An exploratory study of electronic medical record implementation and recordkeeping culture: The case of hospitals in Indonesia,” BMC Health Services Research, vol. 25, no. 1, pp. 1–20, 2025, doi: 10.1186/s12913-025-12399-0.
[2] R. Margam, “The importance of EHR in revolutionizing healthcare delivery and financial success,” Int. J. Comput. Trends Technol., vol. 71, pp. 52–55, 2023, doi: 10.14445/22312803/IJCTT-V71I7P108.
[3] A. Kuzior, I. Tiutiunyk, A. Zielińska, and R. Kelemen, “Cybersecurity and cybercrime: Current trends and threats,” Journal of International Studies, vol. 17, no. 2, pp. 220–239, 2024, doi: 10.14254/2071-8330.2024/17-2/12.
[4] S. Gupta, M. Kapoor, and S. K. Debnath, “Cybersecurity risks and threats in healthcare,” in Artificial Intelligence-Enabled Security for Healthcare Systems: Safeguarding Patient Data and Improving Services. Cham, Switzerland: Springer Nature, 2025, pp. 39–64, doi: 10.1007/978-3-031-82810-2_3.
[5] O. J. Tiwo et al., “Advancing security in cloud-based patient information systems with quantum-resistant encryption for healthcare data,” Asian Journal of Research in Computer Science, vol. 18, no. 4, pp. 187–208, 2025, doi: 10.9734/ajrcos/2025/v18i4615.
[6] T. Anuradha et al., “Quantum-resilient framework for healthcare data security using multivariate polynomial cryptography,” International Journal of System Assurance Engineering and Management, pp. 1–12, 2025, doi: 10.1007/s13198-025-02954-7.
[7] A. S. Ashour and D. Koundal, “Quantum computing in Healthcare 5.0,” in Quantum Computing for Healthcare Data. Amsterdam, Netherlands: Academic Press, 2025, pp. 43–62, doi: 10.1016/B978-0-443-29297-2.00009-5.
[8] S. Chahar, “Exploring the future trends of cryptography,” in Next Generation Mechanisms for Data Encryption. Boca Raton, FL, USA: CRC Press, 2024, pp. 234–257.
[9] M. SaberiKamarposhti et al., “Post-quantum healthcare: A roadmap for cybersecurity resilience in medical data,” Heliyon, vol. 10, no. 10, 2024.
[10] E. P. Nittala, “Design and evaluation of quantum-resilient cryptographic protocols for national information systems security,” Int. J. Emerging Trends Comput. Sci. Inf. Technol., vol. 5, no. 2, pp. 132–142, 2024, doi: 10.55248/gengpi.6.0425.1586.
[11] A. Alif, K. F. Hasan, J. Laeuchli, and M. J. M. Chowdhury, “Quantum threat in healthcare IoT: Challenges and mitigation strategies,” arXiv preprint, arXiv:2412.05904, 2024, doi: 10.48550/arXiv.2412.05904.
[12] C. K. Gitonga, “The impact of quantum computing on cryptographic systems: Urgency of quantum-resistant algorithms and practical applications in cryptography,” European Journal of Information Technologies and Computer Science, vol. 5, no. 1, pp. 1–10, 2025, doi: 10.24018/ejcompute.2025.5.1.146.
[13] B. Kwame and M. Isabella, “Advancing secure communications: The role of post-quantum cryptography in a digital era,” International Journal of Informatics and Data Science Research, vol. 1, no. 11, pp. 30–50, 2024.
[14] K. Csenkey and A. Graver, “Canada’s national quantum strategy one year on,” Canadian Foreign Policy Journal, vol. 30, no. 3, pp. 295–306, 2024, doi: 10.1080/11926422.2024.2397970.
[15] A. R. Olatunde and O. I. Olope, “Exploring the evolving threats and future directions of cyber security in the age of technologies,” Int. J. Advances Eng. Manage., vol. 6, no. 1, pp. 489–498, 2024, doi: 10.35629/5252-0609489498.
[16] G. Dogbanya et al., “Quantum health policy readiness: Anticipating the next digital disruption in public health,” Journal of Life Science and Public Health, vol. 1, no. 2, pp. 1–7, 2025, doi: 10.69739/jlsph.v1i2.966.
[17] Z. Lin, “Implementation of de novo FAIRification in relational legacy systems: The case of the electronic medical record system for maternal health in Afya.ke,” FAIR Data, FAIR Africa, FAIR World, p. 429, 2025, doi: 10.5281/zenodo.15382966.
[18] T. Okasha, N. M. Shaker, and D. A. El-Gabry, “Mental health services in Egypt, the Middle East, and North Africa,” International Review of Psychiatry, vol. 37, nos. 3–4, pp. 306–314, 2025, doi: 10.1080/09540261.2024.2400143.
[19] K. G. Chuma, “Legacy electronic health record systems as culprit behind cybersecurity risks in public healthcare facilities of South Africa,” Global Security: Health, Science and Policy, vol. 10, no. 1, p. 2532556, 2025, doi: 10.1080/23779497.2025.2532556.
[20] M. H. Khumalo and T. S. Moloi, “Barriers to digital transformation in Gauteng’s municipal health clinics,” Journal of Local Government Research and Innovation, vol. 6, p. 282, 2025, doi: 10.4102/jolgri.v6i0.282.
[21] K. G. Chuma and M. Ngoepe, “Data interoperability of health information systems in public hospitals in the Gauteng province of South Africa,” Insights into Regional Development, vol. 7, no. 4, pp. 84–101, 2025, doi: 10.70132/z6986464949.
[22] V. Braun and V. Clarke, “Conceptual and design thinking for thematic analysis,” Qualitative Psychology, vol. 9, no. 1, pp. 3–26, 2022, doi: 10.1037/qup0000196.
[23] R. H. Adler, “Trustworthiness in qualitative research,” Journal of Human Lactation, vol. 38, no. 4, pp. 598–602, 2022, doi: 10.1177/08903344221116620.
[24] G. S. Lawal, “Post-quantum cryptography for protecting long-term medical data archives,” 2020, doi: 10.13140/RG.2.2.31914.89281.
[25] M. Adil et al., “Quantum computing and the future of healthcare internet of things security: Challenges and opportunities,” IEEE Internet of Things Journal, vol. 12, no. 22, 2025, doi: 10.1109/JIOT.2025.3605040.
[26] A. O. Ezeogu, “Post-quantum cryptography for healthcare: Future-proofing population health databases against quantum computing threats,” Research Corridor Journal of Engineering Science, vol. 2, no. 1, pp. 29–56, 2025.
[27] M. P. Singh et al., “Impact and implications of quantum computing on blockchain-based electronic health record systems,” The Open Bioinformatics Journal, vol. 17, no. 1, pp. 1–15, 2024, doi: 10.2174/0118750362316814240820051945.
[28] H. Joshi, “Quantum computing in health informatics: Enhancing disaster preparedness,” in The Rise of Quantum Computing in Industry 6.0 Towards Sustainability. Cham, Switzerland: Springer, 2024, pp. 101–121, doi: 10.1007/978-3-031-73350-5_7.
Downloads
Published
Issue
Section
License
Copyright (c) 2026 Journal of Information Systems and Informatics
This work is licensed under a Creative Commons Attribution 4.0 International License.
Authors Declaration
- The Authors certify that they have read, understood, and agreed to the Journal of Information Systems and Informatics (JournalISI) submission guidelines, policies, and submission declaration. The submission has been prepared using the provided template.
- The Authors certify that all authors have approved the publication of this manuscript and that there is no conflict of interest.
- The Authors confirm that the manuscript is their original work, has not received prior publication, is not under consideration for publication elsewhere, and has not been previously published.
- The Authors confirm that all authors listed on the title page have contributed significantly to the work, have read the manuscript, attest to the validity and legitimacy of the data and its interpretation, and agree to its submission.
- The Authors confirm that the manuscript is not copied from or plagiarized from any other published work.
- The Authors declare that the manuscript will not be submitted for publication in any other journal or magazine until a decision is made by the journal editors.
- If the manuscript is finally accepted for publication, the Authors confirm that they will either proceed with publication immediately or withdraw the manuscript in accordance with the journal’s withdrawal policies.
- The Authors agree that, upon publication of the manuscript in this journal, they transfer copyright or assign exclusive rights to the publisher, including commercial rights
