Introduction

Trinidad and Tobago’s healthcare system is two-tiered (private and public), where public healthcare is available to all citizens for free and offers a wide variety of services [1]. The record management system currently implemented within the public healthcare sector is primarily paper-based. Each health facility contains its own system for the filing of records and patients generally have to go to that particular health facility to access their records (personal communication, August 1st, 2021). Paper-based record management systems have many inefficiencies that not only affect patient care but also provider care. These issues may include inconsistent templates, limited security, lack of scalable storage, inadequate audit trails, errors in patient records, and duplication of records [2, 3].

To mitigate some of these challenges, digital record management systems have been developed and implemented in healthcare through the use of Electronic Health Records. An Electronic Health Record (EHR) is a digitized version of a patient’s medical history but is also not limited to medical tests, X-rays/imaging, and long-term medical history [4, 5]. EHRs are usually utilized by healthcare providers and have been widely adopted throughout many countries such as Finland [6], Sweden [5] and the United States of America [7], providing healthcare providers with proper management of patient records [4, 8]. One of the key features of EHR systems is the ability to allow patients to be able to access their health records online, primarily with the assistance of a patient portal.

A patient portal is a secure online system offered by healthcare providers to allow patients to access their health records as well as provide additional functionalities such as appointment creation, prescription, and consolation requests [9, 10]. Patient portals can be standalone or an added functionality of EHR software. This system carries many benefits including improved focus on patient care, better patient communication, easy access to health records, streamlined patient registration and administrative tasks and improved clinical outcomes [11]. Epic’s MyChart, athenaOne, Finland’s My Kanta, and Estonia’s e-Health Patient Portal are among some of the patient portals utilized worldwide [12, 13].

Although patient portals carry many benefits, patients may not be as inclined to utilize such a system for a variety of reasons. Lack of knowledge on how to use the system [9], lack of trust in the security, integrity and confidentiality of information [8, 14], and resistance to change [10], are among the factors as to why users many not be inclined to use or adopt such a system. Age has also shown to have some influence on the user’s trust as older users may not be as inclined to use such a system [5, 10]. As part of the requirements process of the software development cycle (SDLC), it is important to consider these factors to develop a system that meets the user’s requirements. Using a software credibility evaluation model throughout the development of the SDLC can ensure that all aspects of the system are met and the credibility of the software is maintained.

Software credibility can be defined as a process that is used to determine if the actual behavior of the application corresponds with the expected result [15]. This process is completed by analyzing the software using various methods throughout the development lifecycle [16].

Figure 1 shows an overview of the credibility framework which consists primarily of testing between the software development life cycle (SDLC) and the credibility evaluation model. The model was developed based on research conducted by previous studies [15, 17, 18]. The first process of the framework begins with the requirements analysis phase of the SDLC where the credibility attributes are defined based on the functional requirements and the behavior declaration files are generated based on the credibility attributes. As the life cycle enters the testing phase, the behavioral declaration files are assessed and credibility testing is performed to evaluate the credibility of the system. This system is continually evaluated even after implementation has been completed. Based on the credibility test evaluation, the events are logged and a response is sent to the main system where the results of the test are analyzed. The behavior declaration files are then regenerated as the system is updated or if the requirements are changed during maintenance.

Fig. 1
figure 1

Overview of the credibility evaluation framework

Full size image

As Trinidad and Tobago do not currently have a patient portal system implemented, it was considered as a good subject to identify the factors that can affect patient portal adoption and also identify the functional requirements for a patient portal health records system. In this paper, we aim to: (i) identify the key functional user requirements for a potential electronic health records system in Trinidad and Tobago; (ii) assess potential adoption barriers; and (iii) define the credibility attributes based on the functional requirements as the first phase of the credibility evaluation model. This research will be conducted using quantitative research tools such as a survey for data collection. As part of the results, key functional user requirements will be identified, potential barriers will be assessed, recommendations will be provided and the credibility attributes for the evaluation model will be defined.

Literature Review

Several studies have been conducted with regard to software credibility and how it is applied in various applications. Yu and Dan [19] developed a credibility demand analysis method that focused on reviewing the credibility of risk-driven mobile application software. Xu and Tang [17] developed a calculation method to determine the user’s behavior based on trust. Rodriguez-Perez et al. [20], conducted a study on the reproducibility and credibility of empirical software engineering (ESE) which consisted of reviewing publications that use the Sliwerski, Zimmermann and Zeller (SZZ) algorithm. Yu and Xiao [15] proposed a credibility evaluation model based on the application behavior declaration (ABD) which is generated throughout the entire software development life cycle. The model is based on a “WORD” and “DEED”, where the “WORD” defines what the system should do and the “DEED”, represents the actual behavior of the system. Yang and Yu [18] proposed a credibility evaluation model, used to evaluate the cloud end user’s behavior. They identified the evaluation indicators of the user behavior credibility based on behavioral data analysis. Yu and Wang [21] proposed a model for generating credibility test cases based on the immune algorithm. Fang et al. [16], developed a credibility evaluation model based on simulation systems by exploring simulation models.

Overall Methodology

This project’s overall methodology includes an organized approach with numerous essential components. The first step is to undertake an extensive study on patient portal gidelines and standards to help identify the key software quality attributes, which will serve as the foundation for the succeeding phases. Once the essential guidelines and standards have been defined, the following stage is to create a survey that will be used to collect user answers from Trinidad and Tobago individuals.

After collecting survey responses, the attention focuses on examining and analyzing the data. This stage is critical in determining the most important and relevant functional user needs to the users. Concurrently, survey results are utilized to establish credibility qualities that will assure the solution's dependability, security, usability, and overall performance.

The responses are used to help identify some of the key functional user requirements and develop credibility attributes based on the requirements identified. The process of identifying the credibility attributes is based on the credibility evaluation model proposed by Yu and Xiao where the evaluation model is integrated into the different phases of the Software Development Life Cycle starting from the requirements gathering phase [15]. By incorporating credibility evaluation early on, we prioritize the trustworthiness of the solution and maintain the highest standards of quality throughout the development process.

Reviewal of Standards and Guidelines on Patient Portals

To identify some of the key software attributes utilized by patient portals, we have conducted research on some standards and guidelines that patient portals should contain.

The International Organization for Standardization (ISO) and the Health Insurance Portability and Accountability Act (HIPAA) provide a variety of standards and guidelines for the protection of information in regard to security, integrity, confidentiality and availability. The ISO/IEC 27799:2016 [22] extends from the ISO/IEC 27002:2013 [23] which highlights the importance of security as well as the need for security controls to be implemented at various levels to ensure the protection and effectiveness of data with special emphasis on confidentiality, integrity and availability which are crucial in ensuring the preservation of information. Health information is considered to be among the most confidential information which helps to ensure that privacy is maintained. The guidelines further state that integrity is an important component of the protection of health information by ensuring that the information is accurate and auditable. Health information should be available and remain operational in the event of system failures and attacks as well as natural disasters.

The HIPAA of 1996 [24], provides a level of standards and rules that companies and associates called covered entities should develop to provide effective safeguards that will ensure the integrity, confidentiality and availability of electronic protected health information (e-PHI) such as patient portals. Some HIPAA-compliant patient portal software include EPIC MyChart and Athenahealth [25, 26].

Related Studies on Patient Portals

Research on various elements of patient portals have been undertaken. Following a study of the guidelines and standards, we decided to look at studies that primarily focus on software quality elements such as availability, integrity, security, and confidentiality.

Moll et al. [5], studied the patients’ experiences of accessing their EHRs using the Swedish National patient portal. Focusing primarily on the availability of information, they were able to identify the reasons why users accessed the system and also why it was important for this information to be available to them. The results showed that users were more inclined to use the system if key features such as the ability to view records online, prescription requests and appointment management were available.

A study conducted by Keshta and Odeh [27] highlighted that security is among the most important factors to be considered when implementing and utilizing patient portals. They have found that healthcare professionals and patients are generally concerned about the safety of the information and have proposed measures that can be utilized to help improve the system. These measures included technical and administrative safeguards to protect the records from unauthorized use. Security is among one of the key attributes that can influence a user’s adoption of the system. Users are generally concerned about the safety of their information; therefore, it is important to have strong security protocols implemented [28].

Techapanupreed and Kurutach [29] defined integrity as one of the key aspects to ensure that data remain confidential and safe. Information stored online should be safeguarded and protected from allowing unauthorized users access to manipulate the information. Medical information should be accessed primarily by the healthcare practitioner but additional personnel such as admin staff may also have access to view this information. Users may not feel safe if the information is modified by other personnel other than healthcare personnel. If unauthorized personnel access the records, this can lead to potential data breaches [8].

Some users may not want to have certain types of information available online as they may fear those additional personnel such as may be privy to this information or fear of information being breached. Users should have the option to choose what kind of sensitive information they want to be able to access online as users are generally concerned about who has access to their information [8]. Confidentiality of information is one of the key aspects with regard to healthcare. If confidentiality and trust are broken, it can affect the user’s trust in the system as well as affect the security and integrity of information.

Selection of Software Quality Attributes for a Patient Portal

Based on a review of ISO standards [22, 23], HIPAA requirements, and prior research, we were able to identify and describe critical software quality features to consider when designing a patient portal, as shown in Table 1. These characteristics include availability, security, integrity, and confidentiality.

Table 1 Description of software quality attributes based on HIPAA requirements, ISO standards, and prior research
Full size table

Design of Survey

The survey was developed based on the software quality attributes identified in Table 1. Following the research practice of the guidelines and frameworks, the survey was designed to cover six key areas:

  • Demographics: consisted of 10 questions—age, gender, educational background, location, access to the internet, devices available and purposes for accessing the internet.

  • Availability: consisted of 7 questions—types of information available, frequency of accessing the system and also preferred choice to access the information.

  • Security: consisted of 6 questions—security measures such as multifactor authentication, access control and security policies.

  • Integrity: consisted of 4 questions—user notification of account access and authenticity of information entered by various healthcare personnel.

  • Confidentiality: consisted of 3 questions—types of confidential information and non-medical personnel access to confidential information.

  • Adoption: consisted of 3 questions—opinion of patient portal adoption and factors.

Distribution of the Survey

Before the distribution of the survey, 15 participants were invited to complete the survey, provide feedback on how the survey could be improved, advise on if additional content to be added and also identify potential errors. 12 participants completed the survey and the feedback was impactful in the restructuring of questions regarding security and confidentiality. Additional feedback from the group led to the development of an additional section of the survey which focused on adoption and consisted of 3 questions, focusing on the preparedness of a patient portal system and also additional factors that can potentially hinder adoption of such a system. The sample group was then asked to retake the survey with the new changes.

The survey was administered as an electronic survey using Survey Monkey, consisting of 6 sections with a total of 33 questions. The survey was distributed via the main social media platforms used in the country which included Facebook, WhatsApp, Instagram and LinkedIn. The survey was posted on the author’s social media platforms and also sent to family and friends, who later shared the survey on their social media platforms, as this was the most effective way of distributing the survey. The survey was voluntary and no incentives were provided for completed surveys.

The survey was tailored toward the citizens and residents of Trinidad and Tobago, 18 years and older who had internet access. Approximately 79% or 1.085 million citizens are considered to be of adult age and with an internet penetration of 77% or an average of 838,705 citizens had access to the internet [30, 31]. Using Slovin’s formula [32], the minimum sample size of the survey was calculated with a confidence level of 95% and a margin of error of 5% which equaled to 384 participants. Only responses from Trinidad and Tobago residents were taken into consideration.

Results

Analysis of Survey Results

The results of the survey were collected over 3 weeks. A total of 484 responses were recorded. Approximately 390 respondents completed the survey, resulting in a completion rate of 81%. Only completed responses are analyzed and the results are analyzed based on the format of the survey. The sample test group accounted for about 3% (12/390) of the survey. The results are analyzed using a combination of descriptive statistics, Kruskal–Wallis testing for Likert-scale questions and chi-squared testing to understand the significance between variables. IBM SPSS was used to conduct the statistical tests.

Demographics

The demographic section focused on key aspects of the respondents such as age, gender and educational level. Table 2 shows the varying age groups compared with the gender. Approximately 59% (232/390) respondents identify as female, 40% (155/390) as male and 1% (3/390) as other. The results show that 71% (277/390) of the respondents are within the age range of 18–44 and 55% (154/277) of that range identify as female. This shows that a majority of respondents who identify as female are within the age range of 18–44 and account for 66% of the overall female respondents. A similar trend is shown for those who identify as male with the majority of male respondents between the range of 18–44 (120/155, 77%). A chi-test was conducted to determine if there is a relationship between age and gender and the results showed that there is no statistically significant relationship between gender and the age range (χ2(10) = 11.5, P = 0.313).

Table 2 Age range and gender of respondents (n = 390)
Full size table

Table 3 shows the results of the educational level based on gender with over 79% (310/390) of the respondents having at least an undergraduate degree or higher. This is similar to the results of the test group where 92% (11/12) of the respondents have an undergraduate degree or higher. This also shows that the majority of respondents in the study are well educated.

Table 3 Educational background of respondents (n = 390)
Full size table

Availability

Prior to this research, 58% (228/390) of respondents had not heard of a patient portal while 42% (162/390) had some knowledge about the system. Of the 390 responses, 96% (373/390) respondents would like the ability to access their electronic health records online with a majority of the respondents between the age of 25 and 34 (131/373, 35%), followed by the 35–44 (95/373, 25%) age range.

Figure 2 shows various types of information that users would like to have access to via the patient portal. Test results 91% (354/390), medical history 88% (344/390), appointments and billing 84% (329/390) and prescriptions 83% (322/390) are among the most populous types of information that users would like to access.

Fig. 2
figure 2

Types of available information (n = 390)

Full size image

Security

Figure 3 shows the results of which personnel users will feel comfortable allowing access to their accounts. The results show that respondents will feel safer allowing their healthcare physician (285/369, 77%) to have the most access to their accounts while respondents felt very unsafe allowing their friends to have access (102/365, 28%). The weighted average for each personnel is as follows: primary healthcare physician = 3.94, nurse = 3.26, healthcare administrator = 3.12, receptionist = 2.25, family = 2.95 and friends = 3.01. The Kruskal–Wallis test showed that there is no significant difference between the age and the ratings of the different healthcare personnel (P = 0.467).

Fig. 3
figure 3

The stakeholders that respondents feel comfortable accessing their health care information (n = 369)

Full size image

Figure 4 focuses on the various security mechanisms that are available for users to choose. Results show that respondents will feel the safest accessing the patient portal using traditional security measures along with multifactor authentication and also using traditional security measures in addition to security questions. Table 4 shows the key multifactor mechanisms that were chosen by respondents are SMS authentication (235/379, 62%) and email authentication (225/379, 59%). Between the two options, the main respondents were between the 25 and 34 age range followed by the 35–44 age range. A chi-test was performed and the results show that there is a relationship between age and SMS authentication (χ2(5) = 13.6, P = 0.018), where younger respondents were more accepting of SMS authentication than older respondents. There was no relationship between age and email authentication (χ2(5) = 2.05, P = 0.842).

Fig. 4
figure 4

Access to the patient portal using various security mechanisms (n = 369)

Full size image
Table 4 Multifactor authentication security mechanisms using SMS and email authentication (n = 379)
Full size table

Integrity

The results of Table 5 show that 99% of the respondents prefer to be notified if their account has been accessed. Respondents were in favor of being notified immediately via email, SMS, or other Messaging platforms (319/390, 86%) which shows a positive response from respondents in regard to audit tracing.

Table 5 Notification of account access when health records have been accessed (n = 390)
Full size table

The data in Fig. 5 show the responses based on the level of trust in accepting information that has been entered by the various medical personnel. Healthcare physicians received a high rating with most respondents (320/369, 87%) placing a high level of trust in information inputted by them. Nurses and Lab technicians also received high levels of trust with almost similar statistics of (225/367, 61%) and (228/367, 62%) respectively. As these are the three main parties that users are likely to interact with regarding health information, it is understandable that users would rather trust information entered by these personnel. The Kruskal–Wallis test showed that there is no significant difference between the various personnel and the age of the respondents (P = 0.139).

Fig. 5
figure 5

User trust of the information entered by the various healthcare personnel

Full size image

Cofidentiality

Table 6 shows the choices of who should be able to access the various forms of information that have been uploaded to the patient portal. Across the 12 categories of information, over 90% of respondents prefer to allow their primary healthcare physician access to their information. Several Kruskal–Wallis tests were conducted to determine the differences between the age and various categories of information. With the exception of X-ray (P = 0.012), all other categories of information do not show any statistical differences.

Table 6 Categories of information personnel should be able to access (n = 369)
Full size table

Adoption

With regards to the adoption of a patient portal in Trinidad and Tobago, the results show in Table 7 that of the 377 responses, 51% of the respondents believe that Trinidad and Tobago is ready for the adoption of a patient portal, 25% do not believe Trinidad and Tobago is ready for the adoption of a patient portal and 24% are unsure. Most of the respondents who are ready for adoption are between the age of 25 and 54 (150/193, 78%) with the 25–34 age group holding the majority of votes. Using the chi-squared test, the results show that there is no association between age and the readiness factor (χ2(10) = 12.22, P = 0.270).

Table 7 Readiness of patient portal adoption in Trinidad and Tobago (n = 377)
Full size table

Table 8 highlights the respondents’ beliefs on the factors that can hinder patient portal adoption in Trinidad and Tobago. The 3 main factors that respondents highlighted are lack of trust in ensuring the integrity, confidentiality and security of information on the patient portal 70% (265/379), lack of adequate cybersecurity laws and regulations 65% (247/379), and resistance to change 59% (224/3379). Using chi-testing to analyze the key leading factors, results show that there is no relationship between age and resistance to change (χ2(5) = 8.40, P = 0.135), and also age and lack of adequate cybersecurity laws and regulations (χ2(5) = 10.53, P = 0.061). There is, however, a strong statistical relationship between age and lack of trust in ensuring the integrity, confidentiality, and security of information on the patient portal (χ2(5) = 15.81, P = 0.007).

Table 8 Factors that hinder the adoption of a patient portal in Trinidad and Tobago. (n = 379)
Full size table

Functional User Requirements

Following careful analysis of the results from the survey, we were able to identify some of key the functional user-centered requirements based on the responses of the participants and also from the previous studies conducted. The requirements are based on the characteristics of security, availability, integrity, and confidentiality. The requirements are described in Table 9 below based on the four attributes: security, availability, integrity, and confidentiality.

Table 9 User-centered functional requirements
Full size table

Respondents were found to be in favor of advanced login security measures aside from traditional login measures (username + password), with multifactor authentication (MFA) among the most populous. This coincides with the ISO Health Informatic guidelines which encourage the adoption of MFA. Among the two MFA measures highlighted in this study, the preferred choice for respondents aged between 18 and 44 is SMS authentication, and email authentication is favored among all age groups. This is expected as not everyone may understand the dynamics of SMS authentication and, therefore, both SMS and email authentication should be an available option for all users. Additional security measures for the system performance may include firewall protection, data encryption and security permissions can also improve how information is stored and accessed. System events can be logged and the patient should be immediately notified via email if their record has been accessed.

Information should also be categorized in different tiers which only certain personnel will have access to. The user should also be given the option to choose who they are willing to grant access to certain types of information as not everyone may feel comfortable sharing information such as sexual health and lab tests results. These requirements are selected based on the responses of the participants. Though this does not fully reflect the entire nation, it can be used as a census to highlight what users may expect from such a system. The patients will be the primary users of this type of system; therefore, it is important to ensure their needs are met.

Selection of Credibility Attributes

As part of the first phase of the credibility evaluation framework [18, 21], the software credibility attributes are defined based on the functional requirements and categorized into four key indicators shown in Table 10. These indicators include the credibility of user access, the credibility of information access, the credibility of information and overall credibility of the system. The attributes identify key requirements that the system should perform to provide a trustworthy and credible system.

Table 10 The selection of the credibility attributes
Full size table

The credibility of user access indicator comprises two attributes and focuses on the user’s behavior when accessing the system or performing system functions. The user is expected to perform certain functions when accessing their account which includes authenticating their identity using SMS or email authentication and should also reset their password after some time. This is to ensure that the user is who they are by providing the system with the necessary information to confirm their identity.

The credibility of information access indicator comprises of four attributes and is based on access and input of the patient information by the hospital personnel. To ensure the integrity of information entered by healthcare personnel, the personnel is expected to provide the same level of authentication as the user. Hospital personnel will be able to access patient information based on the access that is provided to their account. If the personnel does not have permission to access the patient’s record, they will be denied access to the patient’s record. All data should, therefore, be signed by the corresponding personnel to ensure the validation of the information and should be encrypted in the database using various encryption techniques.

The credibility of information indicator has 4 attributes and focuses on the categorization of information and how information will be viewed and downloaded. Information will be required to be categorized based on 4 different security tiers, which will be chosen based on the requirements of the healthcare institution. This indicator also reviews how information should be viewed and downloaded.

The credibility of the system indicator comprises of 5 attributes and includes various functions that the system is expected to perform regardless of the operation in progress. These attributes include the timing out of the system, suspension of accounts, hashing of confidential information, flagging of unauthorized users and performing an audit of system events.

Discussion

The study reveals a significant issue of distrust among citizens concerning the security of a patient portal system. This distrust can have a profound impact on the system's adoption, as users may be reluctant to share their sensitive medical information online unless they are assured of its security and confidentiality. To address this concern, it is crucial to focus on enhancing security measures to improve the overall trustworthiness of the system. Interestingly, the study's findings align with those of other research studies, which also emphasize the need for bolstered security protection to instill confidence in users [5, 27, 29, 33].

These consistent findings underline the urgency of implementing robust cybersecurity measures and patient confidentiality laws. By doing so, patients' rights will be better protected, and individuals may be more inclined to share their information online and with healthcare personnel.

The survey results revealed mixed responses regarding granting access to patient records by additional personnel beyond primary healthcare physicians and nurses. Notably, some respondents were hesitant to allow receptionists access to their records, despite the receptionists' vital role in managing administrative tasks and facilitating patient care. This hesitation may indicate a lack of trust between patients and certain healthcare personnel. To build trust, hospital personnel needs to be held accountable in case of data breaches or unauthorized access. Implementing clear protocols and consequences for data breaches will reinforce the system's security and demonstrate the commitment to protecting patient information.

Reviewing and applying international standards and legislation requirements such as ISO and HIPAA are techniques to ensure robust cybersecurity and data protection. These standards give essential guidance and best practices for protecting sensitive data. However, it is important to remember that rules and regulations differ from country to country, and Trinidad and Tobago's legal system will have its own set of laws. As a result, the implementation of cybersecurity and patient confidentiality regulations should be customized to the individual needs and environment of the country. Another barrier to adoption identified in the study is resistance to change, particularly among elderly users. Technology advances rapidly, and some users may be hesitant to adopt new systems that require them to learn new approaches. This resistance might also be influenced by cultural factors and the belief that the current system, despite its shortcomings, is sufficient. To conquer this barrier, it is crucial to develop the patient portal system with a user-friendly interface, ensuring that users of all ages can easily access and utilize the platform. Providing comprehensive user training and ongoing support will also be critical in increasing adoption among older users and others who are unfamiliar with technology.

In conclusion, addressing the issue of distrust, enhancing security measures, as well as taking into account the needs of elderly users are critical elements to enable the effective implementation of a patient portal system in Trinidad and Tobago. The healthcare industry can establish a more accessible and trustworthy digital environment for patients, healthcare providers, and other stakeholders by prioritizing cybersecurity, implementing patient confidentiality legislation, and focusing on user-friendly design.

Views on patient portal implementation vary significantly among nations, with examples from Sweden, the United States, and the United Kingdom providing valuable insights. In Sweden, significant government, patient centric approach and data security have led to a successful patient portal adoption [5, 33]. In the United States, substantial growth in patient portal usage due to government initiatives and an increased demand for patient-centered care, despite challenges related to data security and user friendliness [7, 11, 24]. In the United Kingdom, the National Health Service (NHS) has played a key role in promoting patient portals, and government support has facilitated widespread adoption [34, 35].

In comparison to Trinidad and Tobago, both the US and the UK encounter issues with patient portal deployment. Adoption hurdles in Trinidad and Tobago include mistrust of security and concerns about data confidentiality. Similar concerns have been expressed in the United States and the United Kingdom. Furthermore, every sector emphasized data security and patient privacy as key factors for successful adoption. In Sweden, the United States, and the United Kingdom, government intervention has been critical in increasing patient portal adoption. Assistance from the government may also be required in Trinidad and Tobago to stimulate adoption.

While there are a several similarities in terms of challenges and considerations, the success of patient portal adoption in Sweden, the United States, and the United Kingdom illustrates the potential of digital health solutions to improve patient engagement and healthcare delivery. Data security, privacy concerns, and accessibility are universal themes for successful patient portal deployment across the world.

Limitations

The study presented herein is a valuable contribution to understanding the user requirements and credibility attributes for a patient portal in the context of Trinidad and Tobago’s healthcare system. However, it is essential to recognize and address the study's inherent limitations to ensure a comprehensive understanding of its findings and implications.

One significant disadvantage of this study is the shortage of reference data regarding Trinidad and Tobago’s healthcare system. As a result of the limited pool of recently published literature and data available for examination, the study's content and depth may be limited. Despite the researchers' best attempts to collect relevant information, the study's conclusions may have been biased by the lack of comprehensive data. Furthermore, the online survey approach used in this study can generate biases and restrictions. While online surveys provide advantages such as lower costs and wider reach, they may not adequately capture the thoughts and perspectives of all age groups, especially those with limited access to or experience with internet platforms. As a result, the survey findings may skew toward particular age categories, perhaps overlooking the preferences and demands of older individuals who may have distinct wishes and expectations for a patient portal. Combining online surveys with other data-gathering methods, such as in-person interviews or focus groups, could assist in overcoming this limitation and offer an improved understanding of the population’s various perspectives.

Finally, it is critical to acknowledge that studies on healthcare and technology adoption in Latin America, particularly Trinidad and Tobago, may be restricted in comparison to more widely examined regions. As a result, the study’s conclusions may not completely represent all of the region’s nuances and complexities. Researchers should be careful not to overgeneralize their results and should take into account any cultural and contextual changes that may impact user requirements and credibility attributes particular to the location. Despite these constraints, the research gives valuable insight into the functional user requirements and credibility specifications for a patient portal in Trinidad and Tobago. Researchers can determine the foundation for future studies that dive further into understanding the complexity of the region's healthcare system and its influence on technology adoption by recognizing and resolving these constraints. Incorporating other research approaches and expanding the study's duration can also improve the study’s validity and broaden the scope of user preferences in this case.

Conclusion

In conclusion, this study has made substantial progress in identifying the factors that influence the adoption of a patient portal system in the Trinidad and Tobago healthcare sector. Valuable insights have been gathered to inform future advancements in the sector through the identification of functional user requirements, the defining of credibility attributes based on these requirements, and the assessment of adoption barriers. The study emphasizes the importance of security, integrity, availability, and confidentiality in successfully implementing a patient portal system. These requirements serve as the foundation for the selection of credibility attributes, which are critical in ensuring the system’s confidence among users. The credibility evaluation method proposed in this study can be used to guide the design and implementation of patient portal systems not only in Trinidad and Tobago but also in other similar situations.

One of the primary conclusions of this study is that the residents of Trinidad and Tobago are skeptical about the security, integrity, and confidentiality of information in a patient portal system. Addressing these concerns is critical for increasing favorable adoption rates, as many people may be hesitant to embrace the technology if they consider it to be missing in these areas. As a result, in the creation of the patient portal system, steps to improve security, maintain data integrity, and ensure confidentiality must be prioritized. The study also identifies two major barriers to adoption: opposition to change and insufficient cybersecurity laws. Overcoming these obstacles is critical for a successful deployment. Change approaches management should be prioritized for patient portal system implementers to simplify the transition and achieve acceptance from both users and stakeholders. Furthermore, advocating for effective cybersecurity laws will establish a strong legal framework to protect patient information and instill trust in the system. Data openness and accountability are emphasized to maintain the patient portal system’s long-term success. Holding responsible individuals accountable in the event of a breach demonstrates a commitment to preserving the system’s integrity and protecting patient data. Furthermore, there are significant opportunities for further research in the development of patient portal systems for Trinidad and Tobago in the future. Exploring additional constraints, such as infrastructure limits and information digitization, can provide useful insights into adapting the system to the region’s specific needs. Continuous research will be critical in optimizing the patient portal system and guaranteeing its relevance and efficiency as the healthcare sector advances.

Finally, this research has established the framework for the advancement of patient portal systems in Trinidad and Tobago and abroad. We can pave the path for accessible, reliable, and user-friendly healthcare technology that improves patient care and experiences by addressing the specified criteria, credibility attributes, and adoption barriers.