Digital health data security practices among health professionals in low-resource settings: cross-sectional study in Amhara Region, Ethiopia

Introduction

Protecting digital health data from unauthorized access, alteration, and destruction is a crucial aspect of healthcare digitalization. Currently, digital security breaches are becoming more common. Healthcare data breaches have compromised over 50 million medical records per year. In Ethiopia, health digitization has grown gradually. However, there is a limitation of study in digital health security. Studying digital health data security helps individuals protect digital data as a baseline and contributes to developing a digital health security policy.

Objective

To assess the practice of healthcare professionals in digital health data security among specialized teaching referral hospitals in Amhara Region, Ethiopia.

Method

A cross-sectional study design supplemented by a qualitative purposive sampling method was used to measure the digital data security practices of health professionals. The sample size was determined via single population proportion formula. A simple random sampling technique was used for the study participants. Then, self-administered questionnaires were administered. Multivariable logistic analysis was used to identify associated factors using STATA software. For the qualitative study, key informant interviews were used and analyzed using thematic analysis approach via open-code software.

Results

Out of the 423 health professionals, 95.0% were involved in the survey. The finding indicates digital health data security practice of health professionals working at specialized teaching hospitals were 45.0%, CI: (40, 50). Health professionals 41–45-year age group (AOR = 0.107), master’s degree (AOR = 2.45), postmaster’s degree (AOR = 3.87), time to visit the internet for more than two hours (AOR = 2.46), basic computer training (AOR = 2.77), training in digital data security (AOR = 2.14), and knowledge (AOR = 1.76) were associated with the practice of digital health data security. For the qualitative study, three teams were prepared. The findings indicate digital health data security can be improved through training, advanced knowledge and working with digital security.

Conclusion

The practice of digital health data security in specialized teaching hospitals in the Amhara region was inadequate. Therefore, it can be improved through enhancing education status, increasing the time needed to visit the internet, providing computer training, and updating health professionals’ knowledge toward digital health data security.

Healthcare digitization is one of the pillars of the information revolution agenda, which requires every institution to improve the flow of information through the digital space [1, 2]. The protection of health data needs security to maintain data integrity, availability, and confidentiality to prevent unauthorized access, alteration, or destruction and ensure an optimal level of risk perception [3, 4]. In institutions, digital security breaches are increasing globally, costing approximately $3.49 million per breach, which has threatened nearly $5.2 trillion in global value between 2019 and 2023 [5, 6].

In the context of developing countries, including Africa, digitization has grown rapidly, especially in terms of cybersecurity activity [7]. However, more than 90% of African companies operate without the required digital security [8]. As a result, online scamming, business email compromise (BEC), and ransomware are the most common digital threats affecting African institutions. More specifically, healthcare settings are the dominant area [8, 9]. Therefore, healthcare data are a popular target for hackers, and digital criminals are primarily interested in digital health data containing protected health information (PHI) [10].

Data breaches in healthcare organizations were 1.25 times more common in 2016 than they were five years ago [11]. Even though the health industry is undergoing a significant digital shift, security is a critical issue for organizations working in a networked environment [12, 13]. Over 45.7 million medical records were compromised in 2021, the second-highest number of records breached since 2015 [14]. To protect data, researchers have advocated advancing knowledge and providing training on digital health data security [15]. Previous studies have suggested that improving digital health data security status, educational status, health professionals’ knowledge, computer training, risk perception, motivation, and attitudes were contributing factors [3, 16, 17, 18, 19, 20, 21, 22, 23].

The Federal Minister of Innovation and Technology drafted the Data Protection Proclamation in Ethiopia as a result of digital attacks [13, 24]. According to the findings, 11.6% of Ethiopian public agencies have trial-level legal frameworks, with 87.4% having no recognized legal frameworks to counter attackers [13]. The Health Information Management System Society (HIMSS) Healthcare Digital Data Security Survey for 2021 revealed that digital data security, outdated infrastructure, a rise in social engineering, and ransomware assaults are difficulties for the healthcare industry [25].

However, in Ethiopia, the Ministry of Health (MOH) has focused on digital health innovation [26]. However, health data are exchanged via digital technology, digital data security is a challenge in the healthcare setting [27]. The main points associated with the loss of health records are viruses, poor backup systems, and software corruption [28]. Furthermore, a qualitative study revealed that the usability of security measures is a rich topic in light of current advanced system security breaches and suggested identifying the factors of security challenges for e-health security improvement [29].

Therefore, studying the digital health data security practices of health professionals has a significant purpose for healthcare digitization because health professionals are the main targets of cybercriminals [28]. A study aimed to assess the digital data security practices of healthcare professionals working at specialized teaching hospitals in the Amhara Region, Ethiopia. This study helps improve the practice of digital data security measures. The findings will be used as a baseline for future studies and will help the responsible body guide digital health security policy.

Study design

The study was conducted in the Amhara region of Ethiopia. It is located 173 km from Bahir Dar and 493 km from Addis Ababa. Each hospital serves as a teaching and referral center for more than 3.5 million people. A hospital-based cross-sectional study supplemented with a qualitative method was conducted to assess the practices of the health profession on digital data security. The study was carried out via a cross-sectional study design and a phenomenon approach. All participants provided written informed consent to participate in the study (Appendix I). The study was conducted at specialized hospitals from June to July 2022 G.C.

Study participants

All health professionals who had worked in a specialized teaching hospital in the Amhara region were the source population, and health professionals who had used digital devices in a specialized teaching hospital were selected for the study population. Healthcare professionals who used digital health data from a specialized teaching hospital were included in the study.

Sample size determination and sampling procedure

The sample size was determined via a single population proportion. It was calculated using the assumption of a significance level of 95%, a 5% margin of error, a 50% population proportion, and 10% contingency [30]. The total sample size was 423. All the study participants were chosen via simple random sampling at specialized teaching hospitals, with proportional allocation for each health institution (Fig. 1). To ensure the robustness of the findings of the study, a qualitative method was used, and the results were measured via key informant interviews until data saturation was reached, with seven key informant interviews. Purposive sampling was used to select the study participants. Then, a phenomenology approach was used. This approach helps to get the lived experiences of health professions toward digital health data security. Hence, detail experience of health professionals towards digital health data security were collected.

Sampling procedure of digital data security practice among health professionals in healthcare at specialized teaching hospitals in Amhara Region, 2022

Full size image

Operational definition

Practice digital health data security: Health professionals who practice electronic countermeasures to protect digital health data from unauthorized access, alteration, and loss. This scale is measured via ten items with a score of yes or no question. The data were distributed normally by checking the Shapiro‒Wilk test (p value > 0.05), skewness, and kurtosis. Therefore, it selects the mean over the median for the outcome variable, and scoring above the mean value of 5.19 ± 2.1 (SD) has good digital data security practice, whereas scoring below the mean has not been practiced [19, 20, 21]. The motivation to practice digital security refers to an individual’s commitment to engage in or strive to practice digital security techniques when health data are used and scoring above the median value of 23 (IQR 20–24) using six-item Likert scale questions that have good motivation, whereas those below the median value are poor motivation [23]. Knowledge of digital data security refers to the know-how of health professionals to practice security techniques when health data are used. It is measured via ten items with a Likert scale, and a score above the median value of 35 (IQR 31–40) indicates good knowledge, whereas a score below the median value indicates poor knowledge [23, 31]. Attitudes toward digital data security refer to how individual health professionals feel when handling health data using data security techniques. It is measured via eight-item Likert scale questions. A score above the median value of 31 (IQR 27–33) indicate favorable attitudes, and a score below the median value indicate unfavorable attitudes toward digital health data security [23, 32].

Data collection procedure and quality assurance

A structured, self-administered questionnaire was adapted and modified using data from various sources [3, 23, 32, 33, 34, 35]. The questionnaire was prepared in English. It was judged by research consultants and research teams to ensure its quality. Then, a pretest was conducted. A Cronbach’s alpha above 70% was included. The data were collected by five trained data collectors and guided by two supervisors. Health informatics professionals have collected the questionnaire. Then, the investigators performed overall supervision. Data incompleteness and data entry errors were checked using statistical software to minimize errors.

For the qualitative study, the questionnaire was developed in English and translated into the local language. The investigator used key informant interviews with semi structured, open-ended interviews. Purposive heterogeneous sampling was used to choose individuals who had experience with digital data security practices. The interviews were conducted in a secure setting, recorded via a suitable sound recorder, and transcribed and translated into English by language experts. To ensure the reliability and validity of the qualitative data, the study was conducted from multiple perspectives via triangulation techniques, and moderators were employed to reduce personal bias. The incoming data were checked to address the research questions adequately. In addition, the completeness of the data has been checked. This is accomplished through the clustering of data in groups. Finally, the data saturation was optimized.

Statistical analysis

Epi Data Version 4.6 software was used to enter the data and exported to Stata software Version 16. Cleaned data were produced by checking the assumption of logistic regression. Binary logistic regression was used to identify the associated factors. Then, variables with a p value less than or equal to 0.2 were selected as candidates for multivariable analysis. Using adjusted odds ratios with a 95% confidence interval and a p value < 0.05, the outcome variable was determined by controlling confounding effects. To check the goodness of model fit, the Hosmer- Lemeshow test is a more trustworthy indicator of the outcome variable. Therefore, the goodness of the model fitness has been checked using the Hosmer-Lemeshow test. The p-value is greater than the significant level (p ≤.05). Thus, the model fits the data. For qualitative data, Open Code software version 4.02 was used to analyze the results via thematic analysis.

Sociodemographic characteristics

Among the 423 study participants, only 5.0% did not complete the survey. Hence, 402 participants were included in the analysis. The average age of the study participants was 34.5 ± 5.87 (SD) years. The majority of the participants were male, accounting for 63%. The majority of health professionals were between the ages of 36 and 40, accounting for 30% of all health professionals. Among the participants with respect to marital status, the majority were married, accounting for 47.5% of them. With respect to educational status, a high proportion of health professionals had a bachelor’s degree, accounting for 72%. Among professionals, 30.35% were physicians (Table 1).

Behavioral and organizational characteristics

In terms of behavioral factors, 53.98% of health professionals had favorable attitudes toward practicing digital data security. In terms of knowledge, 51.24% of the participants had poor knowledge compared with those who had good knowledge. Additionally, 52.74% of the participants were highly motivated, and 50.25% of the respondents perceived risk when they practiced digital data security. This study also revealed that 81.34% of the respondents had not received security training, whereas 57.96% agreed that there was a workload in the organization (Table 2).

Technological characteristics

In terms of technological characteristics, 92.29% of the participants handled health data using a digital device daily, 98.01% used the internet, 55% accessed the internet for more than two and a half hours, 97.0% used social media, 56.97% had basic computer training, and 63.18% had basic computer skills (Table 3).

Digital health data security practice

This diagram shows that, digital health data security practice of health professional in specialized referral teaching hospital in the Amhara region, Ethiopia was 45.0%, (95% CI [40, 50]) with a mean score of 5.19 ± 2.1 (SD). Among those, 28.11% were males, and 16.92% were females. The variation is due to the number of females in the healthcare institution is limited. Whereas 54.9% of the respondents poorly practiced digital health data security (Fig. 2).

Magnitude of digital data security practices among health professionals in healthcare at specialized teaching hospitals in the Amhara Region, Ethiopia (n = 402)

Full size image

Thematic analysis

Key informant interviews were used to conduct qualitative studies. The key informant persons were responsible and had a head role in the working area. These persons had good knowledge about the digital data security practices of health professionals. Seven key informant persons (KIP) were interviewed. The mean age and working experience of the health professionals were 30 and 5 years, respectively. The study took an inductive approach. On the basis of the data, three themes were created. These were digital health data security practices, challenges, and alternative solutions.

Theme 1: digital data security practice

Healthcare digitization has been introduced in each healthcare unit. Hence, health professionals have been close to digital health technology. However, they shared health data via digital devices, and the data were not secured. The interviewees responded that health professionals have little practice in digital health data security techniques. Thirty-one years of age feel that “… we download everything… & like it subscribes… the expert is not as knowledgeable as to handle system security problems” (Respondent 2). Radiology suggests that “… we do not use data encryption because we do have not enough skills to practice” (Respondent 1). A man who had worked in monitoring and evaluation responded, “…I think many experts about digitalization already have a lot of recognition.… a lot of people are now turning a lot of data into digital; I trust they have a good level of recognition for that,…. However, their understanding of digital security is not significant. Because there are so many techniques out there that only a few have a good look at it, for example, using a password” (Respondent 6).

Theme 2 challenge

Subtheme 2.1 sociodemographic challenges

Security has been a concern for health professionals, who update their data to maintain and prevent data loss. Therefore, age and educational status influence digital data security practices. A person working in radiology states that “… data security… adults are more likely to do.… It is a challenge for old ones like professors…” (Respondent 1). Pharmacy professionals believe that “…a person who has received special computer training has better access.… the degree level and diploma level vary with the master’s level because the study of the course…” (Respondent 3).

Subtheme 2.2 behavioral challenges

Health professionals are interested in being familiar with digital data security. However, they have little knowledge of digital data security techniques.

The pharmacy team leader said, “Now this time is a digital age, so everyone has… good attitudes and motivations…” (Respondent 3). A health information professional said, “… many professionals… very limited ability to handle information, even back up, the knowledge itself is low, how to handle it, how to manage… (Respondent 4).

Subtheme 2.3 technological challenges

Health professionals have tried to use digital data from different sources. They were also favorable for using social media and visiting the internet frequently. This made them more vulnerable to digital hackers. A plan and program officer stated that “…everyone is close to technology and has an opportunity to use it three or four times a day… However, it seems a little to maintain, secure…” (Respondent 7).

Subtheme 2.4 organizational challenge

Institutions focus on digitization, and some problems exist. These problems included poor IT infrastructure and a lack of experts in digital applications and training. A monitoring and evaluation professional said that “there is a shortage of infrastructure for many institutions… and then there is the absence of trained professionals in each institution. This is a fundamental problem” (Respondent 6).

Theme 3 solutions for improving security practices

Healthcare digitalization smooths the flow of health data exchange within the working area and across health institutions. A pharmacy suggested that “… online theft is on the rise…Additionally, if you do not maintain the privacy setting properly… go online and they will keep track of what I do…” (Respondent 3). Another person stated, “… no one has taken ICT special training but…I mean while watching YouTube in its way…” (Respondent 3). Similarly, the Radiologist stated, “… many of the things we want to fill are those that require a wireless connection…. to networked… if connecting… the directory will be processed elsewhere…” (Respondent 1).

Factors associated with digital health security practices

The factors of health professionals toward digital health data security practices are assessed using binary and multivariable logistic regression. Based on this, the findings of this study revealed that computer skills, motivation towards digital data security, attitude, perceived risk, monthly salary, owner ability of smartphone, and sharing digital devices in the working area are identified as non-significant factors for digital health data security practice. Hence, this needs further investigation in different settings using different methods. The significant factors are also presented as follows.

The findings of this study identified age as a significant factor for data security practice; professionals in the 41–45 age category was 89.3% (AOR = 0.107, 95% CI [0.023–0.51]) less likely to practice digital data security. Health professionals with master’s degrees were 2.45 (AOR = 2.45, 95% CI [1.138–5.3]), and those with postmaster’s degrees were 3.87 (AOR = 3.87, 95% CI [1.3–11.5]) times more likely to practice digital data security. The professionals who visited the internet for more than two and a half hours per day were 2.46 (AOR = 2.46, 95% CI [1.45–4.097]) more likely to practice digital data security than those who visited the internet for less than or equal to two hours per day. The other finding indicates that those who received basic computer training were 2.77 (AOR = 2.77, 95% CI [1.62–4.73]) times more likely to practice digital data security than those who did not receive basic computer training. The findings show that those trained in digital data security were 2.14 times (AOR = 2.14, 95% CI [1.1–4.16]) more likely to practice digital data security. Finally, professionals who have knowledge of digital data security were 1.766 times (AOR = 1.76, 95% CI [1.01–3.10]) more likely to practice digital data security than who have not knowledge on data security (Table 4).

This study aimed to assess the practice of digital health data security in healthcare settings. Digital security technology is still evolving rapidly [36]. However, this study revealed that 45.0% of health professionals practice digital data security. This result is consistent with those of studies conducted in Australia [37], Canada [23], and the USA [38]. This similarity is due to health care organizations prioritizing the security of health care digitization. However, this contradicts the findings of a study conducted in Europe, which reported 34% [39]. Hence, this may be due to variation in the sampling methods used. Previous studies conducted in specialized teaching referral hospitals in the Amhara region revealed that there was high utilization of health information, accounting for 70.8% of all health information [40]. However, compared with the utilization of health information, the level of digital data security practice is not sufficient. In addition, the qualitative findings also indicated that “health professionals are not very familiar with digital security technology and do not practice digital data security well” (Respondent 3).

The findings revealed that the 41–45-year-old group had 89.3% lower odds of practicing digital data security than did the 20–25-year-old group. These findings indicate that young adults are more likely to practice digital data security than those aged 41–45 years. This is in line with a study conducted in Australia [37]. Furthermore, this finding is consistent with a study in India in which young people benefit from practicing digital data security to protect themselves from digital threats [35]. In addition, the qualitative findings show that “young adults are more active in technology and practice digital data security techniques” (Respondent 2).

The study revealed that master’s and postmaster’s degree professionals were 2.45 and 3.87 times more likely to practice digital data security, respectively. This finding contrasts with a study conducted in India that showed that educational status was not significant for practicing digital security [35]. This could be due to variation in the samples used to represent the populations. However, the key informant said that the “…education level influences the practice of digital health data security because the study of the course is different across levels of education…” (Respondent 3). The findings show that health professionals who visited the internet for more than two and a half hours per day were 2.46 times more likely to practice digital data security. This finding is consistent with a study conducted in India [35]. A key informant also said that “professionals have an opportunity to use search engines three or four times a day…so, they practice digital data security more” (Respondent 4).

The findings revealed that those who received basic computer training were 2.77 times more likely to practice digital data security. This result was supported by a key informant, who explained that “people who have taken special computer training are more likely to practice than others” (KIP7). The findings also show that trained health professionals in digital data security are 2.14 times more likely to practice digital data security than those not trained in digital data security. However, only 18.66% of the participants were trained in digital data security. This shows that health care management pays little attention to digital data security [15]. As a guideline, standard ISO 27,799 recommends that to prevent the exposure of sensitive data, healthcare personnel should receive affordable security training when they begin working as professionals in a hospital [36].

Finally, health professionals who have knowledge of digital health data security were 76.6% more likely to practice digital data security. However, only 48.76% of the participants have knowledge of digital data security. This result is in line with a previous study in Canada that revealed that knowledge was the strongest predictor of practicing digital security countermeasures [23], and other studies also reported that knowledge related to digital security was determined to play a significant role in the practice of digital security [38]. This finding was supported by a qualitative study in which key informant interviewees explained that “there was a lack of training due to this, there is lack of knowledge and consequences of the poor practices in digital data security” (Respondent 4).

Limitations and recommendation

However, the study was triangulated by using a quantitative study supplemented by a qualitative study, and a cross-sectional study was used. This limits the determination of the causal relationships between predictors and outcome variables. A small sample size in some subgroups was the confidence made wide.

The purpose of this study is to improve health professionals’ practices in terms of digital health data security. Hence, they update their knowledge of digital security to secure data in the digital space. Specialized teaching hospitals should provide training on the basis of age and educational status with respect to digital data security so that health professionals can develop a safe digital environment. Finally, the Amhara Regional Health Bureau and Minister of Health should use the findings to guide digital health strategies to harmonize health professionals with digital security while practicing digital health applications.

Implications for health care practice and policy

Digital health data security is the hottest issue, especially in healthcare settings. Knowing digital health security practices strengthens health information systems, especially in resource-limited settings, because there is insufficient evidence on digital health security. This study revealed that healthcare professionals need to practice digital health security through continuous training and knowledge about digital security. This finding also reveals that health professionals have paid little attention to the safety of digital health data. Health policymakers should take this study as input and guide policies on digital health.

A previous study revealed that the digital health data security practices of health professionals were relatively inadequate. The candidate variables of age, education level, time spent visiting the internet, basic computer training, training in digital data security, and knowledge are significant for improving the practice of health professionals toward digital health data security. A qualitative result shows that these obstacles can be solved by providing appropriate digital health data security training, fulfilling the IT infrastructure, and improving the knowledge of health professionals related to digital data security. Therefore, improving and synchronizing health professionals with digital health data security is needed.

What was already known on the topic:

• Digital health data security is an essential component for delivering efficient and effective healthcare services.

• Several digital data breaches have involved tracking sensitive health information for monetary importance.

• In resource-limited settings, there is a lack of security-keeping measurement tools to keep healthcare data/information.

What this study added to our knowledge:

• The study indicates that 45% of health professionals have practiced digital health data security tools inappropriately.

• To improve the level of digital health data security practice of health professionals, training, education, and updated knowledge constitute the core of the digital health system.

The datasets generated or analyzed in the current study are available upon reasonable request.

AV:

antivirus

DDS:

digital data security

DHIS2:

District Health Information System

EMR:

Electronic Medical Record

EpiInfo:

Statistical Software for Epidemiology

EHR:

Electronic Health Record

HIE:

Health Information Exchange

HIMSS:

Healthcare Information and Management Systems Society

HIPAA:

Health Insurance Portability and Accountability Act

HIS:

Health Information System

ICT:

Information and Communication Technology

IQR:

Interquartile range

KPI:

Key personal Interviewee

MoH:

Minister of Health

PHR:

Personal Health Record

PII:

Personally Identifiable Information

STATA:

Statistical Software Package

VPN:

Virtual Private Network

WHO:

World Health Organization

Wi:

Fi-Wireless Fidelity

First and foremost, I would like to express my deepest gratitude to a compassionate God for caring for me despite my hardships. Next, I would like to express my gratitude to Debre Markos University and the University of Gondar for their contributions, and I want to express my special gratitude to the eHealth Innovation and Research Center program coordinators, Dr. Biniyam Chaklu (Ph.D.) and Mr. Birhanu Fikade (Ph.D. candidate), for their support. Finally, I express my pleasure to Mr. Wondossen Zemene (MPH) and Mr. Nebiyu Demeke (MPH), Mr. Zegeye Regasa (MPH), Mr. Mitiku Kassaw (MPH), Mr. Melaku Molla (BSc. in nursing), and Mr. Gedefaw Belete (BSc. in computer science) and my colleagues for your unwavering help in developing the research.

Funding was obtained from the Doris Duke Charitable Foundation. This work would not be possible without the financial support of the Doris Duke Charitable Foundation under grant number 2017187. The mission of the Doris Duke Charitable Foundation is to improve the quality of people’ s lives through grants supporting performing arts, environmental conservation, medical research, and child wellbeing and through the presentation of the cultural and environmental legacy of Doris Duke properties.

Authors and Affiliations

1. Department of Health Informatics, College of Medicine and Health Science, Debre Markos University, Debre Markos, Ethiopia

   Ayenew Sisay Gebeyew, Zegeye Regasa Wordofa & Mitiku Kassaw Takillo

2. Department of Health Informatics, Institute of Public Health, College of Medicine and Health Science, University of Gondar, Gondar, Ethiopia

   Ayenew Sisay Gebeyew, Wondwossen Zemene, Binyam Chaklu Tilahun, Nebyu Demeke Mengestie & Berhanu Fikade Endehabtu

3. Department of Computer Science, Tibebe Gion Specialized Teaching Hospital, Bahir Dar, Ethiopia

   Gedefaw Belete Ashagrie

4. Department of Health Informatics, School of Public Health, College of Medicine and Health Science, Wollo University, Dessie, Ethiopia

   Melaku Molla Sisay

Contributions

The authors confirm their contributions to the studies as follows: A.S.G., N.D.M, and W.Z. conceived and designed the study; S.G., B.C.T., B.F.E., and M.K.T. revised the data collection instruments, analyzed, and interpreted the results; and A.S.G., Z.R.W., M.M.S., and G.B.A. wrote the first draft of the manuscript. All the authors reviewed the results and approved the final version of the manuscript.

Corresponding author

Correspondence to Ayenew Sisay Gebeyew.

Ethics approval and consent to participate

The Institutional Review Board (IRB) of the University of Gondar, College of Medicine and Health Science, the institution of the public health ethical review committee, approved the ethical clearance with ref. no/IPH/2013/2014/. To collect further information, a formal letter was then sent from the main executives of specialized teaching hospitals to the concerned unit coordinator. Written consent forms were provided with each questionnaire. The respondents were well informed about the purpose, and appropriate informed written consent was obtained from them. In addition, each method was performed in accordance with the relevant guidelines and regulations of the Helsinki declaration.

Consent for publication

Not applicable.

Competing interests

The authors declare no competing interests.

Publisher’s note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Open Access This article is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License, which permits any non-commercial use, sharing, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons licence, and indicate if you modified the licensed material. You do not have permission under this licence to share adapted material derived from this article or parts of it. The images or other third party material in this article are included in the article’s Creative Commons licence, unless indicated otherwise in a credit line to the material. If material is not included in the article’s Creative Commons licence and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder. To view a copy of this licence, visit http://creativecommons.org/licenses/by-nc-nd/4.0/.

Reprints and permissions