Mwim, NEMtsweni, Jabu SChimbo, B2026-02-102026-02-102025-082769-78512690-6775https://doi.org/10.54216/JCIM.170213http://hdl.handle.net/10204/14675E-health institutions are prominent targets for cybercriminals due to their reliance on information technology systems and issues related to the users have been identified as the biggest security weakest. Hence, while cybersecurity culture (CSC) research emphasizes the necessity of the human factor, limited empirical work has been done in the context of e-health in Africa. Therefore, an empirical evaluation was conducted to identify how preparedness, responsibility, management, technology and environment influence cybersecurity in South African e-health institutions. This quantitative research studied e-health institutions in the Mpumalanga province of South Africa. Various methods were used to investigate the multiple linear regression effects of the main factors of CSC and the results show that although the preparedness (Beta = 0.281; p-value < 0.05) and environment (Beta = 0.500; p-value < 0.05) factors had the greatest influence, management, technology and environment had a positive effect on CSC. These factors contributed 48.2 % to the variance (R-Squared). The study seems to be the first empirical study that combines the human factor domain framework (HFD) with other theoretical frameworks to identify critical factors of CSC. Furthermore, the impact of technology on CSC was empirically tested. The study is significant as it identified key factors that contributed to the institution’s CSC and quantified their impact. These results can enable e-health institutions to make decisions based on evidence regarding their cybersecurity interventions, strategy and practices. However, the empirical evaluation was limited to one context, namely the Mpumalanga province in South Africa and at two hospitals selected based on easy access (convenience) and purposive sampling with criteria based on work experience and knowledge of CSC limited the number of participants eligible to participate.FulltextenCybersecurity cultureCSCE-healthHuman factor domain frameworkHFDFArticlen/a