A Meta-Analysis of Data Governance in National Electronic Health Records: Privacy, Security, and Ownership in Kenya and South Africa, 2021–2026

This systematic review and meta-analysis synthesises evidence on data governance challenges concerning privacy, security, and ownership within national electronic health record (EHR) systems in Kenya and South Africa. The research addresses the critical tension between harnessing digital health data for public benefit and protecting individual rights within these distinct legal and infrastructural contexts. A rigorous, replicable methodology was employed, adhering to PRISMA guidelines. A systematic search of five academic databases (including PubMed, Scopus, and Africa-Wide Information) for literature published between 2010 and 2024 identified 28 relevant peer-reviewed studies. These underwent independent screening, data extraction, and a formal thematic synthesis. Key findings indicate that despite both nations establishing progressive data protection laws, substantial implementation gaps remain. Prevalent issues encompass fragmented consent models, ambiguous data ownership definitions that often favour state or institutional control, and cybersecurity vulnerabilities intensified by resource constraints. The analysis identifies a predominant focus on technical solutions, frequently overlooking deeper socio-ethical concerns related to patient autonomy and trust. This review’s significance lies in its direct contribution to evidence-based digital health policy in Africa, underscoring that context-sensitive governance is fundamental for sustainable, trustworthy EHR systems. It concludes that future strategies must prioritise aligning legal frameworks with operational realities, investing in cybersecurity capacity, and fostering inclusive stakeholder dialogue to equitably balance public health objectives with fundamental patient rights.