Information system security in health information systems

Más información sobre el libro

Health care organizations have been slow to adopt information technology, despite the information-intensive nature of medical services. This delay contrasts with other industries and has been exacerbated by reports of information security breaches, unauthorized disclosures of patient information, and cyberattacks, raising awareness among organizations, government entities, and the public. This dissertation examines the relationship between information system adoption and security within the hospital sector, analyzing various factors such as market, institutional, technological, and regulatory influences, as well as challenges unique to health care, including patient safety, access to critical clinical information, and clinician acceptance. It discusses technical and organizational security capabilities through case studies from two academic medical centers and two hospital groups in the U.S. and Switzerland, highlighting how the decentralized nature of health information systems limits the effectiveness of security controls. Utilizing graph theory, a method is developed to enhance information security management in fragmented environments, allowing for quantification of compliance and analysis of security shortcomings through algorithms. This innovative approach to managing security in health information systems is supported by a Java-based software tool.