Improving Medical Information Security

Improving Medical Information Security

A Term Paper

Dahnella Lartigue-Andrew

October 9, 2011

IS 535 - Managerial Application of Information Technology

Professor: Alice Richmond

Keller Graduate School of Management

Table of Contents

Introduction/Definition

Company Background

Current Business Issues

Proposed Solutions

Recommendations

Introduction

The security of patient data has been, and continues to be, a major problem for the US in achieving its goals for an interoperable healthcare system. In the same way, information communication technologies will increasingly make security in organizations more complex. It is particularly evident in sectors that already lack adequate security regimes. One such sector is healthcare, where information security is not their core business and the understanding of its importance is often underestimated. Poor implementation of medical information security is affected by more than the acceptance of technology; it is closely linked to human factors, culture and communities of practice, all under pinned by trust. It also poses a problem because within the healthcare arena the entire nation is trying to standardize and move into Electronic Health Records (EHR), which is simply a shift from the original paper format of a patient’s medical history and record to a computerized, electronic standpoint. This situation necessitates research into how to contextualize implementation of information security within this environment. The application of a contextual implementation model is compared to the known cultural and community of practice factors in the medical environment. The outcomes provide a better understanding of the issues and form the basis of a model for improving the effective implementation and continued application of effective information security. By improving the...