Advanced

Managing Information Security in Healthcare: A Case Study in Region Skåne

Wallin, Emil and Xu, Ying (2008)
Department of Informatics
Abstract
Information security is vital to organizations. This is particularly evident in healthcare where patient information is regarded as very sensitive. The patient is the most important actor in healthcare, and therefore patient information must be kept secure from breaches. At the same time, the right information must be available at the right time when needed in order to provide patients with the best possible care. The availability and accessibility of information is becoming more and more important as we are moving towards a society where patients can receive care from several providers in cross-border healthcare, implying that information need to be sent across borders in a distributed healthcare domain. This research took a broad... (More)
Information security is vital to organizations. This is particularly evident in healthcare where patient information is regarded as very sensitive. The patient is the most important actor in healthcare, and therefore patient information must be kept secure from breaches. At the same time, the right information must be available at the right time when needed in order to provide patients with the best possible care. The availability and accessibility of information is becoming more and more important as we are moving towards a society where patients can receive care from several providers in cross-border healthcare, implying that information need to be sent across borders in a distributed healthcare domain. This research took a broad approach into the distributed healthcare domain of Sweden, with practical focus in Region Skåne. A thorough literature review was conducted and semi-structured interviews with key personnel in the psychiatry division of the Region were also conducted. Due to limited time and resources, other regions in Sweden and interviews with patients were omitted from this research. The results derived from this research show that there is a great need for focus on patient security and providing patients with the best possible care, than to focus on patient privacy, where information about patients are kept safe. Moreover, the results show that IT utilization in healthcare is far from optimized, with several different systems for patient journal records being used in the same region and most of these systems are not created accordingly to user needs or even to Swedish laws. This research contributes by: exploring the information security model characteristics, comparing eHealth and eBanking arguing that eHealth can learn from eBanking, identifying some problems and needs in healthcare as well as by presenting an introduction to healthcare in Region Skåne. (Less)
Please use this url to cite or link to this publication:
author
Wallin, Emil and Xu, Ying
supervisor
organization
year
type
H1 - Master's Degree (One Year)
subject
keywords
risk management, Information Security, ICT, Patient Security, Patient Privacy, eHealth, Swedish Healthcare System, Informatics, systems theory, Informatik, systemteori
language
English
id
1336692
date added to LUP
2008-06-25
date last changed
2010-08-03 10:51:51
@misc{1336692,
  abstract     = {Information security is vital to organizations. This is particularly evident in healthcare where patient information is regarded as very sensitive. The patient is the most important actor in healthcare, and therefore patient information must be kept secure from breaches. At the same time, the right information must be available at the right time when needed in order to provide patients with the best possible care. The availability and accessibility of information is becoming more and more important as we are moving towards a society where patients can receive care from several providers in cross-border healthcare, implying that information need to be sent across borders in a distributed healthcare domain. This research took a broad approach into the distributed healthcare domain of Sweden, with practical focus in Region Skåne. A thorough literature review was conducted and semi-structured interviews with key personnel in the psychiatry division of the Region were also conducted. Due to limited time and resources, other regions in Sweden and interviews with patients were omitted from this research. The results derived from this research show that there is a great need for focus on patient security and providing patients with the best possible care, than to focus on patient privacy, where information about patients are kept safe. Moreover, the results show that IT utilization in healthcare is far from optimized, with several different systems for patient journal records being used in the same region and most of these systems are not created accordingly to user needs or even to Swedish laws. This research contributes by: exploring the information security model characteristics, comparing eHealth and eBanking arguing that eHealth can learn from eBanking, identifying some problems and needs in healthcare as well as by presenting an introduction to healthcare in Region Skåne.},
  author       = {Wallin, Emil and Xu, Ying},
  keyword      = {risk management,Information Security,ICT,Patient Security,Patient Privacy,eHealth,Swedish Healthcare System,Informatics, systems theory,Informatik, systemteori},
  language     = {eng},
  note         = {Student Paper},
  title        = {Managing Information Security in Healthcare: A Case Study in Region Skåne},
  year         = {2008},
}