Security in health information systems: An exploratory comparison of U.S. and Swiss Hospitals

Proceedings of the 42nd Annual Hawaii International Conference on System Sciences, HICSS

Volumn , Issue , 2009, Pages

  Luethi, Martin ^a   Knolmayer, Gerhard F ^b  

^a Picis Inc   (United States)

^b UNIVERSITY OF BERN   (Switzerland)

Author keywords

[No Author keywords available]

Indexed keywords

COMPUTER CRIME; HEALTH; HEALTH CARE; HOSPITALS; INFORMATION USE; SECURITY OF DATA; WIRELESS TELECOMMUNICATION SYSTEMS;

CLINICAL INFORMATIONS; COMPUTER ATTACKS; HEALTH CARE ORGANIZATIONS; HEALTH INDUSTRIES; HEALTH INFORMATION SYSTEMS; INFORMATION DISCLOSURES; INFORMATION SECURITIES; INFORMATION SECURITY CONTROLS; MEDICAL CENTERS; PATIENT INFORMATIONS; PATIENT SAFETIES; SECURITY CAPABILITIES; SECURITY ISSUES; SWITZERLAND; SYSTEMS AND INFORMATIONS; TECHNOLOGICAL FACTORS;

INFORMATION SYSTEMS;

EID: 63349110205     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/HICSS.2009.381     Document Type: Conference Paper

References (24)

1. Identity Theft Resource Center, "2007 Data Breach Stats," itrc, San Diego, 2008 http://idtheftmostwanted.org/ITRC%20Breach %20Stats%20Report%202007.pdf
2. PriceWaterhouseCoopers, "2008 Information Security Breaches Survey", Technical Report, PWC, London, 2008 http://www.pwc.co.uk/pdf/ BERR-ISBS-2008(sml).pdf
3. M.F. Collen, "A History of Medical Informatics in the United States, 1950 to 1990," American Medical Informatics Association, Indianapolis, 1995.
4. B. Middleton, W.E. Hammond, P.F. Brennan, and G.F. Cooper, "Accelerating U.S. EHR Adoption: How to Get There From Here. Recommendations Based on the 2004 ACMI Retreat," Journal of the American Medical Informatics Association 12 (1), 2005, pp. 13-19.
5. T.U. Daim, R.T. Tarman, and N. Basoglu, "Exploring Barriers to Innovation Diffusion in Health Care Service Organizations: An Issue for Effective Integration of Service Architecture and Information," Proceedings of the 41st Hawaii International Conference on System Sciences, IEEE, Los Alamitos, 2008.
6. C.S. Garrard, "Human-Computer Interactions: Can Computers Improve the Way Doctors Work?", Schweizerische Medizinische Wochen-schrift 130 (42), 2000, pp. 1557-1563.
7. U.S. Department of Health & Human Services, "Health Insurance Reform: Security Standards," HHS, Washington, 2003 http://www.cms.hhs.gov/ SecurityStandard/ Downloads/securityfinalrule.pdf
8. G.F. Knolmayer and G. Loosli, "IT Governance," in: Handbuch Kompetenzmanagement, R. Zaugg, Ed., Haupt, Bern, 2006, pp. 449-457.
9. R.K. Yin, Case Study Research: Design and Methods, 3rd ed., Sage Publications, Thousand Oaks, 2003.
10. Bundesamt für Sicherheit in der Informations-technik, "IT-Grundschutz-Kataloge," BSI, Köln, 2005 http://www.bsi.bund. de/gshb/deutsch/index.htm
11. M. Lüthi, Information System Security in Health Information Systems - Exploratory Research in US and Swiss Acute-Care Hospitals, Eul Verlag, Lohmar, 2008.
12. National Institute of Standard and Technology, An Introductory Resource Guide for Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule. National Institute of Standard and Technology, Gaithers-burg, 2008.
13. Eidgenössischer Datenschutzbeauftragter (EDSB) Leitfaden zu den technischen und organisatori-schen Massnahmen des Datenschutzes http://www.edoeb.admin.ch/dokumentation/0044 5/00472/00935/index.html?lang=de
14. N.M. Lorenzi and R.T. Riley, Managing Technological Change: Organizational Aspects of Health Informatics, 2nd ed., Springer, New York, 2004.
15. A. Bhattacherjee and N. Hikmet, "Physicians' Resistance toward Healthcare Information Technologies: A Dual-Factor Model," Proceedings of the 40th Hawaii International Conference on System Sciences, IEEE, Los Alamitos 2007.
16. R. Spanjers, W. Hasselbring, R. Peterson, and M. Smits, "Exploring ICT Enabled Networking in Hospital Organisations," Proceedings of the 34th Hawaii International Conference on System Sciences, IEEE, Los Alamitos 2001.
17. The Advisory Board Company, Toward Integrated Identity and Access Management, The Advisory Board Company, Washington, 2006.
18. B. Blobel, "Authorisation and Access Control for Electronic Health Record Systems," International Journal of Medical Informatics 73 (3), 2004, pp. 251-257.
19. J.E. Møller and H. Vosegaard, "Experiences with Electronic Health Records," IT Professional 10 (2), 2008, pp. 19-23.
20. S. Kahn and V. Sheshadri, "Medical Record Privacy and Security in a Digital Environment," IT Professional 10 (2), 2008, pp. 46-52.
21. R. Anderson, Security Engineering: A Guide to Building Dependable Distributed Systems, Wiley, New York, 2001.
22. ISO, ISO/IEC 17799: Information Technology Security Techniques - Code of Practice for Information Security Management, 2nd ed., ISO, Geneva, 2005.
23. P. Mertens and G. Knolmayer, Organisation der Informationsverarbeitung, 3rd ed., Gabler, Wiesbaden, 1998.
24. B.B. Wang, T.T.H. Wan, D.E. Burke, G.J. Bazzoli, and B.Y.J. Lin, "Factors Influencing Health Information System Adoption in American Hospitals," Health Care Management Review 30 (1), 2005, pp. 44-51.