| 1. |
- Söderström, Eva, et al.
(författare)
-
Standardisation as a Means to Improve Information Security in Process-Oriented Distributed Healthcare
- 2008
-
Ingår i: Proceedings (ed) Kai Jacobs and Eva Söderström. Presented at the 13 th European Academy for Standardization (EURAS), 2008-06-16-17, Skövde Sweden.. - Aachen : Mainz. - 1437-8396. - 3861308096 ; 2008:ABI Band 40, s. 233-243
-
Konferensbidrag (refereegranskat)abstract
- Regardless of who we are, where we are, and when we get sick, we expect the healthcare sectors to take care of us. And we expect it to treat us with respect. Not the least, this concerns treating our personal information with care. However, the reality is that most healthcare institutions work separately, and that the flow of patient information therefore is less than optimal. This paper aims to investigate how current standards map against the concept of information security, and how process-orientation can be used in conjunction with standards to create secure information flows in healthcare. It does so by describing information security and process-orientation, and investigates how standards for information security apply in a process-oriented, distributed healthcare sector. The result shows that a dual focus is needed, on document and process standardisation, and that healthcare is facing great challenges in order to make this work.
|
|
| 2. |
- Söderström, Eva, 1972-, et al.
(författare)
-
A Holistic Approach of how to handle Patient Information to support Seamless and Secure care
- 2021
-
Ingår i: Proceedings of the 7th International Workshop on Socio-Technical Perspective in IS Development (STPIS 2021). - : CEUR-WS. ; , s. 198-203
-
Konferensbidrag (refereegranskat)abstract
- Healthcare, like society in general, is facing great changes and challenges. Rapid development and uptake of digital technologies bring about the need to change. With the COVID-19 pandemic, the amount of healthcare meetings taking place online has surged. This means, among other things, that there are more healthcare actors involved in a patient’s care, and that information relating to a patient needs to be shared across borders now more than ever need to be improved. However, this is currently not done seamlessly, and there are many hinders and obstacles to overcome. This research aims at enabling a holistic approach on how to handle patient information in order to support seamless and secure care along the whole patient process. In doing so, drivers and hinders need to be identified, and a socio-technical framework with concrete guidelines will be developed. These results will be a first step towards filling this research gap, and will connect several perspectives in order to make the results truly actionable and holistic.
|
|
| 3. |
- Söderström, Eva, et al.
(författare)
-
Standards for information security and processes in healthcare
- 2009
-
Ingår i: Journal of Systems and Information Technology. - : Emerald Group Publishing Limited. - 1328-7265 .- 1758-8847. ; 11:3, s. 295-308
-
Tidskriftsartikel (refereegranskat)abstract
- Abstract Purpose – Regardless of who or where we are and when we get sick, we expect healthcare to make us well and to handle us and our information with care and respect. Today, most healthcare institutions work separately, making the flow of patient information sub-optimal and the use of common standards practically unheard of. The purpose of this paper is to emphasise the use for standards to improve information security in process-oriented distributed healthcare. Design/methodology/approach – The paper introduces a real-life case which is analysed to highlight how and where standards can and should be used in order to improve information security in process-oriented distributed healthcare. Findings – In total, 11 flaws or problems in information security and process-orientation are identified. From these, six changes are suggested which address how information is handled, and how organizational routines should be standardized. Research limitations/implications – The case setting is Swedish healthcare, but problems can be shared across international borders. The purpose is to highlight the issues at hand. Practical implications – If suggested changes are implemented, healthcare processes will be more streamlined and focused on patients. Routines will be standardized and uncertainties thus removed in terms of how to act in certain situations. Originality/value – Healthcare and academia has yet to address both document and process issues concerning standardization in distributed healthcare. There are also few actual cases from a patient perspective. This paper provides lessons learned from a real-life case, where results may impact how standardization is addressed in healthcare organizations.
|
|
| 4. |
- Eriksson, Nomie, 1955
(författare)
-
Implementation of an Electronic Patient’s Record in Process Oriented Healthcare
- 2008
-
Ingår i: The 3rd Nordic Workshop on Health Management and Organization. Between Public and Private, 4-5 december Uppsala. Sub-theme 3: Making professional work transparent..
-
Konferensbidrag (refereegranskat)abstract
- This article will offer a pathway for understanding recent changes and improvements in organizing and managing healthcare such as the flows of secure information about patients in healthcare. When patients visit healthcare providers they expect the personnel to have a patient centered view and to be informed what has happened in every unit they visited (Lindberg 2002, Eriksson 2007). I will discuss that this concerns a process-oriented organization and documented patient’s information treated with security. However, the reality is that most healthcare institutions like private healthcare and public healthcare work as traditional organizations (Scott et al 2000) and use paper based records, and as a consequence the flow of information is not optimal (Åhlfeldt 2008). Documentation takes personnel an increasing working time, crowding out the personnel’s time with patients. Still, documentation is necessary to give patients the best healthcare and make visible the personnel’s work. When improvements are accepted it becomes a condition for the strategizing healthcare organization, to emerge coordinating healthcare activities into a process-oriented healthcare with secure information. This study aims to investigate how the implementation of an electronic patient’s record manages information security and if process-oriented healthcare supports the flows of information. By describing process-orientation in healthcare, documents and questionnaires focus on the changes in personnel group’s opinions when an electronic patient’s record is implemented in a process organized hospital department. The personnel’s opinion compares between monitoring tools as paper based records and data based records. The study shows that to provide patients with opportunity for the best healthcare with the right information at the right time, and to protect sensitive patient information from distribution to unauthorized persons, increasing with an electronic patient record. The study also shows that process orientation particularly supports the flows of secure information. Thus, the personnel’s opinion support implementation of the new electronic patient’s record, they have a lack of knowledge to identify patient’s information as ongoing information without unnecessary repeating and commonly continue to double document about the patients. The study highlights high-quality education as protection against undesired changes in information security. I am argued that it is difficult to successfully manage implementations in the healthcare even when the organizations structures mostly support the improvements. Patient’s information transfer between healthcare personnel and organizational boarders need standardizations such as process-oriented organisation and an electronic patient record. The healthcare is facing great challenges in order to manage personnel’s way of working.
|
|
| 5. |
- Söderström, Eva, et al.
(författare)
-
Trusting digitized patient-related information: The need for a new approach
- 2011
-
Ingår i: In Furnell and Clarke (eds.), Proceedings of the 5th International Symposium on Human Aspects of Information Security and Assurance (HAISA), London, 2011. - : Plymouth Center for Security, Comunications & Network Research, University of Plymouth. - 9781841022840 ; , s. 119-129
-
Konferensbidrag (refereegranskat)abstract
- Trust is receiving increasing attention nowadays, particularly since new technology enables communication and collaboration like it has never been seen before. However, trust is a fuzzy concept that needs further examination and attention from multiple levels. For example, security is very important from a user’s point of view in trusting that technology will function in accordance with the user’s intended and requested function. This paper reviews the concept of patient safety, which thus far has been discussed and defined from a narrow technical perspective. We demonstrate that it is much more complex, and that it is not primarily the technical issues that are problematic, but rather the cultural, process-related and personnel issues. Our results point to a need for a new approach, which takes the patients’ view of healthcare and the patient-related digital information as its focus. The discussion is made from a Swedish perspective, but the issues are international. The needs for information and knowledge in healthcare are obvious. Without clear definitions of concepts and roles, a good information flow or process cannot be designed. Our discussion shows that trusted digital patient information gives an opportunity for a patient-focused healthcare. Multidimensional trust must be addressed on all levels; organization, person and technology. More empirical research into trust in digital patient-related information is necessary, to develop a model for patient safety from a trust perspective that encompasses all levels of trust.
|
|
| 6. |
- Åhlfeldt, Rose-Mharie, et al.
(författare)
-
Kompetensbehov och kompetensförsörjning inom informationssäkerhet från ett samhällsperspektiv
- 2015
-
Rapport (övrigt vetenskapligt/konstnärligt)abstract
- På uppdrag av Myndigheten för samhällsskydd och beredskap (MSB) har en studie genomförts med syftet att komplettera resultatet från en tidigare genomförd förstudie (Åhlfeldt m.fl., 2014) med en analys av kompetensförsörjning och kompetensbehov på informationssäkerhetsområdet från ett samhällsperspektiv. Arbetet har genomförts av forskare från två lärosäten, Högskolan i Skövde och Karlstad Universitet, samt inom tre forskningsdiscipliner: pedagogik, informationssäkerhet och företagsekonomi.Uppdraget har varit att besvara följande frågeställningar:Vilka är kompetensbehoven för att ha en god och balanserad informationssäkerhet som bidrar till samhällets informationssäkerhet?Samtida kompetensbehov (nuläget)Framtida kompetensbehovHur ska nödvändig kompetens erhållas och på vem ligger ansvaret?Utifrån ovanstående frågeställningar, vilka är de viktigaste framgångsfaktorerna?Arbetet har genomförts i form av fokusgrupper med representanter från myndigheter och företag som har en nära verksamhetskoppling till samhällets informationssäkerhet och som är viktiga för att samhällets informationssäkerhet ska fungera.Resultatet visar att det finns stora brister avseende informationssäkerhetskompetens på alla nivåer i samhället. Tre tydliga områden pekas ut 1) nationellt - ökat behov av starkare styrning och ledning samt kravställning 2) organisation - ökat behov av kompetens från ledning till medarbetare men med starkt fokus på kompetenshöjande åtgärder på ledningsnivå samt vid upphandling och 3) medborgarperspektivet där framförallt skolområdet lyfts fram som ett viktigt insatsområde för kompetenshöjande åtgärder.För att uppnå nödvändig kompetens krävs utbildningsinsatser på alla ovan angivna områden. Dels utbildningar på akademisk nivå för informationssäkerhetsexperter men även övriga utbildningar inom t ex juridik och ekonomi. Även yrkesverksamma på organisationsnivå behöver riktade kompetenshöjande åtgärder som sätter informationssäkerhet i fokus utifrån organisationens verksamhetsbehov, allt ifrån ledningsnivå till medarbetarnivå.Resultatet visar även att ansvaret för samhällets kompetensförsörjning för informationssäkerhet ligger även den på alla ovan nämnda tre områden men med tydlig betoning på nationell nivå. Här betonas behovet av nationella krav för att medvetandegöra och lyfta informationssäkerheten i samhällsviktig verksamhet för att nå så många medborgare som möjligt. Förslag på framtida arbete avseende utveckling av metoder för framtida studier av kompetensförsörjningen pekar främst på metoder för att angripa bristen på helhetssyn samt kompetensförsörjning för management och medborgare.
|
|
