| 1. |
- Brodin, Martin, et al.
(författare)
-
Management issues for Bring Your Own Device
- 2015
-
Ingår i: Proceedings of 12th European, Mediterranean & Middle Eastern Conference on Information Systems 2015 (EMCIS2015). - : European, Mediterranean & Middle Eastern Conference on Information Systems (EMCIS). - 9789606897085
-
Konferensbidrag (refereegranskat)abstract
- Bring Your Own Device (BYOD) is an emerging research area focusing on the organisational adoption of (primarily mobile) devices used for both private and work purposes. There are many information security related problems concerning the use of BYOD and it should therefore be considered an issue of strategic importance for senior managers. This paper presents a systematic literature analysis using a BYOD strategic management framework to assess developing research trends. The analysis reveals early work in the analysis and design aspects of BYOD strategies, but a lack of research in operationalizing (planning, implementation and evaluating) strategy – the action phase. The resulting research agenda identifies twelve management issues for further research and four overall research directions that may stimulate future research.
|
|
| 2. |
- Brodin, Martin
(författare)
-
Managing information security for mobile devices in small and medium-sized enterprises : Information management, Information security management, mobile device
- 2020
-
Doktorsavhandling (övrigt vetenskapligt/konstnärligt)abstract
- The rapid proliferation of mobile devices makes mobile security a weak point in many organisations’ security management. Though there are a number of frameworks and methods available for improving security management, few of these target mobile devices, and most are designed for large organisations. Small and medium size organisations are known to be vulnerable to mobile threats, and often subject to the same legal requirements as larger organisations. However, they typically lack the resources and specialist competences necessary to use the available frameworks.This thesis describes an Action Design Research project to devise and test a low cost, low learning curve method for improving mobile security management. The project is conducted together with a small Swedish consulting company and evaluated in several other companies. In order to solve the challenge that SMEs faces; three objectives have been set:1. Identify existing solutions at a strategic level to managing information that is accessible with mobile devices and their suitability for SMEs.2. Develop a framework to support SMEs to manage information in a secure way on mobile devices.3. Evaluate the framework in practice.The results show that simple theoretical models can be integrated with well-known analysis techniques to inform managers and provide practical help for small companies to improve mobile security practice. The most important contribution to both science and practice is a structured approach for managers to deal with mobile devices, or for that matter other technology advances that do not fit into the existing management system. The journey to the final solution also produced several smaller contributions to science, for example insights from C-suites about strategies and work with mobile devices, differences and similarities between CYOD (choose your own device) and BYOD (bring your own device), the role of security policies in organisations, and twelve identified management issues with mobile devices.
|
|
| 3. |
- Brodin, Martin
(författare)
-
Mobile Device Strategy : A management framework for securing company information assets on mobile devices
- 2016
-
Licentiatavhandling (övrigt vetenskapligt/konstnärligt)abstract
- The problem addressed by this research is a demand for increased flexibility in access to organisational information, driven by the increasing popularity of mobile devices. Employees increasingly bring private devices to work (Bring Your Own Device, BYOD) or use work devices for private purposes (Choose Your Own Device, CYOD). This puts managers in a difficult position, since they want the benefits of mobility, without exposing organisational data to further risk. The research focuses on management (particularly information security management) issues in the design and implementation of strategies for mobile devices. There are two objectives. The first is to identify existing information security management strategies for mobile and dual-use devices. The second is to develop a framework for analysing, evaluating and implementing a mobile device strategy.The overall research strategy is inspired by Design Science; where the mission is to develop an artefact, in this case a framework, which will help to solve a practical problem. Methods include literature review, theoretical development, and the collection and analysis of qualitative data through interviews with executives. The main result of this work is the framework, which deals with the complete process, including analysis, design and implementation of a mobile device management strategy. It helps researchers to understand necessary steps in analysing phenomenon like BYOD and gives practitioners guidance in which analyses to conduct when working on strategies for mobile devices. The framework was developed primarily through theoretical work (with inspiration from the mobile security and strategic management literature, and the ISO/IEC 27000 standard), and evaluated and refined through the empirical studies. The results include twelve management issues, a research agenda, argumentation for CYOD and, guidance for researchers and practitioners.
|
|
| 4. |
- Amorim, Joni A., et al.
(författare)
-
Awareness and training : Identification of relevant security skills and competencies
- 2014
-
Ingår i: Engineering Education in a Technology-Dependent World. - Guimarães : INTERTECH. - 9788565992282 - 9788566680287 ; , s. 37-
-
Konferensbidrag (refereegranskat)abstract
- In order to identify needed skills and competencies for privacy and security, we propose a systematic process that maps privacy and security threats to related controls that are required to prevent, detect or remove such threats. This work suggests how to apply the process, while discussing how games and simulations can be used both to develop the desired behavior and to monitor the current competency level.
|
|
| 5. |
- Amorim, Joni A., et al.
(författare)
-
Privacy and Security in Cyberspace : Training Perspectives on the Personal Data Ecosystem
- 2013
-
Ingår i: European Intelligence and Security Informatics Conference (EISIC), Proceedings CD. - : IEEE conference proceedings. - 9780769550626 ; , s. 139-142
-
Konferensbidrag (refereegranskat)abstract
- There is a growing understanding that privacy is an essential component of security. In order to decrease the probability of having data breaches, the design of information systems, processes and architectures should incorporate considerations related to both privacy and security. This incorporation may benefit from the offering of appropriate training. In this way, this paper intends to discuss how to better offer training while considering new developments that involve both multimedia production and the “gamification” of training. The paper suggests the use in conjunction of two frameworks: the EduPMO Framework, useful for the management of large scale projects that may involve a consortium of organizations developing multimedia for the offering of training, and the Game Development Framework, useful for the identification of the main components of the serious game for training on privacy by design to be developed as part of the training offering.
|
|
| 6. |
|
|
| 7. |
- Bergström, Erik, 1976-, et al.
(författare)
-
Developing an information classification method
- 2021
-
Ingår i: Information and Computer Security. - : Emerald Group Publishing Limited. - 2056-4961. ; 29:2, s. 209-239
-
Tidskriftsartikel (refereegranskat)abstract
- Purpose: The purpose of this paper is to develop a method for information classification. The proposed method draws on established standards, such as the ISO/IEC 27002 and information classification practices. The long-term goal of the method is to decrease the subjective judgement in the implementation of information classification in organisations, which can lead to information security breaches because the information is under- or over-classified. Design/methodology/approach: The results are based on a design science research approach, implemented as five iterations spanning the years 2013 to 2019. Findings: The paper presents a method for information classification and the design principles underpinning the method. The empirical demonstration shows that senior and novice information security managers perceive the method as a useful tool for classifying information assets in an organisation. Research limitations/implications: Existing research has, to a limited extent, provided extensive advice on how to approach information classification in organisations systematically. The method presented in this paper can act as a starting point for further research in this area, aiming at decreasing subjectivity in the information classification process. Additional research is needed to fully validate the proposed method for information classification and its potential to reduce the subjective judgement. Practical implications: The research contributes to practice by offering a method for information classification. It provides a hands-on-tool for how to implement an information classification process. Besides, this research proves that it is possible to devise a method to support information classification. This is important, because, even if an organisation chooses not to adopt the proposed method, the very fact that this method has proved useful should encourage any similar endeavour. Originality/value: The proposed method offers a detailed and well-elaborated tool for information classification. The method is generic and adaptable, depending on organisational needs.
|
|
| 8. |
- Bergström, Erik, 1976-, et al.
(författare)
-
Information Classification Enablers
- 2015
-
Ingår i: Foundations and Practice of Security. - Cham : Springer. - 9783319303024 - 9783319303031 ; , s. 268-276
-
Konferensbidrag (refereegranskat)abstract
- This paper presents a comprehensive systematic literature review of information classification (IC) enablers. We propose a classification based on the well-known levels of management: strategic, tactical and operational. The results reveal that a large number of enablers could be adopted to increase the applicability of IC in organizations. The results also indicate that there is not one single enabler solving the problem, but rather several enablers can influence the adoption.
|
|
| 9. |
- Bergström, Erik, 1976-, et al.
(författare)
-
Information Classification Issues
- 2014
-
Ingår i: Secure IT Systems. - Cham : Springer. - 9783319115986 - 9783319115993 ; , s. 27-41
-
Konferensbidrag (refereegranskat)abstract
- This paper presents an extensive systematic literature review with the aim of identifying and classifying issues in the information classification process. The classification selected uses human and organizational factors for grouping the identified issues. The results reveal that policy-related issues are most commonly described, but not necessarily the most crucial ones. Furthermore, gaps in the research field are identified in order to outline paths for further research.
|
|
| 10. |
- Bergström, Erik, 1976-, et al.
(författare)
-
Information Classification Policies : An Exploratory Investigation
- 2018
-
Ingår i: Proceedings of the Annual Information Institute Conference. - Washington, DC : Information Institute. - 9781935160199
-
Konferensbidrag (refereegranskat)abstract
- InfoSec policies are considered a key mechanism in information security, and most organizations have one. However, the large majority of security policy research has focused on what policies should include rather than how they are accomplished in practice. To contribute to overcoming the lack of knowledge regarding this crucial aspect, this paper investigates information security policies based on what underlying approaches information classification practices are built on and the perceived ease of turning the policy into practice. To do so, a survey was sent to 284 Swedish government agencies, and 80 of their internal policies were collected as data. The data were analyzed both qualitatively, and qualitatively. The results show that information classification adoption rates are low despite being mandatory and that agencies are struggling in closing the gap between standards and practice. Furthermore, the results also show that information classification policies need to be more specific and give more actionable advice regarding, e.g., how information life-cycle management is included in practice, and where the responsibility for classification is put in the organization.
|
|
| 11. |
|
|
| 12. |
- Bergström, Erik, 1976-
(författare)
-
Supporting Information Security Management : Developing a Method for Information Classification
- 2020
-
Doktorsavhandling (övrigt vetenskapligt/konstnärligt)abstract
- In the highly digitalised world in which we live today, information and information systems have become critical assets to organisations, and hence need to be safeguarded accordingly. In order to implement and work with information security in a structured way, an Information Security Management System (ISMS) can be implemented. Asset management is a central activity in ISMS that aims at identifying, assigning ownership and adding protection to information assets. One activity within asset management is information classification that has the objective to ensure that the information receives an appropriate level of protection in accordance with its importance to the organisation. Information classification is a well-known practice for all kinds of organisations, both in the private and public sector, and is included in different variants in standards such as ISO/IEC 27002, COBIT and NIST-SP800.However, information classification has received little attention from academia, and many organisations are struggling with the implementation. The reasons behind why it is problematic, and how to address such issues, are largely unknown. Furthermore, existing approaches, described in, for example, standards and national recommendations, do not provide a coherent and systematic approach to information classification. The short descriptions in standards, and literature alike, leave out essential aspects needed for many organisations to adopt and implement information classification. There is, for instance, a lack of detailed descriptions regarding (1) procedures and concepts, (2) how to tailor the approach for different situations, (3) a framework that structures and guides the classification, (4) what roles should be involved in the classification, and (5) how information with different granularity is handled.This thesis aims to increase the applicability of information classification by developing a method for information classification in ISMS that draws from established standards and practice. In order to address this aim, a Design Science Research (DSR) study was performed in three cycles. A wide range of data was collected, including a series of interviews with experts and novices on information classification, a survey, most of the Swedish public sector information classification policies, and observations. There are three main contributions made by this thesis (1) the identification of issues and enablers for information classification, (2) the design principles underpinning the development of a method for information classification, and (3) the method for information classification itself. Contributions have also been made to the context around information classification, such as, for example, 20 practical suggestions for how to meet documented challenges in practice.
|
|
| 13. |
- Bärkås, Annika, et al.
(författare)
-
Patients' Experiences of Demanded Access to Online Health Records
- 2024
-
Ingår i: Studies in Health Technology and Informatics. - : IOS Press. - 0926-9630 .- 1879-8365. ; 310, s. 1424-1425
-
Tidskriftsartikel (refereegranskat)abstract
- Patient-Accessible Electronic Health Records (PAEHR) is particularly controversial in mental healthcare. We aim to explore if there is any association between patients with mental health conditions and the experience of someone demanding access to their PAEHR. A chi-square test showed a significant association between group belonging and experiences of someone demanding access to the PAEHR.
|
|
| 14. |
- Bärkås, Annika, et al.
(författare)
-
Patients' Experiences of Unwanted Access to Their Online Health Records
- 2023
-
Ingår i: Studies in Health Technology and Informatics. - : IOS Press. - 0926-9630 .- 1879-8365. ; 302, s. 356-357, s. 356-357
-
Tidskriftsartikel (refereegranskat)abstract
- Patient-Accessible Electronic Health Records (PAEHR) are particularly disputed in mental healthcare. We aim to explore if there is any association between patients having a mental health condition and someone unwanted seeing their PAEHR. A chi-square test showed a statistically significant association between group belonging and experiences of someone unwanted seeing their PAEHR.
|
|
| 15. |
|
|
| 16. |
|
|
| 17. |
- Eriksson, Nomie, Biträdande professor, 1955-, et al.
(författare)
-
Patient Empowerment and its Connection to Trust
- 2022
-
Ingår i: Proceedings of the 18th International Symposium on Health Information Management Research. - Kalmar : Linnaeus University; University of Sheffield. - 9789189081093
-
Konferensbidrag (refereegranskat)abstract
- Patient Empowerment (PE) allows patients to be more active in managing their own health and quality of life. The aim of this paper is to analyze how trust affects PE, in the context of healthcare information systems. An interview study was conducted concerning patients’ online access to electronic healthcare records. Results show that PE requires that patients trust the information that healthcare professionals and their electronic health record systems provide. Without trust, patients cannot control their own participation in relation to the healthcare professionals. This may result in a diminished ability to participate in the healthcare processes regarding their own care. Practical implications include acquired knowledge about and awareness of how trust influences PE, with particular emphasis on healthcare professionals. A trust model is presented that illustrates the trustor-trustee dimensions of PE. This model has both theoretical and practical implications in its illustration of how trust and PE connect.
|
|
| 18. |
|
|
| 19. |
- Fagerlund, Asbjørn Johansen, et al.
(författare)
-
Experiences from patients in mental healthcare accessing their electronic health records : results from a cross-national survey in Estonia, Finland, Norway, and Sweden
- 2024
-
Ingår i: BMC Psychiatry. - : BioMed Central Ltd. - 1471-244X. ; 24:1
-
Tidskriftsartikel (refereegranskat)abstract
- Background: Patients’ online record access (ORA) enables patients to read and use their health data through online digital solutions. One such solution, patient-accessible electronic health records (PAEHRs) have been implemented in Estonia, Finland, Norway, and Sweden. While accumulated research has pointed to many potential benefits of ORA, its application in mental healthcare (MHC) continues to be contested. The present study aimed to describe MHC users’ overall experiences with national PAEHR services. Methods: The study analysed the MHC-part of the NORDeHEALTH 2022 Patient Survey, a large-scale multi-country survey. The survey consisted of 45 questions, including demographic variables and questions related to users’ experiences with ORA. We focused on the questions concerning positive experiences (benefits), negative experiences (errors, omissions, offence), and breaches of security and privacy. Participants were included in this analysis if they reported receiving mental healthcare within the past two years. Descriptive statistics were used to summarise data, and percentages were calculated on available data. Results: 6,157 respondents were included. In line with previous research, almost half (45%) reported very positive experiences with ORA. A majority in each country also reported improved trust (at least 69%) and communication (at least 71%) with healthcare providers. One-third (29.5%) reported very negative experiences with ORA. In total, half of the respondents (47.9%) found errors and a third (35.5%) found omissions in their medical documentation. One-third (34.8%) of all respondents also reported being offended by the content. When errors or omissions were identified, about half (46.5%) reported that they took no action. There seems to be differences in how patients experience errors, omissions, and missing information between the countries. A small proportion reported instances where family or others demanded access to their records (3.1%), and about one in ten (10.7%) noted that unauthorised individuals had seen their health information. Conclusions: Overall, MHC patients reported more positive experiences than negative, but a large portion of respondents reported problems with the content of the PAEHR. Further research on best practice in implementation of ORA in MHC is therefore needed, to ensure that all patients may reap the benefits while limiting potential negative consequences.
|
|
| 20. |
- Grünloh, Christiane, et al.
(författare)
-
Patient Empowerment Meets Concerns for Patients : a Study of Patient Accessible Electronic Health Records in Sweden
- 2016
-
Ingår i: Exploring Complexity in Health. - : IOS Press. - 9781614996774 - 9781614996781
-
Konferensbidrag (refereegranskat)abstract
- BackgroundAs part of a EU project, the Swedish county Uppsala launched a patient portal, Journalen in 2012 [1]. Patients can now access their Electronic Health Records (EHR) online, which is aimed to increase patient empowerment. The medical professionals reacted strongly on patients accessing the medical records. Main concerns were related to quality of care, the effect on their work environment, providing bad news through the eHealth service, and also the wellbeing of patients. While the opportunities of implementing these e-health services seem promising, the concerns of the medical professionals have to be understood and addressed, as well as the actual use of the system by patients. This presentation integrates results from two interview studies with physicians and patients related to patients accessing their medical records online [2,3].MethodThe presented results are synthesis of the interviews studies with 12 physicians [2] and 30 patients [3], which took place about 6–12 months after the launch of the portal. The synthesis presented in this paper focus on Technological Frames [4] of physicians and patients including the attitudes and experiences in relation to possible (1) anxiety creation, (2) increased of workload, and (3) the general value of patients reading medical records.Results Anxiety creation due to receiving bad news. Many physicians believe that breaking bad news to patients during a patient encounter is vital as this would give them the possibility to also explain treat- ments and answer questions. Somewhat unexpectedly, some patients preferred receiving bad news through Journalen instead of waiting for the physicians. The patients argue that waiting times causes more anxiety. The choice of not accessing is also important, as there are patients who do not want to receive bad news before a patient encounter. Workload increases. Many physicians are worried about the work- load of doctors, as reading the medical record online may result in increased number of phone calls because of anxious patients. However, many patients did not tend to take any additional contacts to ask questions. Some of the patients even believe that access to their medical records reduces the number of contacts with healthcare. Usefulness of accessing online. Many physicians are concerned that online access will have a negative impact on the patient such as increased anxiety and misconceptions as they lack understanding of medical terms. Unlike the doctors’ perspective, many patients argue that they do not have major difficulties in understanding the contents. They also argue that Journalen was central to their coping with their decease.Conclusion From this study it is clear that the Technological Frames of physicians differ from those of patients, and that they have different attitudes and experiences towards the system. The intention from the politicians was that the system would contribute to Patient Empowerment, but that framing of the technology differs from the physicians’ view, as they are concerned of the consequences. More research is needed on the framing of the technology and how that has been changed after the launch of the system.[1] Erlingsdottir, G., Lindholm, C. When patient empowerment encounters professional autonomy: The conflict and negotiation process of inscribing an eHealth service. Scandinavian journal of public administration 2015;19(29):27- 48.[2] Grünloh, C., Cajander, Å., Myreteg, G., “The Record is our Work Tool!” - Physicians’ Framing of a Patient Portal in Sweden. J Med Internet Res (submitted).[3] Rexhepi, H., Åhlfeldt, R.-M., Cajander, Å, & Huvila, I. (2015). Cancer Patients’ Attitudes and Experiences of Online Medical Records, 1–8. Proceedings of the 17th International Symposium on Health Information Management Research ISHIMR 2015.[4] Orlikowski, W.J., Gash, D.C. Technological Frames: Making sense of information technology in organizations. Transactions on Information Systems 1994;12(2):174–207. doi: 10.1145/196734.196745
|
|
| 21. |
- Hagström, Josefin, et al.
(författare)
-
Security and Privacy of Online Record Access : A Survey of Adolescents' Views and Experiences in Sweden
- 2024
-
Ingår i: Journal of Adolescent Health. - : Elsevier. - 1054-139X .- 1879-1972.
-
Tidskriftsartikel (refereegranskat)abstract
- Purpose: Ensuring security of online health records and patients' perceptions of security are concerns in adolescent healthcare. Little is known about adolescents' perceptions about healthcare's ability to protect online health records. This article explores adolescents' perspectives on security and privacy of their online health records, potential differences based on gender and health, attitudes to sharing information, and perceptions of what constitutes sensitive information. Methods: This study included a subset of items from a national online patient survey conducted in Sweden (January-February 2022), focusing on respondents aged 15–19 years. Gender and health status differences were calculated using the Kruskal-Wallis test. Results: Of 218 adolescent respondents (77.1% female), a minority had security and privacy concerns. A notable proportion (41.3%) wished to control who could see their records, and those who reported better perceived health were more likely to want to manage access to their electronic health record (H = 13.569, p = .009). Most had not experienced unauthorized access to their records (75.2%) and had never shared health information on other online applications (85.8%). More than half (56.0%) perceived some information as sensitive, where mental health was the most common (76.0%). Most felt that reading their notes improved their trust for their healthcare professional (65.6%) and supported better communication with healthcare professionals (66.5%). Discussion: In this national survey, adolescents generally reported few concerns about patient portals. Findings emphasize the need for security and privacy protection and to empower adolescents with greater control over access to their health information housed in electronic health record systems.
|
|
| 22. |
|
|
| 23. |
|
|
| 24. |
- Huvila, Isto, et al.
(författare)
-
Age-related differences in seeking clarification to understand medical record information
- 2019
-
Ingår i: Information research. - : Högskolan i Borås. - 1368-1613. ; 24:1
-
Tidskriftsartikel (refereegranskat)abstract
- Introduction Patient accessible electronic health records can be used to inform and empower patients. However, their use may require complementary information seeking since they can be difficult to interpret. So far, relatively little is known of the information seeking that takes place in connection to health record use, and especially the way it varies in different age groups. A better understanding of patients' preferences of where and how to find explanatory information provides valuable input for the development of health information provision and counselling services. Method. The analysis is based on the results of a national survey of Swedish individuals (N=1,411) who had used a national patient accessible electronic health record system (Journalen). Analysis. The data were analysed in SPSS 24.0 using Kruskal-Wallis tests for detecting groupwise differences and Jonckheere-Terpstra tests for discovering age-related trends in the data. Findings. Older patients were more likely to use a telephone and younger patients to use socia l contacts to ask for clarification. Generally, older adults born between 1946-1960 appear as passive information seekers. Conclusion. Age gro ups differ in their preferences on how to seek clarification, which underlines the importance of a better understanding of individual differences in delivering not only technically but also intellectually accessible health information. Calling by telephone could be a habit of present older generations whereas, to a degree, searching information online could be a comparable habit of current younger generations.
|
|
| 25. |
|
|
| 26. |
- Huvila, Isto, Professor, 1976-, et al.
(författare)
-
Differences in Health Information Literacy Competencies Among Older Adults, Elderly and Younger Citizens
- 2019
-
Ingår i: Information Literacy in Everyday Life. - Cham : Springer. - 9783030134716 - 9783030134723 ; , s. 136-143
-
Bokkapitel (refereegranskat)abstract
- To address the research gap on age-based differences in health information literacy (HIL), we investigated how younger (born 1960–) and older adults (1946–1960), and elderly citizens (–1945) differed from each other by their HIL competencies. Data were collected with an online survey of patients using the Swedish national electronic health record system. Altogether, 2,587 users responded. One-way ANOVA with post hoc tests revealed several differences between the groups: younger adults were less likely to value health information than older adults; older adults and elderly were least likely to compare information from multiple sources and had trouble in determining health information needs; older adults were most likely to have trouble understanding health terminology and the elderly to have difficulties in understanding medicinal package labels. The study shows that HIL is not necessarily improving or declining but adapting to challenges of advanced age. © 2019, Springer Nature Switzerland AG.
|
|
| 27. |
- Huvila, Isto, et al.
(författare)
-
Patients' perceptions of their medical records from different subject positions
- 2015
-
Ingår i: Journal of the Association for Information Science and Technology. - : John Wiley & Sons. - 2330-1635 .- 2330-1643. ; 66:12, s. 2456-2470
-
Tidskriftsartikel (refereegranskat)abstract
- Better knowledge of the habits and preferences of patients helps one understand why and how patients might need or want to access health services online and offline. Such knowledge provides a basis for designing systems for providing complementary health information. This article discusses how patients' conceptualizations of their health-information-related preferences, motivations, and needs are linked to the perceived role of medical records as an informational artifact. We identified seven subject positions: (P1) Hypothetically positive to e-health services generally, (P2) Positive to reading medical records due to implications, (P3) Positive to all Internet use including medical records online, (P4) Distrustful and wants to be in control of health treatment, (P5) Worried about health, (P6) Wants communication with health care professionals, and (P7) Do not understand their medical record. These subject positions can explain the worry and enthusiasm documented in earlier literature. The diversity of subject positions implies that health care information services should be planned with different subject positions in mind rather than a simple demographic group. Special attention needs to be given to finding flexible solutions that address the opportunities and worries of the identified subject positions.
|
|
| 28. |
- Huvila, Isto, et al.
(författare)
-
Patients reading their medical records : Differences in experiences and attitudes between regular and inexperienced readers
- 2016
-
Ingår i: Information research. - : Högskolan i Borås. - 1368-1613. ; 21:1
-
Tidskriftsartikel (refereegranskat)abstract
- Introduction. We report results of a study of how ordering and reading of printouts of medical records by regular and inexperienced readers relate to how the records are used, to the health information practices of patients, and to their expectations of the usefulness of new e-Health services and online access to medical records. Method. The study is based on a combined postal- and Web-survey of a simple random sample of 1000 patients who ordered a paper copy of their medical records from the Uppsala county council (Sweden) with a final analysed sample of 354 returned questionnaires. Analysis. The data were analysed using SPSS 21.0 using descriptive statistics, one-way analysis of variation (ANOVA) using Tamhane’s T2 test, chi-squared tests and logistic regression analysis. Results. The analysis shows that individuals who had ordered a copy of their medical records in the past perceive their usefulness in broader terms than first-timers. The regular readers are also most concerned about their health and the quality of care. Conclusions. It seems that in addition to certain demographic factors, many of the variations in the data can be explained in terms of adaptive structuration theory. This is a result of a parallel structuration of patients, medical records and the paper-based and online technologies of access, and consequently how patients perceive records and the different methods of accessing and using them.
|
|
| 29. |
|
|
| 30. |
|
|
| 31. |
- Hägglund, Maria, Lektor, 1975-, et al.
(författare)
-
A Nordic Perspective on Patient Online Record Access and the European Health Data Space
- 2024
-
Ingår i: Journal of Medical Internet Research. - : JMIR Publications Inc.. - 1438-8871. ; 26:1
-
Tidskriftsartikel (refereegranskat)abstract
- The Nordic countries are, together with the United States, forerunners in online record access (ORA), which has now become widespread. The importance of accessible and structured health data has also been highlighted by policy makers internationally. To ensure the full realization of ORA’s potential in the short and long term, there is a pressing need to study ORA from a cross-disciplinary, clinical, humanistic, and social sciences perspective that looks beyond strictly technical aspects. In this viewpoint paper, we explore the policy changes in the European Health Data Space (EHDS) proposal to advance ORA across the European Union, informed by our research in a Nordic-led project that carries out the first of its kind, large-scale international investigation of patients’ ORA—NORDeHEALTH (Nordic eHealth for Patients: Benchmarking and Developing for the Future). We argue that the EHDS proposal will pave the way for patients to access and control third-party access to their electronic health records. In our analysis of the proposal, we have identified five key principles for ORA: (1) the right to access, (2) proxy access, (3) patient input of their own data, (4) error and omission rectification, and (5) access control. ORA implementation today is fragmented throughout Europe, and the EHDS proposal aims to ensure all European citizens have equal online access to their health data. However, we argue that in order to implement the EHDS, we need more research evidence on the key ORA principles we have identified in our analysis. Results from the NORDeHEALTH project provide some of that evidence, but we have also identified important knowledge gaps that still need further exploration.
|
|
| 32. |
|
|
| 33. |
- Hägglund, Maria, et al.
(författare)
-
NORDeHEALTH – Learning from the Nordic Experiences of Patient Online Record Access
- 2023
-
Ingår i: Journal of Medical Internet Research. - : JMIR Publications. - 1438-8871.
-
Tidskriftsartikel (övrigt vetenskapligt/konstnärligt)abstract
- The Nordic countries are forerunners in online record access (ORA) which has now become widespread. The importance of accessible and structured health data has also been highlighted by policymakers internationally. To ensure the full realization of ORA’spotential in the short and long term, there is a pressing need to study ORA from a cross-disciplinary, technical, clinical, humanistic, and social sciences perspective that looks beyond strictly technical aspects. In this viewpoint paper, we explore the policy changes in the European Health Data Space (EHDS) proposal to advance ORA across the European Union, and introduce a Nordic-led research project that carries out the first of its kind, large-scale international investigation of patients’ ORA; NORDeHEALTH. We argue that the EHDS proposal will pave the way for patients to access and control third-party access to their electronic health records (EHRs). This will have implications within Europe and globally as it will further extend the boundaries for accessing and using EHRs for primary and secondary data use. Research such as that led by the NORDeHEALTH project is essential in guiding the design and implementation of solutions to meet the requirements of the EHDS proposal. Further international collaboration and research are needed to ensure that socio-technical and contextual factors are considered to ensure successful and secure implementation.
|
|
| 34. |
- Hägglund, Maria, Lektor, 1975-, et al.
(författare)
-
The NORDeHEALTH 2022 Patient Survey : Cross-Sectional Study of National Patient Portal Users in Norway, Sweden, Finland, and Estonia
- 2023
-
Ingår i: Journal of Medical Internet Research. - : JMIR Publications. - 1438-8871. ; 25
-
Tidskriftsartikel (refereegranskat)abstract
- BACKGROUND: Although many surveys have been conducted on patients accessing their own health records in recent years, there is a limited amount of nationwide cross-country data available on patients' views and preferences. To address this gap, an international survey of patient users was conducted in the Nordic eHealth project, NORDeHEALTH. OBJECTIVE: We aimed to investigate the sociodemographic characteristics and experiences of patients who accessed their electronic health records (EHRs) through national patient portals in Norway, Sweden, Finland, and Estonia. METHODS: A cross-sectional web-based survey was distributed using the national online health portals. The target participants were patients who accessed the national patient portals at the start of 2022 and who were aged ≥15 years. The survey included a mixture of close-ended and free-text questions about participant sociodemographics, usability experience, experiences with health care and the EHR, reasons for reading health records online, experience with errors, omissions and offense, opinions about security and privacy, and the usefulness of portal functions. In this paper, we summarized the data on participant demographics, past experience with health care, and the patient portal through descriptive statistics. RESULTS: In total, 29,334 users completed the survey, of which 9503 (32.40%) were from Norway, 13,008 (44.35%) from Sweden, 4713 (16.07%) from Finland, and 2104 (7.17%) from Estonia. National samples were comparable according to reported gender, with about two-thirds identifying as women (19,904/29,302, 67.93%). Age distributions were similar across the countries, but Finland had older users while Estonia had younger users. The highest attained education and presence of health care education varied among the national samples. In all 4 countries, patients most commonly rated their health as "fair" (11,279/29,302, 38.48%). In Estonia, participants were more often inclined to rate their health positively, whereas Norway and Sweden had the highest proportion of negative health ratings. Across the whole sample, most patients received some care in the last 2 years (25,318/29,254, 86.55%). Mental health care was more common (6214/29,254, 21.24%) than oncological care (3664/29,254, 12.52%). Overall, most patients had accessed their health record "2 to 9 times" (11,546/29,306, 39.4%), with the most frequent users residing in Sweden, where about one-third of patients accessed it "more than 20 times" (4571/13,008, 35.14%). CONCLUSIONS: This is the first large-scale international survey to compare patient users' sociodemographics and experiences with accessing their EHRs. Although the countries are in close geographic proximity and demonstrate similar advancements in giving their residents online records access, patient users in this survey differed. We will continue to investigate patients' experiences and opinions about national patient-accessible EHRs through focused analyses of the national and combined data sets from the NORDeHEALTH 2022 Patient Survey.
|
|
| 35. |
- Hägglund, Maria, et al.
(författare)
-
Timing It Right : Patients' Online Access to Their Record Notes in Sweden
- 2018
-
Ingår i: Building Continents of Knowledge in Oceans of Data. - : IOS Press. - 9781614998518 - 9781614998525 ; 247, s. 336-340
-
Konferensbidrag (refereegranskat)abstract
- In Sweden, and internationally, there is an ongoing debate about the effects of national implementations of Patient Accessible Electronic Health Records (PAEHRs). The purpose of this paper was to describe the current situation in Sweden and compare this with the expectations on reasonable waiting time for information access of users of the Swedish PAEHR. Data were collected from publicly available resources regarding current implementation in the 21 county councils, contrasted with patient experiences, gathered from a national online survey. The results indicate that patients have high expectations on immediate access to information, while this varies greatly in implementation across Sweden.
|
|
| 36. |
- Iwaya, Leonardo H, et al.
(författare)
-
E-Consent for Data Privacy : Consent Management for Mobile Health Technologies in Public Health Surveys and Disease Surveillance
- 2019
-
Ingår i: MEDINFO 2019. - : IOS Press. - 9781643680026 - 9781643680033 ; , s. 1223-1227
-
Konferensbidrag (refereegranskat)abstract
- Community health workers in primary care programs increasingly use Mobile Health Data Collection Systems (MDCSs) to report their activities and conduct health surveys, replacing paper-based approaches. The mHealth systems are inherently privacy invasive, thus informing individuals and obtaining their consent is important to protect their rights to privacy. In this paper, we introduce an e-Consent tool tailored for MDCSs. It is developed based on the requirement analysis of consent management for data privacy and built upon the solutions of Participant-Centered Consent toolkit and Consent Receipt specification. The e-Consent solution has been evaluated in a usability study. The study results show that the design is useful for informing individuals on the nature of data processing, allowing them to make informed decisions.
|
|
| 37. |
- Iwaya, Leonardo H
(författare)
-
Engineering Privacy for Mobile Health Data Collection Systems in the Primary Care
- 2019
-
Doktorsavhandling (övrigt vetenskapligt/konstnärligt)abstract
- Mobile health (mHealth) systems empower Community Health Workers (CHWs) around the world, by supporting the provisioning of Community-Based Primary Health Care (CBPHC) – primary care outside the health facility into people’s homes. In particular, Mobile Health Data Collection Systems (MDCSs) are used by CHWs to collect health-related data about the families that they treat, replacing paper-based approaches for health surveys. Although MDCSs significantly improve the overall efficiency of CBPHC, existing and proposed solutions lack adequate privacy and security safeguards. In order to bridge this knowledge gap between the research areas of mHealth and privacy, the main research question of this thesis is: How to design secure and privacy-preserving systems for Mobile Health Data Collection Systems? To answer this question, the Design Method is chosen as an engineering approach to analyse and design privacy and security mechanisms for MDCSs. Among the main contributions, a comprehensive literature review of the Brazilian mHealth ecosystem is presented. This review led us to focus on MDCSs due to their impact on Brazil’s CBPHC, the Family Health Strategy programme. On the privacy engineering side, the contributions are a Privacy Impact Assessment (PIA) for the GeoHealth MDCS and three mechanisms: (a) SecourHealth, a security framework for data encryption and user authentication; (b) an Ontology-based Data Sharing System (O-DSS) that provides obfuscation and anonymisation functions; and, (c) an electronic consent (e-Consent) tool for obtaining and handling informed consent. Additionally, practical experience is shared about designing a MDCS, GeoHealth, and deploying it in a large-scale experimental study. In conclusion, the contributions of this thesis offer guidance to mHealth practitioners, encouraging them to adopt the principles of privacy by design and by default in their projects.
|
|
| 38. |
- Iwaya, Leonardo H, et al.
(författare)
-
mHealth : A Privacy Threat Analysis for Public Health Surveillance Systems
- 2018
-
Ingår i: 2018 IEEE 31st International Symposium on Computer-Based Medical Systems. - : IEEE. - 9781538660607 - 9781538660614 ; , s. 42-47
-
Konferensbidrag (refereegranskat)abstract
- Community Health Workers (CHWs) have been using Mobile Health Data Collection Systems (MDCSs) for supporting the delivery of primary healthcare and carrying out public health surveys, feeding national-level databases with families’ personal data. Such systems are used for public surveillance and to manage sensitive data (i.e., health data), so addressing the privacy issues is crucial for successfully deploying MDCSs. In this paper we present a comprehensive privacy threat analysis for MDCSs, discuss the privacy challenges and provide recommendations that are specially useful to health managers and developers. We ground our analysis on a large-scale MDCS used for primary care (GeoHealth) and a well-known Privacy Impact Assessment (PIA) methodology. The threat analysis is based on a compilation of relevant privacy threats from the literature as well as brain-storming sessions with privacy and security experts. Among the main findings, we observe that existing MDCSs do not employ adequate controls for achieving transparency and interveinability. Thus, threatening fundamental privacy principles regarded as data quality, right to access and right to object. Furthermore, it is noticeable that although there has been significant research to deal with data security issues, the attention with privacy in its multiple dimensions is prominently lacking.
|
|
| 39. |
- Iwaya, Leonardo H, et al.
(författare)
-
Mobile Health Systems for Community-Based Primary Care : Identifying Controls and Mitigating Privacy Threats
- 2019
-
Ingår i: JMIR mhealth and uhealth. - CANADA : JMIR Publications. - 2291-5222. ; 7:3, s. 1-16
-
Tidskriftsartikel (refereegranskat)abstract
- Background: Community-based primary care focuses on health promotion, awareness raising, and illnesses treatment and prevention in individuals, groups, and communities. Community Health Workers (CHWs) are the leading actors in such programs, helping to bridge the gap between the population and the health system. Many mobile health (mHealth) initiatives have been undertaken to empower CHWs and improve the data collection process in the primary care, replacing archaic paper-based approaches. A special category of mHealth apps, known as mHealth Data Collection Systems (MDCSs), is often used for such tasks. These systems process highly sensitive personal health data of entire communities so that a careful consideration about privacy is paramount for any successful deployment. However, the mHealth literature still lacks methodologically rigorous analyses for privacy and data protection.Objective: In this paper, a Privacy Impact Assessment (PIA) for MDCSs is presented, providing a systematic identification and evaluation of potential privacy risks, particularly emphasizing controls and mitigation strategies to handle negative privacy impacts.Methods: The privacy analysis follows a systematic methodology for PIAs. As a case study, we adopt the GeoHealth system, a large-scale MDCS used by CHWs in the Family Health Strategy, the Brazilian program for delivering community-based primary care. All the PIA steps were taken on the basis of discussions among the researchers (privacy and security experts). The identification of threats and controls was decided particularly on the basis of literature reviews and working group meetings among the group. Moreover, we also received feedback from specialists in primary care and software developers of other similar MDCSs in Brazil.Results: The GeoHealth PIA is based on 8 Privacy Principles and 26 Privacy Targets derived from the European General Data Protection Regulation. Associated with that, 22 threat groups with a total of 97 subthreats and 41 recommended controls were identified. Among the main findings, we observed that privacy principles can be enhanced on existing MDCSs with controls for managing consent, transparency, intervenability, and data minimization.Conclusions: Although there has been significant research that deals with data security issues, attention to privacy in its multiple dimensions is still lacking for MDCSs in general. New systems have the opportunity to incorporate privacy and data protection by design. Existing systems will have to address their privacy issues to comply with new and upcoming data protection regulations. However, further research is still needed to identify feasible and cost-effective solutions.
|
|
| 40. |
- Iwaya, Leonardo H., 1988-, et al.
(författare)
-
Overview of Privacy Challenges in Mobile Health Data Collection Systems
- 2018
-
Konferensbidrag (refereegranskat)abstract
- Community Health Workers (CHWs) have been using Mobile HealthData Collection Systems (MDCSs) for public health surveys, feeding the national-level databases with the families’ personal data. Since such systems are inherentlyused for public surveillance and manage sensitive data (i.e., health data), deal-ing with the privacy issues is crucial to successful deployments. In this poster wepresent the privacy challenges related to MDCSs, providing a summary speciallyimportant to health managers and developers.
|
|
| 41. |
- Iwaya, Leonardo H
(författare)
-
Secure and Privacy-aware Data Collection and Processing in Mobile Health Systems
- 2016
-
Licentiatavhandling (övrigt vetenskapligt/konstnärligt)abstract
- Healthcare systems have assimilated information and communication technologies in order to improve the quality of healthcare and patient's experience at reduced costs. The increasing digitalization of people's health information raises however new threats regarding information security and privacy. Accidental or deliberate data breaches of health data may lead to societal pressures, embarrassment and discrimination. Information security and privacy are paramount to achieve high quality healthcare services, and further, to not harm individuals when providing care. With that in mind, we give special attention to the category of Mobile Health (mHealth) systems. That is, the use of mobile devices (e.g., mobile phones, sensors, PDAs) to support medical and public health. Such systems, have been particularly successful in developing countries, taking advantage of the flourishing mobile market and the need to expand the coverage of primary healthcare programs. Many mHealth initiatives, however, fail to address security and privacy issues. This, coupled with the lack of specific legislation for privacy and data protection in these countries, increases the risk of harm to individuals. The overall objective of this thesis is to enhance knowledge regarding the design of security and privacy technologies for mHealth systems. In particular, we deal with mHealth Data Collection Systems (MDCSs), which consists of mobile devices for collecting and reporting health-related data, replacing paper-based approaches for health surveys and surveillance. This thesis consists of publications contributing to mHealth security and privacy in various ways: with a comprehensive literature review about mHealth in Brazil; with the design of a security framework for MDCSs (SecourHealth); with the design of a MDCS (GeoHealth); with the design of Privacy Impact Assessment template for MDCSs; and with the study of ontology-based obfuscation and anonymisation functions for health data.
|
|
| 42. |
- Johannesson, Paul, et al.
(författare)
-
Design solutions for interoperability using a process manager
- 2006
-
Ingår i: Interoperability of Enterprise Software and Applications. - London : Springer-Verlag. - 1846281512 - 9781846281518 - 9781846281525 ; , s. 397-408
-
Konferensbidrag (refereegranskat)abstract
- The healthcare domain is in urgent need for solutions to making clinical and administrative systems, possibly belonging to different healthcare units, interoperable and hence making them deliver timely and correct information as needed in particular situations. Process manager technology allows making all actors (humans or information systems) involved in healthcare processes communicate along these processes. This paper argues that process manager technology is essential for achieving interoperability in healthcare, but that some serious problems need to be overcome to realise its full potential. A number of design solutions to address these problems are proposed.
|
|
| 43. |
|
|
| 44. |
- Kabilan, Vandana, et al.
(författare)
-
Introducing the Common Non-Functional Ontology
- 2007
-
Ingår i: Enterprise Interoperability II. - London : Springer. - 9781846288579 - 9781846288586 - 9781447171317 ; , s. 633-645
-
Konferensbidrag (refereegranskat)abstract
- Enterprise systems interoperability is impeded by the lack of a cohesive, integrated perspective on non-functional aspects (NFA). We propose to respond to the fragmentation in NFA research by supporting a shared, common understanding. For this purpose:- first, we propose a common NFA ontology, which generalizes and integrates the different non-functional aspects under a common top-level ontology. Second, we introduce a series of specialized ontologies on specific non-functional aspects, such as trust, risk, privacy, threat and misuse. By fostering a consensual and shared view of the non-functional aspects domain, we aim to move closer to enhancing semantic enterprise interoperability. This shared perspective on what non-functional aspects are and how they relate to the other 'functional' aspects of enterprise systems, is the key towards enterprise interoperability.
|
|
| 45. |
- Krasniqi, Hanife, et al.
(författare)
-
Patients' Experiences of Communicating with Healthcare - an Information Exchange Perspective
- 2011
-
Ingår i: Proceedings of the 15th International Symposium on Health Information Management Research (ISHIMR 2011). - : University of Zurich. - 9780955928314 ; , s. 241-251
-
Konferensbidrag (refereegranskat)abstract
- Aims: To explore on how patients experience the information exchange with healthcare organizations and how this relates to the six areas that constitute good quality care.Method: A qualitative approach inspired by Grounded Theory was adopted. Seven interviews with patients were carried out in the homes of patients.Conclusion: Healthcare does not always meet the requirements of Health and Medical Services Act with regard to good quality health. An effective exchange of information between health professionals and patients was found as a key issue for creating the conditions for good quality care.
|
|
| 46. |
- Kävrestad, Joakim, 1989-
(författare)
-
Context-Based Micro-Training : Enhancing cybersecurity training for end-users
- 2022
-
Doktorsavhandling (övrigt vetenskapligt/konstnärligt)abstract
- This research addresses the human aspect of cybersecurity by developing a method for cybersecurity training of end-users. The reason for addressing that area is that human behaviour is widely regarded as one of the most used attack vectors. Exploiting human behaviour through various social engineering techniques, password guessing, and more is a common practice for attackers. Reports even suggest that human behaviour is exploited in 95% of all cybersecurity attacks. Human behaviour with regard to cybersecurity has been long discussed in the research. It is commonly suggested that users need support to behave securely. Training is often suggested as the way to improve user behaviour, and there are several different training methods available. The available training methods include instructor-led training, game-based training, eLearning, etc. However, even with the diversity of existing training methods, the effectiveness of such training has been questioned by recent research. Research suggests that existing training does not facilitate knowledge retention and user participation to a high enough degree. This research aims to address the problems with current training practices by developing a new method for cybersecurity training of end-users. The research used a design science (DS) approach to develop the new method in three increasingly complex design cycles. Principles for cybersecurity training were developed based on previous research and the Technology Acceptance Model and made the theoretical foundation of the reserach. The result is a theoretically grounded method for cybersecurity training that outlines goals and guidelines for how such training should be implemented. It has been evaluated in several steps with more than 1800 survey participants and 300 participants in various experiments. The evaluations have shown that it can both support users towards secure behaviour and be appreciated by its users. The main contribution of this research is the method for cybersecurity training, Context-Based Micro-Training (CBMT). CBMT is a theoretical contribution that describes good practices for cybersecurity training for end-users. Practitioners can adopt it as a guide on how to implement such training or to support procurement decisions. The research also shows the importance of integrating usability into the development of security practices. Users must positively receive both training and the guidelines imposed by training since positive user perception increases user adoption. Finally, the research shows that following security guidelines is difficult. While training is essential, this research suggests that training alone is not enough, and future research should consider the interplay between training and other support mechanisms.
|
|
| 47. |
|
|
| 48. |
|
|
| 49. |
- Moll, Jonas, 1982-, et al.
(författare)
-
Contextual Factors of Patients' Access to Electronic Health Records in Four European Countries : A Socio-Technical Cross-Country Analysis
- 2024
-
Ingår i: Journal of Medical Internet Research. - : JMIR Publications. - 1438-8871.
-
Tidskriftsartikel (refereegranskat)abstract
- Background: The NORDeHEALTH project studies patient access to electronic health records in Estonia, Finland, Norway and Sweden. Such country comparisons require an analysis of the socio-technical context of these services.Objective: To develop a method for a socio-technical analysis of patient accessible electronic health records (PAEHRs) that advances a framework first presented by Sitting and Singh. This first article in a series presents the evaluation of the method and a cross-country comparison of the contextual factors that enable PAEHR access and use.Methods: The dimensions of the framework for socio-technical analysis were discussed and extended in a series of discussions with international stakeholders. A spreadsheet with relevant questions related to the studied services was constructed and distributed to the four participating countries, and the project participants researched various national sources to provide the relevant data for the comparisons in ten socio-technical dimensions.Results: Three dimensions were added to the method of Sittig and Singh to separate clinical content from features and functions of PAEHRs and to demonstrate basic characteristics of the different countries regarding national and regional steering of healthcare and ICT developments. The final framework contained the following dimensions: Metadata, Hardware and Software Computing Infrastructure, Features and Functions, Clinical Content Shared with Patients, Human Computer Interface, People, Workflow and Communication, Healthcare Organization’s Internal Policies, Procedures and Culture, National Rules, Regulations and Incentives, System Measurement and Monitoring and Healthcare System Context. Several similarities were identified between the compared countries, especially regarding Hardware and Software Computing Infrastructure. When it comes to the dimension Healthcare System Context most of the differences could be identified. One important difference concerned the governing of ICT development where different levels (state, region, municipality) were responsible in different countries.Conclusions: This is the first large-scale international socio-technical analysis of services for patients to access their electronic health records; the present study compared services in Estonia, Finland, Norway and Sweden. A methodology for such an analysis was developed and is presented to enable comparison studies in other national contexts.
|
|
| 50. |
- Moll, Jonas, et al.
(författare)
-
Patients’ Experiences of Accessing Their Electronic Health Records: Results of a National Patient Survey in Sweden
-
Ingår i: Journal of Medical Internet Research. - 1438-8871.
-
Tidskriftsartikel (refereegranskat)abstract
- Background: Internationally, there is a movement toward providing patients online access to their electronic health records (EHRs). In Sweden, Region Uppsala was the first to introduce patient-accessible EHRs (PAEHRs) in 2012. By the summer of 2016, 17 of 21 county councils had given citizens the possibility to access their medical information online. Studies on the effect of PAEHRs on the work environment of health care professionals have been conducted, but up until now, few extensive studies have been conducted regarding patients’ experiences of using PAEHRs in Sweden or Europe, more generally.Objectives: The objective of our study was to investigate patients’ experiences of accessing their EHRs through the Swedish national patient portal. In this study, we have focused on describing user characteristics, usage, and attitudes toward the system.Methods: A national patient survey was designed, based on previous interview and survey studies with patients and health care professionals. Data were collected during a 5-month period in 2016. The survey was made available through the PAEHR system, called Journalen, in Sweden. The total number of patients that logged in and could access the survey during the study period was 423,141. In addition to descriptive statistics reporting response frequencies on Likert scale questions, Mann-Whitney tests, Kruskal-Wallis tests, and chisquare tests were used to compare answers between different county councils as well as between respondents working in health care and all other respondents.Results: Overall, 2587 users completed the survey with a response rate of 0.61% (2587/423,141). Two participants were excluded from the analysis because they had only received care in a county council that did not yet show any information in Journalen. The results showed that 62.97% (1629/2587) of respondents were women and 39.81% (1030/2587) were working or had been working in health care. In addition, 72.08% (1794/2489) of respondents used Journalen about once a month, and the main reason for use was to gain an overview of one’s health status. Furthermore, respondents reported that lab results were the most important information for them to access; 68.41% (1737/2539) of respondents wanted access to new information within a day, and 96.58% (2454/2541) of users reported that they are positive toward Journalen.Conclusions: In this study, respondents provided several important reasons for why they use Journalen and why it is important for them to be able to access information in this way—several related to patient empowerment, involvement, and security. Considering the overall positive attitude, PAEHRs seem to fill important needs for patients.
|
|
