Abstract
BackgroundTraditionally, health information has been mainly kept in paper-based records. This has deeply changed throughout approximately the last three decades with the widespread use of multiple health information technologies. The digitization of health care systems contributes to improving health care delivery. However, it also exposes health records to security and privacy breaches inherently related to information technology (IT). Thus, health care organizations willing to leverage IT for improved health care delivery need to put in place IT security and privacy measures consistent with their use of IT resources.ObjectiveIn this study, 2 main objectives are pursued: (1) to assess the state of the implementation of IT security and privacy practices in European hospitals and (2) to assess to what extent these hospitals enhance their IT security and privacy practices as they move from paper-based systems toward fully electronic-based systems.MethodsDrawing on data from the European Commission electronic health survey, we performed a cluster analysis based on IT security and privacy practices implemented in 1723 European hospitals. We also developed an IT security index, a compounded measure of implemented IT security and privacy practices, and compared it with the hospitals’ level in their transition from a paper-based system toward a fully electronic-based system.ResultsA total of 3 clearly distinct patterns of health IT–related security and privacy practices were unveiled. These patterns, as well as the IT security index, indicate that most of the sampled hospitals (70.2%) failed to implement basic security and privacy measures consistent with their digitization level.ConclusionsEven though, on average, the most electronically advanced hospitals display a higher IT security index than hospitals where the paper system still dominates, surprisingly, it appears that the enhancement of IT security and privacy practices as the health information digitization advances in European hospitals is neither systematic nor strong enough regarding the IT-security requirements. This study will contribute to raising awareness among hospitals’ managers as to the importance of enhancing their IT security and privacy measures so that they can keep up with the security threats inherently related to the digitization of health care organizations.
Highlights
Motivation and ObjectivesIn many countries, health care services delivery is being reformed—and some say revolutionized [1]—through information technology (IT)
Health information becomes more portable and readily shareable within and among different health care organizations; it becomes readily available to public health administrators for health surveillance and policy-making purposes; it becomes, under certain conditions, available for research; it becomes more accessible to patients
This has deeply changed throughout approximately the last three decades, with the widespread use of multiple health IT (HIT), an umbrella term we use here to refer to all IT systems used for storing, accessing, processing, sharing, transmitting health information, or for supporting health care delivery and health care systems management
Summary
Motivation and ObjectivesIn many countries, health care services delivery is being reformed—and some say revolutionized [1]—through information technology (IT). Health information has been mainly kept in paper-based records This has deeply changed throughout approximately the last three decades with the widespread use of multiple health information technologies. This has deeply changed throughout approximately the last three decades, with the widespread use of multiple HIT, an umbrella term we use here to refer to all IT systems used for storing, accessing, processing, sharing, transmitting health information, or for supporting health care delivery and health care systems management. HIT encompasses all the 4 functionality-based categories of IT proposed by Adler-Milstein et al [15]: provider-centric electronic record, patient-centric electronic record, HIE, and telehealth By their mere nature, HIT compiles a wide range of highly sensitive information. The task of keeping health records secure is affected by the dynamic nature of the HIT environment
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.