Abstract
Information processing in health care demands reliable, relevant, systematic, integrated, and managed data throughout care delivery. This leads, even with IT, to increased and time-consuming activities and can cause potentially dangerous situations for the patient as important data may not be available when needed, which in turn can lead to wrong diagnostic or therapeutic decisions. Consequently, hospital IT executives must balance many competing priorities. These endeavours require, in addition to the appropriate utilisation of given IT resources, a far-sighted alignment of IT issues with objectives, and a thorough understanding of uncertainties and legal obligations. This approach to integrated IT governance, IT risk management, and IT compliance (IT GRC) in the hospital Environment is the subject of the work presented here. This investigation is associated with a survey that has been conducted in 2009 and allows therefore drawing conclusions on the progress of IT GRC management in Swiss hospitals over the last 5 years. The findings revealed that IT GRC in health care is still all too often seen as the realm and sole responsibility of the CIO and the IT department. The findings proved that IT GRC has not been utilized sufficiently by the executive management of many hospitals, especially the public ones. The findings revealed the reasons for a less pervasive spread of managed IT GRC can be structured into four main categories representing the greatest barriers to a successful convergence of integrated IT GRC.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
