Negative Impacts of Technology on Healthcare Information Systems - Research Paper Example

? Technologies and Strategic Information Systems Plan Lecturer Introduction Technology refers to the making, modification, use and knowledge of machines, techniques and methods of organization in order to solve a problem, achieve a goal or perform a specific function. Technology has affected the society in numerous ways. It has its positive sides and negative sides. Strategic information systems plan is one of the most demanding and critical area for an organizations’ performance. By identifying information technology capabilities and ensuring integration between business and IT functionality. It ends to achieve better outcomes through better IT performances (Beaver, 2003). Strategic information systems plan is whereby computer systems are incorporated in the implementation of a business strategy to achieve set objectives (Carla, Narcisi, 2012). They are those systems where information services resources are applied to strategic business operations where there are set targets. Strategic planning for IT is increasingly regarded as a key component of corporate planning. Impact Technologies have had and will have on Healthcare Information Systems Information system is a compilation of those softwares that organizations use to collect, process, create and distribute data. The health sector needs to incorporate information systems into their field since it involves massive collection, production and storage of data. As we know, healthcare involves diagnosis, treatment and prevention of diseases on almost everyone in the world. This is an implication in which there is a dire need to record and keep data not only manually but also electronically, and that is where technology and information systems draw their importance. Technology has had its substantial share on the side of data storage in the healthcare sector. With the consideration that technology is a big and dynamic field, it is said to be unpredictable and of infinite expansion (Jemima et al., 2013). It has had impacts on information systems; that is in the collection and storage of data both positive and negative. However, since technological advancement is propelled by the urge to proficiency and an aim to accuracy, it has had a relatively higher positive impact than a negative one (Jemima et al., 2013). Positive Impacts An enhanced data collection and recording method Healthcare is a field where numerous researches are conducted and thus call for a high level of data collection. Technological growth has continually provided portable devices for data collection in fields of research and reliable nature. Additionally, healthcare is one of the fields that have a high level of record keeping (Jemima et al., 2013). Healthcare information systems thus call for a comprehensive and quality record keeping structure. Technological advancements has immensely contributed to the storage of data through devices that are of a high capacity and highly portable, such as tablets and iPads. Employees’ payment and evaluation structure Healthcare field is labor intensive considering that competent personnel must be available to offer various healthcare services, which interprets to a large number of employees. Its information system thus requires a comprehensive and a well equipped format for the evaluation and payment of employees to avoid double payments, ghost working and funds misappropriation. Technology has provided softwares that cater for employees’ records, evaluation, as well as pay allocation (Jemima et al., 2013). Such softwares include, for example, quick books and Microsoft excel. An enhanced customer service provision Technology has provided for the creation of websites and communication equipments. Via websites clients can book appointments with health service providers, such as doctors, and book accommodation in hospital wards (Beaver, 2003). Negative Impacts of Technology on Healthcare Information Systems Phishing of data This can be described as the criminally fraudulent process to acquire sensitive information, such as usernames, passwords and personal health information (PHI) by camouflaging as a trustworthy entity. This can be disastrous to the reputation of the organization yet no one can be solely blamed for it. More so, such activities arising from development in information systems, can compromise the security of PHI (Beaver, 2003). PHI security is arguably the most important aspect of consideration during the design of any data collecting and storage system because of its importance. Therefore, any threat that compromises its security cannot be taken lightly. Over reliance on machines causing negligence by the information system staff leading to loss and manipulation of data This too is a serious threat to an organization especially a health service provider because data maintained is by large the critical part of service provision as references are on a regular basis. Top Three Threats to the Quality of Healthcare Data The proliferation of mobile devices The growth in the use of mobile devices, such as ipads, tablets and other devices, has grown over time. Ponemon Institute (2013) states that 81% of healthcare organizations store information on mobile devices and 49% of the organizations take no step to secure their data. Those who take steps to secure their data they do it incompletely implying that the data is access by unauthorized people particularly when the devices are lost or stolen (Ponemon Institute, 2013). It has been estimated that about 10 million mobile devices containing enterprise information will be lost in a year (Rafalin, 2011). For instance, in October 2011, a personal computer was stolen from Suffer Health with more than 4 million patient records. This was a massive loss of data and could not be recovered (Rafalin, 2011). The failure to protect data stored in electronic devices against being sent, copied or stored in other electronic devices, such as Universal Serial Bus devices (USB) or Digital Versatile Disk (DVDs), is another serious risk to the quality of healthcare data. Particularly, this is a serious risk to the security and confidentiality of PHI. For instance, employees who leave the institution can choose to take with them such data and use it against the health institution or even against the patients. Accidental data loss and exposure to third parties The most common cause of data loss is human error and third parties (Ponemon Institute, 2013). For example, in October 2011, officials of Stanford Hospital confirmed that data collected for about half a year, which contained crucial information for about 20000 patients, was exposed because a billing contractors’ marketing agent posted the electronic spreadsheet erroneously (Ponemon Institute, 2013). This means, therefore that data was accessed by unintended people, which made it cease to be confidential. The consequences of such an action would include legal actions being taken against the organisation for breaching the most important aspect of PHI, ensuring confidentiality of PHI. Advanced persistent threat (APT) This is“sophisticated, long term hacking attacks aimed at governments and companies with the aim of gaining financial profit, intellectual property or destroying sensitive” information of an institution (Rafalin, 2011). This affects the healthcare sector adversely; in the recent past health information has been stolen from hospitals and used against the healthcare organizations and patients (Rafalin, 2011). Advanced persistent threats are hard to detect since they are deliberate, and they inflict a heavy damage on stored data. Solutions to the Threats against Healthcare Data User education on how to secure their mobile devices and personal computers with passwords and pin codes is the most basic solution to loss of healthcare data. Effective passwords are considered to include random combination of upper and lower case letters, numbers, special characters that are at least eight characters long (Rafalin, 2011). Employees in healthcare providing institutions should also be educated on how to detect social engineering and phishing scams. This enables them not to get tricked into giving away passwords and/or healthcare information to malicious parties who would want to benefit from the information given. Hacking activities can be prevented through the use of highly effective antivirus software and firewalls that detect and warns organisations of malicious activities. These softwares should be updated regularly to ensure that they are always effective in protecting data stored in electronic devices from hacking. Data encryption, which involves converting data in such a way that it cannot be read by another electronic device, is another strategy to protect data against hacking and phishing (Rafalin, 2011). Once accessed by a third party, it cannot be read unless the process of encryption is conducted by the device that created it. Biometric security is another means to provide highly reliable security to stored data. This is whereby data users or better still the employees are required to undergo physical or behavioral characteristics analysis, such as voice recognition, fingerprints, hand geometry and face or iris scanning before gaining access to electronic devices containing healthcare data. This move is aimed at ensuring that only authorized personnel are allowed access to the devices (Rafalin, 2011). Accordingly, the devices should be highly secured in locked and well guarded storage areas and housings that are accessed only after identity verification through biometric security. Finally, data stored in electronic devices should be backed up regularly to ensure that an organisation has a copy of data in case of data loss. However, data backup process should be authorized before being conducted to ensure that it is not copied or sent to the wrong destination. The process should also be well monitored to avoid erroneous sending of data to unintended people. Those additional copies may be used to restore the original data or files should a data loss occur. Basic Components of a Strategic Information System Plans The main components of a strategic information system plan can be broken down into seven stages as explicated. The first step involves a preliminary survey study, which is conducted to establish if there is a need of an information system and if so, why it is needed. This is aimed at investigating the project deeply to provide information in terms of costs and returns that justify the coming up of that information system (Carla and Narcisi, 2012). A detailed report is presented to the management with appropriate recommendation. Secondly, there is a feasibility study that involves a team to carry out a study of the application area. The team provides information on the technical, economical and social aspects of the information systems the organization wants to put in place. Steps in the study depend on the individual strategic information system plans (Szewczak, 1988). During the study, the team should be aware of the objectives of the strategic information system. Formulating a design is an integral part of the feasibility study putting into consideration the social factors and how the systems will affect the society at large. Other issues to investigate in this step involve legal, technology, political and cultural environments and their impact on the system underway. Thirdly, the organisation or the team mandated with the establishment and implementation of the strategic information system conducts fact labeling. This is a comprehensive study carried out to understand the system you want to install in the organization. It is then followed by system analysis, fourth component, which involves giving a full description of the exciting systems, if any, and the objectives of the one the organization is planning to set up. This step culminates to a full description and specifications of the design in terms of requirements, components, working principle and maintenance among other information, which should be examined and approved before system design is embarked upon (Carla and Narcisi, 2012). The fifth component is designing of the system information, which largely depends on the analysis. For example, if different combinations of manual and computerized elements will be considered, the outcome of this component is an ultimate documentation of a new strategic information system. The system specification will contain full details of all clerical and computer procedures involved. Each specification is then considered along any associated proposals from the manufacturers or suppliers of the computers (Carla and Narcisi, 2012). Design is then followed by an implementation of the system, which involves simply following the details set out in the system specification (Szewczak, 1988). Finally, the last stage is maintenance and review of the information systems, which involves the examination of the system to see if it has met the set objectives. Appropriate measures are then taken to ensure it performs as expected and stipulated in the objectives and goals (Carla and Narcisi, 2012). Prediction on the Major Development in the Evolution of Healthcare Information Systems Over the past few decades, information systems have evolved from manual data collection, storage and analysis to electronic. Record keeping, which is essential in the healthcare field, is yet to reach its optimal level of advancement. In the next 20 years, it is expected to have further grown to produce fast, efficient and easy customer service and be a force to reckon with by other profit making and service provider organizations. Conclusion Technologies are a part of the modern world and their contribution to the success of the healthcare industry cannot be denied. However, they have had some negative impacts and threats including risk of losing data or making PHI and other confidential data accessible to unauthorized parties. This means that extra measures, as presented, should be implemented to secure data stored in electronic devices. Strategic information systems also promise good results for healthcare organisations. This paper has presented the main steps that organizations should follow in designing and implementing strategic information systems. References Beaver, K. (2003). Healthcare Information Systems, Best Practice Series. Auerbach Publishers, Inc. Carla, L. W. & Narcisi, N. (2012). Strategic Information Systems Planning: An Empirical Evaluation of Its Dimensions. Journal of Technology Management & Innovation, 7(2): 52-61. Jemima, F. A., Bradford, E. J., LaShonda, S. M., Karan, S. P., Rivers, P. A. & Sejong, B. (2013). Health information technology capacity at federally qualified health centers: a mechanism for improving quality of care. BMC Health Services Research, 13(1): 1-12. Ponemon Institute. (2013). 2012 Most Trusted Companies for Privacy. Ponemon Institute LLC. Rafalin, M. (2011). Year-end: 3 security threats and 4 tips for protecting Health data. Government Health IT. Accessed May 5, 2013 from http://www.govhealthit.com/news/year-end-3-security-threats-and-4-tips-protecting-health-data Szewczak, E. J. (1988). Exploratory Results of a Factor Analysis of Strategic Information: Implications for Strategic Systems Planning. Journal of Management Information Systems, 5(2): 83-97. Read More