Examining the intended and unintended consequences of organisational privacy safeguards

Balancing confidentiality and care coordination: challenges in patient privacy

BACKGROUND

In the digital age, maintaining patient confidentiality while ensuring effective care coordination poses significant challenges for healthcare providers, particularly nurses.

AIM

To investigate the challenges and strategies associated with balancing patient confidentiality and effective care coordination in the digital age.

METHODS

A cross-sectional study was conducted in a general hospital in Egypt to collect data from 150 nurses across various departments with at least six months of experience in patient care. Data were collected using six tools: Demographic Form, HIPAA Compliance Checklist, Privacy Impact Assessment (PIA) Tool, Data Sharing Agreement (DSA) Framework, EHR Privacy and Security Assessment Tool, and NIST Cybersecurity Framework. Validity and Reliability were ensured through pilot testing and factor analysis.

RESULTS

Participants were primarily aged 31-40 years (45%), with 75% female and 60% staff nurses. High compliance was observed in the HIPAA Compliance Checklist, especially in Administrative Safeguards (3.8 ± 0.5), indicating strong management and training processes, with an overall score of 85 ± 10. The PIA Tool showed robust privacy management, with Project Descriptions scoring 4.5 ± 0.3 and a total score of 30 ± 3. The DSA Framework had a mean total score of 20 ± 2, with Data Protection Measures scoring highest at 4.0 ± 0.4. The EHR assessments revealed high scores in Access Controls (4.4 ± 0.3) and Data Integrity Measures (4.3 ± 0.3), with an overall score of 22 ± 1.5. The NIST Cybersecurity Framework had a total score of 18 ± 2, with the highest scores in Protect (3.8) and lower in Detect (3.6). Strong positive correlations were found between HIPAA Compliance and EHR Privacy (r = 0.70, p < 0.05) and NIST Cybersecurity (r = 0.55, p < 0.05), reflecting effective data protection practices.

CONCLUSION

The study suggests that continuous improvement in privacy practices among healthcare providers, through ongoing training and comprehensive privacy frameworks, is vital for enhancing patient confidentiality and supporting effective care coordination.

Intelligent health in the IS area: A literature review and research agenda

As the global demand for healthcare services continues to grow, improving the efficiency and effectiveness of the healthcare ecosystem has become a pressing concern. Information systems are transforming the healthcare delivery process, shifting the focus of healthcare services from passive disease treatment to proactive health prevention and the healthcare management model from hospital-centric to patient-centric. This study focuses on reviewing research in IS journals on the topic of e-health and is dedicated to constructing a theoretical model of intelligent health to provide a research basis for future discussions in this field. In addition, as the innovation of intelligent healthcare services has led to changes in its elements (e.g., an increase in the number of stakeholders), there is an urgent need to sort out and analyze the existing research.

Patients' compliance behavior in a personalized mobile patient education system (PMPES) setting: Rational, social, or personal choices?

OBJECTIVE

With the advancement of mobile technologies, patients can access medical and patient educational information anytime and anywhere. Computer-aided patient education has been advocated as a key means of interventions for improving patient knowledge and compliance (i.e., adherence). However, evidence of the efficacy of computer-aided patient education remains relatively limited. For example, little is known about how the latest mobile technologies influence patients' compliance intention and their actual compliance behavior. The objective of this study is to investigate patients' compliance intention and behavior using a personalized mobile patient education system (PMPES) as a novel technological intervention for patients based on rational choice theory (RCT) and the theory of planned behavior (TPB).

MATERIALS AND METHODS

We conducted a field survey with 125 actual patients in U.S. who obtained their patient education through PMPES while seeking medical treatment advice from their doctors. We used partial least squares (PLS) regression path modeling to test our model.

RESULTS

We found that, based on RCT, the benefits of compliance and cost/threat of noncompliance positively influenced intention toward treatment compliance; in contrast, costs of compliance negatively influenced intention toward treatment compliance. However, the benefits of noncompliance had no effect on intention toward treatment compliance. The results also indicated that intention toward treatment compliance, response efficacy, and self-efficacy related to TPB jointly influenced the degree of actual compliance behaviors. Social influence factors including subjective norms and descriptive norms had no influence on patients' actual treatment compliance behavior.

CONCLUSION

Overall, the research model explains 69.2 % of the variance in patients' actual compliance behavior. We find our model robust in using RCT as a key theoretical lens for the assessment of patients' compliance intention to follow medical recommendations enabled by the PMPES and delivered to mobile devices. The factors associated with RCT and TPB jointly influence patients' actual compliance behavior. Future mobile patient education programs should consider patients' age groups, mixed-gender groups, different medical settings, and cross-cultural contexts.

The Zachman Framework for Enterprise Architecture: An Explanatory IS Theory

Enterprise Architecture (EA) has had an interesting and often controversial history since its inception in the late 80’s by pioneers such as John Zachman. Zachman proposed the Zachman Framework for Enterprise Architecture (ZFEA), a descriptive, holistic representation of an enterprise for the purposes of providing insights and understanding. Some scholars claim that EA is an imperative to ensure successful business structures or business-IT alignment, or more recently with Enterprise Architecture Management (EAM), to manage required organizational transformation. However, EA initiatives within companies are often costly and the expected return on investment is not realized. In fact, Gartner recently indicated in their 2018 Enterprise Architecture Hype Cycle that EA is slowly emerging from the trough of disillusionment after nearly a decade. In this paper we argue that the role and value of EA is often misunderstood, and that EA, specifically the ZFEA for the purpose of this paper, could be considered as a theory given the view of theory within Information Systems (IS). The purpose of IS theories is to analyse, predict, explain and/or prescribe and it could be argued that EA often conform to these purposes. Using the taxonomy of theories as well as the structural components of theory within IS as proposed by Gregor, we motivate that the ZFEA could be regarded as an explanatory theory. Positioning ZFEA as IS explanatory theory provides insight into the role and purpose of the ZFEA (and by extension EA), and could assist researchers and practitioners with mediating the challenges experienced when instituting EA and EAM initiatives within organizations.