Information Assurance in E-Healthcare

Abstract

There is growing concern that the healthcare industry has not adopted IT systems as widely and effectively as other industries. Healthcare technological advances generally emerge from the clinical and medical areas rather than clerical and administrative. The healthcare industry is perceived to be 10 to 15 years behind other industries in its use of information technology (Raghupathi & Tan, 1997). Incorporating new technology into the healthcare organization’s processes is risky because of the potential for patient information being disclosed. The purpose of this study is to investigate the information assurance factors involved with security regulations and electronic medical record initiatives—a first necessary step in making the healthcare industry more efficient. Noncompliance of a healthcare organization’s employees with security and privacy policies (i.e., information assurance) can result in legal and financial difficulties, as well as irreparable damage to an organization’s reputation. To implement electronic medical initiatives, it is vital that an organization has compliance with security and privacy policies. E-health technology is a relatively current phenomenon. There are two types of distance-related healthcare that are technology driven. Telehealth is known for involving telemedicine—medicine practiced over a distance, with the impetus of control being in the physician’s hands (Maheu, 2000). E-health involves the patient or physician actively searching for information or a service, usually via the Internet (Maheu). Electronic medical records fall into the e-health category because the physician, healthcare partners, and patient would be able to access the information through an Internet connection.