Adapting maturity models to healthcare organization's needs is an issue that researchers and technicians should consider and a valuable instrument for IT managers because these models allow the assessment of a present situation as well as the identification of useful improvement measures. This paper discusses the practical utilization of maturity models, including different manners of exploring model's usefulness. For a more complete understanding of maturity models, the selection of criteria and processes of measurement, called metrics, is briefly reviewed in terms of indicators and daily procedures. Some issues of management information systems security are briefly addressed, along with a note on measuring security assessment. Finally some considerations are presented about the need for privacy of personal data to ensure the strategies to be pursued to sensitive data in order to establish a level of effective privacy which is included in the concerns of security of information systems.
TopIntroduction
Information systems (IS) are increasingly becoming a valuable and indispensable tool in health care arena to efficient delivery of high quality health services. IS are one of the most common computer systems have been designed to support health care services. For this reason, technical and scientific reflections on its safety and improvement are always justified.
Many organizations are using several methods and techniques to examine and improve their current maturity level of Information Systems (IS) according to the last updates of information technology (IT) (Dwivedi et al., 2015). Although IT evaluation studies based on IS maturity stages have been conducted widely, the stages theory has not been confirmed through statistical testing. IT evaluation activities can present managerial implications to an enterprise by determining where it stands within the stages theory. The results of some studies tend to indicate the meanings and the opportunity of newly defined five stages of IT maturity: initiation, recognition, diffusion, control, and integration (Breytenbach et al., 2013; Leem et al., 2008; Andersen & Henriksen, 2006).
IS and consequent advances have always been essential elements for organizations functioning and development, but nowadays the characteristics, the differentiation and the overload of data, technical information and equipment’s demand that IS assets should be managed in an explicit and intelligent way, moving towards maturity levels (Carneiro, 2013). A maturity model is a structured set of elements of any nature that has the characteristics of processes, practices, procedures and protocols. This set is arranged by levels of specific subsets of elements that an organization must have to achieve a certain maturity level and successful business process management. Based in research in the field of maturity models, some authors suggest six core elements of business process management: strategic alignment, governance, methods, information technology, people, and culture (Rosemann & vom Brocke, 2015).
Health data is one of the most vital, strategic assets hospitals and other healthcare organizations possess. They depend on this complex set of different data to develop adequate services, make critical strategic decisions, protect property rights, push marketing initiatives, manage projects, process transactions, attract potential clients, and generate revenues. Large amounts of critical data are created and patients' hospital records are compiled automatically, manually, and stored in the records department for retrieval whenever needed.
Given the importance of the role of Information Systems (IS), the objective of this paper is to present some considerations concentrated in its maturity stages, the measures (metrics) needed, and the security / privacy of some data.