Privacy and security of electronic patient records – Tailoring multimethodology to explore the socio-political problems associated with Role Based Access Control systems

Small, Adrian and Wainwright, David (2018) Privacy and security of electronic patient records – Tailoring multimethodology to explore the socio-political problems associated with Role Based Access Control systems. European Journal of Operational Research, 265 (1). pp. 344-360. ISSN 0377-2217

[img] Text
Privacy and Security of Electronic Patient Records - Final Accepted EJORS July2017 NRL.pdf - Accepted Version
Restricted to Repository staff only until 4 August 2019.

Download (977kB) | Request a copy
Official URL: https://doi.org/10.1016/j.ejor.2017.07.041

Abstract

Multimethodologies are now an established area of ‘soft’ operations research (OR). Adopting appropriate OR methods to tackle unstructured and complex problems is a promising field of inquiry and potential application. Research in the areas of energy and utilities, education, UK public services, and healthcare has demonstrated the success of applying multimethodologies to practice. This research focused on the socio-political and socio-cultural issues associated with the specification and design of a Role Based Access Control (RBAC) system as a precursor to the adoption of an electronic health and patient record system in an English National Health Service (NHS) hospital Trust. Although being a local hospital Trust initiative, there were many complex requirements and constraints from UK NHS policies, strategies and standards, as well as from government contracted IT company vendors, consultancy companies and software consortia (termed Local Service Providers). This research develops a multimethodology, using SSM in combination with process modelling and technology management (referred to as TMSSMXL), in order to tailor problem structuring methods to a healthcare hospital context. The research concludes that by adopting methods that are compatible with an organization's culture, stakeholder perspectives and professional working, a suitable mix of OR methods may be combined and deployed that can enable, and enhance, stakeholders’ knowledge and learning about the unforeseen organizational consequences of complex technology introduction. It is argued that this leads to more effective technology systems requirements definition and greater project implementation success.

Item Type: Article
Uncontrolled Keywords: Problem structuring, Multimethodologies, Role Based Access Control, Soft operational research, Electronic Health Records
Subjects: P900 Others in Mass Communications and Documentation
Department: Faculties > Business and Law > Newcastle Business School > Business and Management
Depositing User: Becky Skoyles
Date Deposited: 06 Sep 2017 08:15
Last Modified: 18 Apr 2018 13:15
URI: http://nrl.northumbria.ac.uk/id/eprint/31729

Actions (login required)

View Item View Item

Downloads

Downloads per month over past year

View more statistics


Policies: NRL Policies | NRL University Deposit Policy | NRL Deposit Licence