Ferreira, Ana, Antunes, Luis, Chadwick, David W., Correi, Ricardo (2010) Grounding Information Security in Healthcare. International Journal of Medical Informatics, 79 (4). pp. 182-196. (doi:10.1016/j.ijmedinf.2010.01.009) (The full text of this publication is not currently available from this repository. You may be able to access a copy if URLs are provided) (KAR id:30670)
| The full text of this publication is not currently available from this repository. You may be able to access a copy if URLs are provided. | |
| Official URL: http://dx.doi.org/10.1016/j.ijmedinf.2010.01.009 |
Abstract
Purpose
The objective of this paper is to show that grounded theory (GT), together with mixed methods, can be used to involve healthcare professionals in the design and definition of access control policies to EMR systems.
Methods
The mixed methods applied for this research included, in this sequence, focus groups (main qualitative method that used grounded theory for the data analysis) and structured questionnaires (secondary quantitative method).
Results
Results showed that the presented methodology can be used to involve healthcare professionals in the definition of access control policies to EMR systems and explore these issues in a diversified and integrated way. The methodology allowed for the generation of great amounts of data in the beginning of the study and in a short time span. Results from the applied methodology revealed a first glimpse of the theories to be generated and integrated, with future research, into the access control policies.
Conclusions
The methodological research described in this paper is very rarely, if ever, applied in developing security tools such as access control. Nevertheless, it can be an effective way of involving healthcare professionals in the definition of access control policies and in making information security more grounded into their workflows and daily practices.
| Item Type: | Article |
|---|---|
| DOI/Identification number: | 10.1016/j.ijmedinf.2010.01.009 |
| Uncontrolled keywords: | information security; access control; access control policy; electronic medical record; grounded theory; mixed methods. |
| Subjects: | Q Science > QA Mathematics (inc Computing science) > QA 76 Software, computer programming, |
| Divisions: | Divisions > Division of Computing, Engineering and Mathematical Sciences > School of Computing |
| Depositing User: | David Chadwick |
| Date Deposited: | 21 Sep 2012 09:49 UTC |
| Last Modified: | 16 Nov 2021 10:08 UTC |
| Resource URI: | https://kar.kent.ac.uk/id/eprint/30670 (The current URI for this page, for reference purposes) |
University of Kent Author Information
Chadwick, David W..
| Creator's ORCID: |
 https://orcid.org/0000-0003-3145-055X
|
|---|---|
| CReDIT Contributor Roles: |
- Export to:
- RefWorks
- EPrints3 XML
- BibTeX
- CSV
- Depositors only (login required):
Altmetric
Altmetric
