Analysis of Security and GDPR Issues in Healthcare Records Databases

Verified

Added on 2021/01/02

AI Summary

This report provides a comprehensive analysis of security and GDPR issues and concerns within healthcare organizations, specifically focusing on health records databases. The research, based on a study of the Royal London Hospital, aims to analyze these issues to improve the safety and effectiveness of health record systems. The literature review examines ways to reduce GDPR issues, enhancing the security of health records. A qualitative research approach, employing interpretivism, descriptive research design, and an inductive research approach, was used to conduct the study. Secondary data collection and thematic data analysis were utilized, with a random sampling of 50 individuals. The findings highlight the use of effective techniques and methods to secure health records databases, in accordance with GDPR principles. The report addresses the importance of maintaining patient privacy, the significance of secure information systems, and the need for healthcare organizations to establish robust policies and practices to protect patient data, ultimately ensuring that patient information is handled securely and responsibly.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Security and GDPR issues and concerns in
healthcare organizations: the case of health
records databases

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

ABSTRACT
The given dissertation is based on 'Security and GDPR issues and concerns in healthcare
organizations: the case of health records databases' which is significant to determine related
problems to solve them properly. It is helpful to identify related issues which are created in
healthcare organisations to find effective ways to sort out them in order to improve safety of
health records databases. However, this investigation has an aim of 'To analyse the security and
GDPR issues and concerns in healthcare organizations regarding the case of health records
databases”. A study on Royal London Hospital'. In addition to this, the literature review consist
analysis of ways of reducing GDPR issues for improving safety of health records and
maintaining effectiveness of related systems. Moreover, the qualitative research and
interpretivism method is used to conduct the study properly. Meanwhile, descriptive research
design and inductive research approach has been preferred to gain correct findings. Basically, the
secondary data collection is utilised and thematic data analysis is done by using random
sampling with sample size of 50 individuals. The present research found that effective techniques
and methods are used to secure health records databases along with following principles of
GDPR for securing the patient information in appropriate manner.

Table of Contents
ABSTRACT.....................................................................................................................................2
TITLE..............................................................................................................................................5
CHAPTER 1: INTRODUCTION....................................................................................................5
1.1 Overview of the research..................................................................................................5
1.2 Background of the research..............................................................................................6
1.3 Research Aim...................................................................................................................7
1.4 Research objectives..........................................................................................................7
1.5 Research questions...........................................................................................................8
1.6 Significance of the research..............................................................................................8
CHAPTER 2: LITERATURE REVIEW.......................................................................................10
2.1 Concept of security and GDPR issues in health organizations......................................10
2.2 Analyse the concern of health records databases in healthcare organizations...............12
2.3 The ways of reducing GDPR issue in order to improve the security of health records
databases...............................................................................................................................14
2.4 The effectiveness of different health records systems to maintain the security of health
records..................................................................................................................................16
2.5 The measures can healthcare organisations take for improving safety of health records18
CHAPTER 3: RESEARCH METHODOLOGY...........................................................................20
3.1 Types of Investigation....................................................................................................20
3.2 Research philosophy.......................................................................................................21
3.3 Research design..............................................................................................................21
3.4 Research approach..........................................................................................................22
3.5 Data collection Method..................................................................................................23
3.6 Data analysis...................................................................................................................24
3.7 Sampling.........................................................................................................................24
3.8 Ethical Considerations....................................................................................................25
CHAPTER 4: DATA ANALYSIS................................................................................................26
4.1 Questionnaire..................................................................................................................26
4.2 Findings..........................................................................................................................32

4.3 Analysis..........................................................................................................................47
4.4 Discussion.......................................................................................................................53
CHAPTER 5: CONCLUSION AND RECOMMENDATIONS...................................................57
5.1 Conclusion......................................................................................................................57
REFERENCES..............................................................................................................................59
APPENDIX....................................................................................................................................63

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

TITLE
“Security and GDPR issues and concerns in healthcare organizations: the case of
health records databases”.
CHAPTER 1: INTRODUCTION
1.1 Overview of the research
Security of health records is an important aspect in health care organizations as it is very
essential to maintain the privacy of data related to patients. It is necessary to establish an
effective health records systems in order to maintain patient information safe. However, it has
been analyzed that the privacy of patients and the security of their information can be considered
as the most imperative barriers to entry when considering the adoption of electronic health
records (Zerlang, 2017). In addition to this, there are different types of medical information
which requires privacy including radiologic images, lab test results, medications, allergies, and
other clinical data which are stored and views on computers to determine specific health issue or
cause of the disease. Moreover, information security is required to be ensured because disclosing
to other people regarding specific health issue of individuals impacts negatively on their image
on society and create a number of social problems for them.
Meanwhile, the fact is that a minor medical issue may develop a major societal problem
due to lack of medical knowledge of people living in a society. It is necessary to ensure proper
safety of information related to patients because someone can misuse the same which become
really troubling for an individual (Panjwani and Jäntti, 2017). The GDPR stands for general data
protection regulation which consists of a new set of rules that has been designed to provide more
control to EU citizens over their personal information. It involves the criteria of harmonizing
data privacy laws across Europe, protect & empower all EU citizens data privacy and reshape the
way organizations across the region approach data privacy.
The present investigation will focus on an aim to analyze the security and GDPR issues
and concerns in healthcare organizations regarding the case of health records databases. This
study is based on the Royal London Hospital which is known as a large teaching hospital in
Whitechapel, London and it is a part of Barts Health NHS Trust. The given research will focus
on the concept of security and GDPR issues in health care organization including important to
maintaining the privacy of patient information as along with related problems (Rodrigues And et.

al., 2016). It is essential to maintain medical information including pathological reports of
several tests like CT Scan, MRI, blood test & ECG and other recorded data about prescriptions
involving given medications. It will also include concern of health records databases in
healthcare organizations because previous information is a help to make immediate and accurate
decision to provide appropriate treatment while the patient is not the conscious state. The
effective ways for decreasing GDPR in context of increasing security of health records databases
which is an important aspect in terms of maintaining the privacy of patients in an appropriate
manner are given here. It consists of the criteria for putting efforts for preparing more effective
as well as efficient strategies for ensuring accurate safety of patient information which cannot be
accessed by any other person. Moreover, it involves the effectiveness of different kinds of health
records systems to maintain the security of health records. It also includes appropriate policies
and rules of healthcare organizations for improving the safety of patient information and other
relevant data.
1.2 Background of the research
The present report is based on Royal London Hospital which is a large teaching
healthcare organization situated in White-chapel, London and it is associated as a part of Barts
Health NHS trust. It was founded in the years around 1740, almost 279 years ago. However, this
care organization conducts clinical practices in order to provide distinct general hospital services
for the city, Tower Hamlets and specialist tertiary care facilities for patients from across London
and elsewhere.
Meanwhile, it consists of approximately 110 wards, 26 operation theatres and 845 beds
which are used for providing proper care and medical facility to sick people in respect of
improving their health condition. Moreover, this care institution focuses on actual needs and
desired of ill people and establish an appropriate care plan for providing accurate services to top
them so that they will become disease free and comfortable (Romanou, 2018). Additionally,
there are a number of healthcare organizations which used different electronic systems to store
and process required information related to patient properly. It involves the different criteria of
maintaining records of the overall information and get easy access to specific data in order to
make the immediate decision of medication for the welfare of the specific patient.
The given investigation will focus on the concept of security and GDPR issue in the
context of maintaining proper safety of health records. It is necessary for hospital administration

to do not disclose any single information about their patients to other people. However, it
involves the fact that common people do not have proper knowledge about health problems and
they can make a big issue of any specific disease which is not favorable for an individual.
Additionally, other people can misuse the medical information of patients which is harmful to a
person then it is mandatory for care professionals working in hospitals to maintain the privacy of
patients information (Hunter And et. al., 2018).
It will include concern of health records in hospitals including understanding the health
of public and pattern of illness and determine cost-effective services. This given investigation
also discuss appropriate policies and rules of healthcare organizations which are helpful to boost
up the safety of health records. It is essential for every care institution to establish effective
strategies and norms which should be followed by every staff members in respect of securing
overall information related to patients for maintaining privacy. Moreover, it will include the
effectiveness of strict rules and norms to make sure about the safety of health records as that
nobody can misuse it (Bauder, Khoshgoftaar and Seliya, 2017). In addition to this, it will go to
evaluate the effectiveness of different health records systems to maintain the security of health
records. It consist the criteria to analyze features of particular health record systems and
implement it by determining its efficiency to secure overall database of the healthcare
organization.
1.3 Research Aim
“To analyze the security and GDPR issues and concerns in healthcare organizations
regarding the case of health records databases”. A study on Royal London Hospital.
1.4 Research objectives
 To determine the concept of security and GDPR issues in health organizations.
 To analyze the concern of health records databases in healthcare organizations.
 To evaluate the ways of reducing the GDPR issue in order to improve the security of
health records databases.
 To identify the effectiveness of different health records systems to maintain the security
of health records.
 To ascertain the measures can healthcare organisations take for improving safety of
health records.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

1.5 Research questions
 What is the concept of security and GDPR issues in health organizations?
 How to analyze the concern of health records databases in healthcare organizations?
 What are the ways of reducing the GDPR issue in order to improve the security of health
records databases?
 How to identify the effectiveness of different health records systems to maintain the
security of health records?
 What measures can healthcare organisations take for improving safety of health records?
1.6 Significance of the research
The significance of conducting this investigation is to analyze the related issue of security
and privacy of health records in care organizations. It is necessary to determine problems
relevant to the safety of data which facilitate to establish more effective as well as an efficient
information system to ensure the privacy of the desired collection of information. However, it is
important to evaluate issue related to maintaining the security of data in hospitals so that specific
methods or techniques can be applied to solve them all. In addition to this, it will also provide
support to analyze the risk of an occurring problem for an individual while their related
information has been misused by someone else (Flaumenhaft and Ben-Assuli, 2018). Meanwhile,
this research is helping to identify that current policies and regulations are much sufficient or not
to make sure the privacy of patients data in a proper manner. It will facilitate to gain an
appropriate idea for preparing more accurate strategies and rules in respect of ensuring accurate
safety of data related to sick individuals in healthcare organizations.
The rationale of this investigation is to determine the number of issues related to GDPR
and focus them to sort out the incorrect way. It is necessary to initially find the specific problem
behind desired aspects then only appropriate solutions can be prepared accordingly (Kuchinke
and et. al., 2016). However, the analysis regarding the concern of GDPR issue is helpful to
determine accurate methods and technique which can improve the security of health records
databases in health care organizations respectively. Moreover, it is significant to conduct an
investigation in respect of boosting up the effectiveness of the information system and other
regulations to improve the security of healthcare records databases. It will facilitate to analyze
the more effective health records system in order to secure a database of patients in an

organization. Meanwhile, appropriate health records system is required to establish in the
hospital to records, manage and process patients information in a proper way.

CHAPTER 2: LITERATURE REVIEW
Literature review can be described as a review which identifies, evaluates and synthesises
related information within specific area of study. It is a kind of descriptive and analytic summary
of existing material relating to specific topic or field of investigation. However, the literature
can be considered as an effective procedure which is responsible for involving a systematic
examination of prior scholarly works (Bolognini and Bistolfi, 2017). It is helpful to understand
the particular topic of a study along with establishing significance of the same. In addition to
this, literature review provide support to develop own ideas and enhance knowledge which is
helpful to conduct research in appropriate way.
2.1 Concept of security and GDPR issues in health organizations
Security of healthcare records can be known as an important criterion which is focussed
by every healthcare organization. It involves the criteria of maintaining the privacy of data
related to patients and administrative information which can be misused by other people.
Moreover, GDPR can be described as a regulation in EU law on data protection and privacy for
all individuals within the European Union (EU) and the European economic area (McLoughlin,
Garrety and Wilson, 2017). In addition to this, it has been analyzed that organizations like Royal
London Hospital much establish a GDPR compliance program and demonstrate compliance. It
includes several elements of accountability which are required to be applied to gain complete
GDPR compliance.
According to the views given by Aditya Vats (2017), it is necessary to understand key
players involved in GDPR before analyzing related issues. However, it consists of Data Subjects
can be considered as people whose personal data is being stored but healthcare organizations in
respect of operational purposes. Meanwhile, it involves Personal Information that considered
any identification data of data subjects including name, location, identification no., I.P address or
via information related to physiological, physical, genetic, mental, social, cultural and economic
identification of an individual. In addition to this, Controller can be considered as an entity
including public authority, agency, individual, company or any other body alone or jointly. It
will facilitate to determine actual reason and means of processing personal data of data subjects.
Moreover, the Processor can be considered as an organization, personal or public authority

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

which are responsible for processing personal information on behalf of the controller.
Furthermore, there is a number of GDPR issue which is described below.
Most stuff is changing, however not the entire thing – This consist the act that GDPR
is responsible for making a number of changes in Data protection law of European Union which
are necessary for securing overall information of healthcare organizations. As mentioned by
Jesper Zerlang (2019), it is observed that there is not an entire departure from existing principles
and only make various modifications in past regulations.
A DPO should be designated – This involves the fact that it is required for Royal
London Hospital to appoint Data Protection Officer (DPO) in context of monitoring data subjects
or method sensitive personal knowledge on an outsized scale.
Many new requirements – This consist that overall organizations are required to boost
up their accountability of an individual in the context of processing personal information. As
mentioned by Shu and Jahankhani (2017), it includes the imposing responsibilities and required
to demonstrate compliance therewith at all times. However, one more new thing is improved
rights of data subject like the right to data portability and the right to be forgotten which impacts
on internal procedures of Royal London Hospital.
The introduction of mandatory Privacy Impact assessment (PIAs) – This consists of
the compulsory criteria of GDPR that it makes mandatory to carrying out PIAs for the controller
of data when risks of privacy are high. It includes that Royal London Hospital should conduct
privacy risk assessments before beginning projects involving personal data and work with DPO
to ensure they are in compliance as projects progress.
Rights of Data Subjects – The GDPR take steps for reinforcing few of the rights of data
subjects i.e. right to object and some of the fresh rights are developed including the right to
information portability. It has been analyzed that these rights might build it more durable for
organizations like Royal London Hospital to lawfully process personal data.
Geographic application – The GDPR regulations can be implemented on Non-EU
organizations of they render goods or facilities to EU residents and monitor behaviors of EU
residents (Bates And et. al., 2018). Moreover, the companies which do not seem to be subject to
existing EU data protection law are subject to the GDPR particularly online businesses.
Notifying a data breach within 72 hours – As per the regulation of GDPR, it is
necessary for businesses including Royal London Hospital to report information breaches to

related DPA within seventy-two hours of detection. Chen and Benusa (2017), states that it is
needed for some of the companies to have radical changes to internal detailing as well as
investigating structures.
Fines – This consist of the penalty structure of GDPR for organizations who failed to
mistakes is a tiered one. Basically, it includes fines and penalties for Royal London Hospital of
they failed to fulfill the overall criterion of GDPR regarding data protection.
Consent – The consent becomes more difficult for institutions to gain and place
confidence in. As per views are given by Jane Dixon and Carol Richards (2018), it has been
analyzed that consent is not considered to be valid when there is a clear imbalance is observed
between controller and data subject as per GDPR criterion.
Compliance obligations for controllers to be increased – The GDPR provide
regulations that are responsible for imposing fresh and hyperbolic compliance obligations on
controllers. For example, it includes keeping records of process activities, privacy on reasons &
by default, applying acceptable policies and so on.
Direct compliance obligations for processor – This can be described as direct legal
compliance obligations contains by processors under the GDPR. It is studied that DPAs will take
social control action against processors and DPAs are capable to take enforcement control,
actions against processors.
2.2 Analyse the concern of health records databases in healthcare organizations
The health records database plays an important role in hospitals as it will facilitate to
improve the accuracy of decision making of treatment procedure for an individual. According to
the opinion of Alexandra Pacurariu (2019), it is necessary for every health care organization to
record all the information related to patients and store it in a proper way because it can be helpful
in future. However, it is required for Royal London Hospital to analyze more effective as well as
efficient health records system in respect of to store and manage patient information in a safe
manner. In addition to this, if the patient is not in conscious states their previous health records
provide support to care professionals to provide immediate and appropriate medication to them
there making them well being.
As per views of Zeadally, Isaac, and Baig (2016), proper storage of health records is
supportive to enhance complete documentation, legible and streamlined coding, accurate and
billing. Furthermore, it helps to increase privacy, security, productivity and work-life balance

along with reducing overall costs of operational activities in Royal London Hospital. At last but
not least, it is responsible for enabling providers for improving efficiency and complete the
desired goals of the business. There are several concerns of health records databases in
healthcare organizations which are described here.
Assess the health of the public – This can be described as an important concern of
health records databases in the context of healthcare organizations because it will facilitate to
analyze overall public health. It consists the fact that these information records provide support
to care practitioners to determine about spread infection and disease in the entire communities
which encourage them to take effective steps to overcome with the same to make sure proper
health condition of citizens of the nation (Pandey and Subbiah, 2016). However, it is essential to
make an appropriate health records system in Royal London Hospital to analyze overall public
health and take actions to aware people about precautions to remain well being.
Assess patterns of illness and injuries – The records are a piece of previous and present
information about different patients having differentiated health problem is helpful to analyze the
patterns of occurring disease in citizens. According to the opinion given by Jain, Gyanchandani,
and Khare (2017), it includes determining the inflections and causes of the various disease
occurring in individuals which helps to evaluate the spread situation of a particular disease.
However, this data is supportive to care professionals of Royal London Hospital to conduct
health promotion program to improve the knowledge level of people for maintaining their proper
health. Moreover, it is also facilitated to identify the need to introduce a new vaccine or another
healthcare program for reducing spreading of specific infectious disease among communities.
Improve the quality of care in hospitals – The effective maintenance of patient
information facilitates to care practitioners to make an accurate decision for providing proper
medications. It is also helpful to save the time of professionals and reduce the workload of them
which facilitate to increase their concentration which results in better patient outcomes through
giving appropriate treatment to them. However, it is an important concern in terms of improving
quality of clinical practices and other medical services which facilitate to increase overall
outcomes that gain customer's trust for Royal London Hospital respectively.
Enhance privacy and security of patient data – This can be described as to record,
store, manage and process data related to patients with the help of setting effective health records
system in Royal London Hospital. As mentioned by Drew Cardon (2019), it will provide

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

support to enhance privacy and security of information related to sick individuals which are an
important aspect to secure it from misuse. Moreover, proper safety of patients data is significant
because small negligence of hospital administration may create a critical situation of a particular
patient.
Increase efficiency of organizations – The maintenance of health records is helpful to
reduce the workload of staff members and make the overall organization efficient to improve
patient outcomes respectively. As mentioned by Xiao Yue (2018), it makes care practitioners
capable to gather information about particular patient very quickly to address the specific issue
immediately for making them healthy.
2.3 The ways of reducing GDPR issue in order to improve the security of health records
databases
The GDPR is an effective regulation which has been established to improve the safety of
data records in a healthcare organization. It can be considered as an important aspect to put
efforts for boosting up the security of patient health records databases in London Royal Hospital.
As mentioned by Andrea Raeli (2018), there are different ways through which GDPR issues can
be reduced for increasing security of health records databases that are explained below.
Understand the responsibilities – This consists of the criterion to understand own
responsibilities under GDPR in an accurate way other it is not possible to prepare appropriate
policies, procedures, and safeguards. Initially, it is necessary to put efforts for avoiding breaches
is to analyze factors contributing to breach and self role in respect to protect information. In
addition to this, it has been evaluated that the General Data Protection Regulation defines
responsibilities of a London Royal Hospital as well as penalties in regards to breaches.
Understand data estate – The organizations are necessarily analyzing their obligations
and evaluate the present level of GDPR compliance. According to the opinion of Nora Hiivala
(2018), it involves determining several aspects in respect of avoiding breaches which are given
her. Initially, it includes overall personal data which has been stored by the London Royal
Hospital for some purposes. In addition to this, it consists of the place wherever all the
personally identifiable information is stored in an organization.
Implement or update data protection policies and procedures – This can be
considered as to make appropriate changes in present policies and regulations of organizations.
However, it will provide support to update them along with developing new effective strategies

for improving maintenance of data records. In addition to this, it includes the criteria to modify
procedures to governs effective ways for collecting, storing, processing and eventually deleting
desired information in Royal London Hospital.
Provide training to employees – The organizations are required to make employees
aware and understand their responsibilities under GDPR to ensure the security of data records.
Initially, it is necessary for staff members to make sure that overall processing of personal data
should be carried out as per rules & regulations of data protection with the help of following
them in an appropriate way. In the context of Royal London Hospital, it is required to carrying
out more effective as well as efficient training programs to help employees understand their
duties and responsibilities to address GDPR issues. According to the opinion given by John
Morrell (2019), GDPR breaches can be avoided by making staff more skilled to detect and
prevent relevant problems. It is observed that the learning procedures go beyond IT & legal
terms so that every employee can handle personal information through their effective skills in a
compliant way.
Review frequently – This consist of the arising issue of cyber attack and the security
provision & policies of an organization is required to keep pace with each development. As
mentioned by Armir Bujari (2018), it is necessary for all business organizations to conduct
regular reviewing of their systems in order to make sure that they remain compliant and
deploying new security measures should become available. However, it has been analyzed that
security standards can be considered as an ongoing process as Royal London Hospital should
update policies regularly to improve the safety standards of data records.
Increase Discovery on customer data assets – This is necessary to make an appropriate
& fresh round of information discovery of client data assets as per all new regulations of GDPR.
It is critical to determine specific exist assets and the features of the same in which few of
aspects which are required to understand and these are given here. Firstly, it is necessary to know
about the source of particular data by tracing information to its source along with various resting
spots (Mittelstadt and Floridi, 2016). Secondly, the way of using specific information as a way of
transforming assets and processing is also required to be analyzed. Thirdly, it is essential to
determine whether consent was asked, given or even revoked for both the data and downstream
utilisations.

Operationalize compliance – The analytics is required to be focussed in respect of new
regulations to make updating through considering fresh policies via implement certain changes to
sort out GDPR issues. As per the views of Luke Irwin (2019), it includes to evaluate analytic
models and make few modifications to facilitate improvements in filtering personal data.
Moreover, the creation of data retention policies that look for information where removal
requests have been making and erase the data in Royal London Hospital to avoid GDPR issues.
Increase security and governance – This involves the evaluation level of security of
governance of assets and analytics of customers where they are utilized for ensuring protection.
It consists to focus on applying encryption and masking to customer data in order to make sure
its privacy with the help of analytic cycle (Essén and et. al., 2018). Moreover, it is necessary for
Royal London to implement appropriate security policies for the different formations of
information. It will facilitate to flow it through the analytic cycle.
Monitor for compliance – The monitoring for GDPR compliance can become a complex
situation very quickly through involving a variety of rules. As mentioned by Anna Romanou
(2019), it is significant to make sure completion including an end to end lineage for each of
analytic procedures which utilize personal data in an organization. In the context of Royal
London Hospital, it is important to place automated regulations in order to control the way of
managing personal information, retained and ensure that such rules examine consent as well as
measure options for reducing GDPR issues respectively.
Prove compliance – This involves to set up connections from an organizational analytic
platform for exporting data to cataloguing or IT control systems. Basically, it involves full
lineage, information on data sources, metadata on analytic models, logs of job execution and logs
of security policies. Meanwhile, this will render a complete audit trail of information to generate
an easy, extensive GDPR compliance reporting process.
2.4 The effectiveness of different health records systems to maintain the security of health
records
The health records system plays an important role in the health care organization in terms
of managing patients' information and securing the same. It is necessary for every hospital to
maintain records of people and keep them safe in a proper way. However, electronic health
records (EHR) can be described as a digital version of prepare chart of patients. The electronic
health records consist different types of information such as contact data, details about visits of

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

healthcare professionals, allergies, insurance description, family history, immunization status,
data about any conditions or diseases, list of medications, records of hospitalization and details
about any surgeries or procedures performed. In the context of Royal London Hospital, they can
utilize electronic health records in order to record, store and process patients information
inappropriate way. As per view is given by Kristen Lee (2019), it has been analyzed that there
are various benefits which can be attained through applying electronic health records system in
hospitals as it improves the accuracy of information which facilitate to gain better outcomes for
patients treatment respectively.
Sara Ahmed (2019) states that EHR is responsible for giving a connection of records to
different sources of present and related investigation. In addition to this, it will facilitate easier
standardization of facilities, as well as patients, care through adopting electronic health records.
Moreover, it has the capability of aggregating information related to sick people for population
health management and quality of care programs. Meanwhile, EHR can be considered as much
favorable as it facilitates the provision of decision support systems for medical professionals.
Furthermore, it will facilitate less redundancy of effort and potential long term lower costs to
medical systems. It has been analyzed that different electronic records systems can be adopted by
Royal London Hospital because they are much effective to boost up the accuracy of information
and quality of services.
Improve accuracy – The electronic health records provide to support to maintain the
accuracy of-of information which plays an important role to make a decision about treatment of
an individual. It is helpful to share accurate information from one department to another or from
one hospital to another care home when patient get referred there for further treatment.
Increase the quality of services – The quality improvement programs are very important
in health care organizations in order to increase patient outcomes. As per opinion provided by
Zohreh Goli-Malekabadi, Morteza Sargolzaei-Javan and Mohammad Kazem Akbari (2019), it
consists to utilize different approaches in respect to improving quality of different medical
services which facilitate make an individual very soon. Meanwhile, it is necessary for care
professionals to communicate diagnosing details along with current medications and response of
the patient to the specific drug so that further treatment plan can establish an appropriate manner.
Maintenance of records – This can be described as procedures and strategies followed
by staff members in respect of maintaining health records. It is necessary for hospitals to

maintain their patient's information secure with the help of effective policies. Meanwhile, it can
be considered as an important aspect for care professionals because this information is useful for
many future purposes. Anam Sajid and Haider Abbas (2018), the previous health information
about a particular patient are helpful to fulfill several legal requirements and support
professionals to make the immediate decision of medication when a person is in an unconscious
state.
Reduce the burden of work – The workload of nursing staff and other care
professionals is not easy to deal with because they have to handle different patients with
differentiated diseases. It includes the fact that maintaining records is also a duty of staff which
create the burden of work on them due to which they will not able to concentrate on their
performance (Elmes, 2016). In the context of Royal London Hospital, they can implement
appropriate electronic health record system to records, manage and process the overall
information related people properly.
2.5 The measures can healthcare organisations take for improving safety of health records
The health records are very important in healthcare organisations because they are helpful
in completing many of future purposes. It is necessary for health institutions to maintain accurate
privacy and safety of patients information as misuse of such data can be really dangerous for an
individual. As per view of T. Renton and S. Master (2019), it has been analysed that certain
diseases generate again in life time of an individual then their previous medical informations is
very essential for care practitioners to make accurate decision regarding treatment. Moreover,
health records can be easily transferred to one organisations to another by using technology as
they will help clinicians of other hospital to continue further treatment of patient for their
welfare. In context of Royal London hospital, they are required to take more effective as well as
efficient measure in order to improve safety of health records.
At the other hand, in present scenario of digitalisation every health care organisation
prefer to utilise electronic health records which has a risks of cyber attack and theft of data. It is
necessary for organisations to follow overall legal guidelines and frame works in order to secure
their data records properly. Meanwhile, there are several data security standards which should be
obeyed by medical practitioners in terms of ensuring safety of patient information. Initially, it is
a duty of staff members to make sure the personal confidential data should be handled, stored
and transmitted securely whether in electronic or paper format. Secondly, it is significant that all

the employees should understand their responsibilities under National Data Guardian's Data
Security Standards which consist their obligation in terms of handling information duty along
with their own accountability for deliberative or avoidable breaches. According to opinion given
by Judith Sligo (2019), it is important for Royal London Hospital to conduct effective training
sessions and ensure that all the staff should complete appropriate annual data safety training and
pass a mandatory examinations respectively.
Considering above discussion, it has been evaluated that Royal London Hospitals is
required take certain measures in order to protect health records properly. It involves several
effective ways which helps in improving healthcare data security and protect all sensitive
information in the database. Some of efficient measures are described here. Initially, Be aware
of everything included in network includes that administration of hospital should remain aware
of continue advancement in digital for determining an actual inventory of all the devices on their
network which helps monitor activities happened on the same. Madalina Toma (2018) states that
it will provide support to make decision to make further improvements for increasing security of
health records. Secondly, Strengthen patch management and update the software refers to
apply strong patching with latest software in respect of preventing firewall breaches from cyber
attackers. Thirdly, Be strict in terms of privileged access indicates to Royal London Hospital to
establish strict policies and rules in terms of providing access of patients data to even their
employees for required clinical procedure. Meanwhile, Train the team to report breaches
consist to organise more effective learning programs for employees so that they determine cyber
breaches and report immediately about malware & phishing to take accurate actions to prevent it.
In addition to this, it involves Work with reliable partner refers to evaluate background &
other information before establishing partnership with any body. Moreover, Data Protection
Act consist to follow regulations under this act to maintain security of health records in hospital.
At the other hand, Breaches prevention consist encryption, pseudonomisation,
minimisation, malware protection, improve overall cyber security and strict policies as well as
procedures. Meanwhile, detection of breaches involves logging & monitoring including an
average detection time of 146 days and policies & procedures (Price and Cohen, 2019).
Moreover, the response to breach can consist security incident process and business continuity
capabilities for improve safety of health records.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

CHAPTER 3: RESEARCH METHODOLOGY
The research methodology refers to a procedure which is utilised to collect information
for the purpose of conducting appropriate research. It can be considered as an effective
systematic plan for carrying out an appropriate study on specific topic. However, it is known as
key factor of carrying out overall study because it will render support to investigator by giving
correct direction for executing desired activities in rightful manner (Kumar, 2019).
3.1 Types of Investigation
The investigation can be categorized into two categories such as qualitative and
quantitative in which more favorable option is required to be selected by the researcher in respect
of attaining better results. Initially, qualitative research can be described as an effective method
inquiry which is responsible for generating understanding on human and social sciences in order
to find out the ways of how people think and feel regarding different aspects. It can be
considered as a single technique which renders insights and understands problem settings
accordingly (Bresler and Stake, 2017).
At the other hand, quantitative research can be explained as that investigation which
relies on methods of natural sciences that are responsible for producing numerical data as well as
hard facts. It has a goal to establish the reason and effective relationship among two variables by
utilizing mathematical, computational and statistical methods. Moreover, it has been analyzed
that when an investigator prefers to consider quantitative research then they can utilize relevant
graphical representations and tables of raw data. This information can be constructed with the
support of conducting quantitative method which is responsible for making study easier in terms
of analyzing the appropriate outcomes (Ledford and Gast, 2018). The present investigation will
go to focus qualitative research for conducting a study on for analyzing the security and GDPR
issues and concerns in healthcare organizations regarding the case of health records databases to
gain appropriate results. qualitative research method can be known as an efficient approach
which is utilized to gather an in-depth understanding of human experience, behaviour, intentions,
attitudes, and motivations that is based on interpretation as well as observation. It will facilitate
to find out the different ways through people think and feel about the aspects.

3.2 Research philosophy
The research philosophy can be considered as a belief that is all about the way in which
data about the phenomenon that should be generated analyzed and used. It can be divided into
two parts including interpretivism and positivism in which most suitable one is required to
selected by an investigator in order to conduct proper research to gain better outcomes.
However, positivism can be explained as a philosophical theory having certain positive
information which is based on natural phenomenon and their properties as well as relations.
Meanwhile, it includes that positivism plays an important role as it holds valid knowledge that is
found only in this a posteriori information (Humphries, 2017). In addition to this, it involves
verified data including positive facts received from senses are called empirical evidence which
interprets that positivism is based on empiricism. Meanwhile, it includes those investigation
objectives contains inherent qualities that have an independent existence of the investigator.
In contrary to this, interpretivism proposes which is known as the social realm is not
possible to be studied with a scientific method of investigation implemented to the natural world.
According to views of interpretivism philosophy, it has been analyzed that it is necessary for
social science investigator to become aware of ideas, concepts, and languages of research they
shape investigator's own perceptions of the social world under study in the context of
philosophic perspective (Wiek and Lang, 2016). The given study will utilize interpretivism as it
is helpful to gather appropriate data for analyzing the security and GDPR issues and concerns in
healthcare organizations regarding the case of health records databases for attaining accurate
findings. This involves that researcher & reality is not separate and information of the world can
be constituted intentionally by life experiences of an individual. It is very much effective
research philosophy in order to conduct investigation on selected topic for gaining accurate
results properly. Moreover, investigator should make correct decision for using desired method
which impacts on accuracy of findings respectively.
3.3 Research design
The research design can be defined as an appropriate framework of procedures and
methods that has been selected by a researcher in respect of combining various components in
reasonably logical manner. However, the research design can be classified into three sections
such as descriptive, exploratory and experimental from which more favourable one option is
required to be selected by investigator for conducting study in appropriate manner. Initially,

descriptive research design is generally used to described the subject, situation, behaviour an
phenomenon in order to gather overall information related to particular problem. It is also utilise
in context of observing and describing an investigation subject or problem without influencing or
manipulating the variables in any way (Rosskam, 2018).
Secondly, exploratory research design can be explained as an effective method which
can be utilised in terns of studying specific problem. It is helpful to gain better understanding of
current problem but it will facilitate to attain conclusive outcomes. At the other hand,
experimental research design can be described as an appropriate method which is used to
establish an effective relationship among cause and effect of particular situation. Meanwhile, it
can be considered as a kind of causal research design where an effect of an independent variable
on the dependent variable like price is dependent variable and customer satisfaction or brand
loyalty is required to be monitored (King and Mackey, 2016). The given investigation will going
to use descriptive research design to gain proper description of security and GDPR issues and
concerns in healthcare organizations regarding case of health records databases for attaining
appropriate outcomes. However, it can be considered as theory based research design that is
generated with the help of gathering, analysing and presents information. It consist to apply in
depth investigation design because it is helpful to researcher for providing insights into about
why and how of the study. It is much effective research design which are used by researchers in
order to conduct study on security and GDPR issues and concerns in healthcare organizations to
achieve desired findings.
3.4 Research approach
The research approach can be defined as a plan of process that contains number of steps
which are required to be followed in correct way to carrying out more effective investigation of
specific topic. However, the research approach can be classified into two parts such as inductive
and deductive in which one of more appropriate option is required to be selected by investigator.
Meanwhile, the deductive research approach consist the criterion of formulation of a set of
hypothesis for specific study which is required to be confirmed or rejected during the research
process (Hickson, 2016).
At the other hand, inductive research approach can be described as an effective method
which does not involves formulation of hypothesis. This techniques begins from research
questions, aims and objectives which are needed to be achieved at the time of conducting overall

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

investigation procedures respectively. The present study will going to utilise inductive research
approach because it provide support to gain appropriate information about specific area to be
analysed. It is also helpful to understand about security and GDPR issues and concerns in
healthcare organizations regarding case of health records database which facilitate to attain better
outputs respectively. In addition to this, inductive research approach contains an efficient process
which starts by observation or conduct test to understand specific pattern that helps an
investigator to propose a theory. Moreover, it is very important for investigator analysed the
research approach method in respect of selecting the appropriate one option for specific topic or
a problem. It is also helpful to understand about security and GDPR issues and concerns in
healthcare organizations regarding case of health records database which facilitate to attain better
outputs respectively.
3.5 Data collection Method
The data collection method plays an important role in terms of gathering appropriate data
for particular topic in order to understand actual related aspects thoroughly. However, it is
necessary to select more accurate method of data collection which suitable according yo
particular topic of study and put efforts to collect appropriate relevant data properly (Davies and
Francis, 2018). In addition to this, primary data collection method consist the criterion of
gathering first hand data which has not used by anyone previously. It consist number of
resources such as questionnaire, observation, face to face interviews, telephonic interviews,
surveys, experiments and so on.
In contrary to this, secondary data collection method involves that information which
has been already analysed and studied by other researcher's previously. It contains number of
secondary sources of data such as books, journals, articles, websites, government publications,
internal records and many more. Meanwhile, it consist data in bulk that can be collected from
different articles or websites which is required to be analysed and separate required information
from the same for conducting further investigation (Denzin, 2017). The present study will focus
on utilisation of secondary data sources in resect of collecting related information about
security and GDPR issues and concerns in healthcare organizations regarding case of health
records databases to gain accurate findings. However, secondary is known as second hand or past
data which can be gained quickly & easily and this method take short period of time by spending
limited amount of funds. The present study will focus on utilisation of secondary data sources in

resect of collecting related information about security and GDPR issues and concerns in
healthcare organizations regarding case of health records databases to gain accurate findings.
3.6 Data analysis
Data analysis refers to procedure of inspecting, cleansing, transforming and modelling
information with goal of making desired conclusions. Firstly, data requirements specification
consist that required information to conduct analysis is based on particular research question or
an experiment. Secondly, the data collection is known as procedure of gaining data on targets
variables determined as data requirements as it gives baseline for measuring and target for
improvements (Tight, 2016). Thirdly, data processing consist the criteria of structuring the
information in to conduct proper analysis for using related tools.
The data analysis can be divided into twos sections such as thematic and regression from
which more appropriate one should be preferred to be used for conducting proper analysis of
related information. Meanwhile, the regression method of analysis is responsible for allowing
modelling relationships among one or more independent variables and a dependent variable
(Chodorow, 2018). In contrary to this, thematic analysis can be consider as a kind of data
analysis which is very popular among investigators. The present investigation will prefer to
utilise thematic data analysis to given correct interpretation about security and GDPR issues
and concerns in healthcare organizations regarding case of health records databases to achieve
desired results. It is a very easy method to use as the researcher should make themes and render
interpretation of the basis of the same which facilitate to gain appropriate findings respectively.
3.7 Sampling
The sampling can be explained as a statistical process which is concerned with the
selection of an individual observation. It is helpful for researcher to establish appropriate
statistical inferences regarding the population. Initially, random sampling consist no pattern of
sampling and every individuals observation has an equal probability to be selected for specific
sample. However, it includes several types including simple, equal, stratified and cluster random
sampling (Clandinin, Cave and Berendonk, 2017).
At the other hand, non random sampling is a technique which is widely used qualitative
study because random sampling is too costly in context of qualitative investigation. It can be
categorised in several categorise such as availability, quota and expert sampling which are
defined here (Colorafi and Evans, 2016). The given research will focus on random sampling for

selecting appropriate sample with correct respondents in order conduct analysis of security and
GDPR issues and concerns in healthcare organizations regarding case of health records databases
to gain accurate findings. The size of sample for present investigation is 50 individuals in order
to gain desired information about selected topic to achieve better outcomes respectively. Random
sampling provides an opportunity for performing data analysis that consist less risk of carrying
an error and there is an equal chance of selection which is favourable for this study. Moreover, it
needs limited information for completing investigation and it is the simplest form of data
collection that helps to gain desired results.
3.8 Ethical Considerations
The ethical consideration plays an important role in performance of an investigator as it
facilitate to conduct overall study in correct direction. It includes the criteria of following
required ethical and legal guidelines at the time of carrying out study about specific topic in
respect of gaining better results. Basically, it consist few of major ethical norms such as
informed consent, beneficence i.e. do not harm, respect for anonymity & confidentiality, respect
for privacy and maintain dignity (Kao and et. al., 2016). Meanwhile, it is necessary for
researcher to put sufficient amount of funds and take proper duration of time in order to gain
more accurate finding which are reliable and trustworthy. The present investigation will consider
overall ethical norms and principles in order to conduct this investigation properly. It is
necessary to make about an adequate level of confidentially about information of investigation
and anonymity of respondents is required to be ensured. However, it is very important for
researcher to avoid nay type of deception or exaggeration regarding aims and objectives.
Moreover, it is essential for investigator to conduct nay type of conversation with complete
honesty and transparency. In addition to this, it is mandatory to ignore any kind of biased way to
represent primary data findings and misleading of information.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

CHAPTER 4: DATA ANALYSIS
The data analysis can be explained as a process of gathering, transforming, cleaning and
modelling data through an objective of discovering the need information. It consist the procedure
of systematically implementing statistical and logical techniques in order to describe & illustrate,
recap & condense and conducting evaluation of information properly. Meanwhile, it includes
number of phases such as data requirements specification, data collection, data processing, data
cleaning, data analysis and communication. The present report will focus on questionnaire to be
used as a method for conduct data analysis with the help of implementing thematic analysis for
gaining accurate results of investigation.
4.1 Questionnaire
Questionnaire
Name:
Age:
Gender:
Contact No.:
Q1. Do you have knowledge about concept of GDPR? Yes No
Q2. What is the significance of maintaining health records? Monitor patient condition Analyse pattern of disease Fulfil legal needs
Q3. What are the benefits of maintaining patient health records for staff members? Reduce work load Improve accuracy of decision making Quick access to specific data
Q4. DO you know about principles of GDPR? Lawfulness, fairness & transparency Purpose limitation & accuracy Integrity & confidentiality

 Accountability & data minimisation
Q5. What is the concern of health records databases according to you in healthcare
organisations? Assess the health of public Assess pattern in illness Improve quality of care Enhance privacy & security of patient data
Q6. How can the issues related to GDPR can be reduced in hospitals? Understand responsibilities among employees Understand data estate Updation of data protection policies Provide regular training to staff
Q7. How can the security of health records can be improve as per your opinion? Follow legislations Operationalize compliance Increase security & governance
Q8. Is the electronic health records are much effective to ensure safety of relevant
information? Improve accuracy Improve quality of medical facilities Facilitate immediate and accurate decision making Reduce work load of staff
Q9. What measures can be applied in Royal London Hospital to increase security of health
records? Remain aware of every aspect on network Updation of software Strict policies of privileged access Work with reliable partner
Q10. Is GDPR is much effective and beneficial for Royal London hospital? Agree Disagree

Q11. What kind of privacy data can be protected by GDPR in your views? Health & genetic data Biometric data Web data Sexual orientation
Q12. Is electronic health record system is efficient to secure health records in Royal London
Hospital? Yes No
Q13. What are the benefits achieved by implementing electronic health records in Royal
London Hospital? Reduce drug errors Improve data accuracy Decrease duplication of tests Reduce delayed treatments
Q14. What are the advancements of electronic health records (EHRs) are observed by you? Cloud based EHRs Improved patient portals Growth in Telehealth Mobile friendly EHRs
Q15. What are the abilities consist by electronic health records? Automatically share & update data Efficient storage & retrieval Aggregate patient data Easy standardization of services & patient services
Q16. Any suggestions for future research?
Q1. Do you have knowledge about concept of GDPR? Frequency
 Yes 38

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

 No 12
Q2. What is the significance of maintaining health records? Frequency
 Monitor patient condition 15
 Analyse pattern of disease 25
 Fulfil legal needs 10
Q3. What are the benefits of maintaining patient health records for staff
members?
Frequency
 Reduce work load 20
 Improve accuracy of decision making 15
 Quick access to specific data 15
Q15. What are the abilities consist by electronic health records? Frequency
 Lawfulness, fairness & transparency 8
 Purpose limitation & accuracy 15
 Integrity & confidentiality 22
 Accountability & data minimisation 5
Q5. What is the concern of health records databases according to you in
healthcare organisations?
Frequency
 Assess the health of public 10
 Assess pattern in illness 18
 Improve quality of care 12
 Enhance privacy & security of patient data 10
Q6. How can the issues related to GDPR can be reduced in hospitals? Frequency
 Understand responsibilities among employees 12
 Understand data estate 15
 Updation of data protection policies 10

 Provide regular training to staff 13
Q7. How can the security of health records can be improve as per your
opinion?
Frequency
 Follow legislations 25
 Operationalize compliance 15
 Increase security & governance 10
Q8. Is the electronic health records are much effective to ensure safety of
relevant information?
Frequency
 Improve accuracy 20
 Improve quality of medical facilities 10
 Facilitate immediate and accurate decision making 15
 Reduce work load of staff 15
Q9. What measures can be applied in Royal London Hospital to increase
security of health records?
Frequency
 Remain aware of every aspect on network 10
 Updation of software 15
 Strict policies of privileged access 20
 Work with reliable partner 5
Q10. Is GDPR is much effective and beneficial for Royal London hospital? Frequency
 Agree 35
 Disagree 15
Q11. What kind of privacy data can be protected by GDPR in your views? Frequency
 Health & genetic data 10
 Biometric data 15
 Web data 17

 Sexual orientation 8
Q12. Is electronic health record system is efficient to secure health records
in Royal London Hospital?
Frequency
 Yes 43
 No 7
Q13. What are the benefits achieved by implementing electronic health
records in Royal London Hospital?
Frequency
 Reduce drug errors 8
 Improve data accuracy 9
 Decrease duplication of tests 13
 Reduce delayed treatments 20
Q14. What are the advancements of electronic health records (EHRs) are
observed by you?
Frequency
 Cloud based EHRs 12
 Improved patient portals 17
 Growth in Telehealth 10
 Mobile friendly EHRs 11
Q15. What are the abilities consist by electronic health records? Frequency
 Automatically share & update data 20
 Efficient storage & retrieval 7
 Aggregate patient data 13
 Easy standardization of services & patient services 10

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

4.2 Findings
Theme 1: The knowledge about concept of GDPR.
Q1. Do you have knowledge about concept of GDPR? Frequency
 Yes 38
 No 12
38
12
Yes
No

Theme 2: The significance of maintaining health records.
Q2. What is the significance of maintaining health records? Frequency
 Monitor patient condition 15
 Analyse pattern of disease 25
 Fulfil legal needs 10
15
25
10
Monitor patient
condition
Analyse pattern of
disease
Fulfil legal needs

Theme 3: The benefits of maintaining patient health records for staff members.
Q3. What are the benefits of maintaining patient health records for staff
members?
Frequency
 Reduce work load 20
 Improve accuracy of decision making 15
 Quick access to specific data 15
20
15
15 Reduce work load
Improve accuracy of
decision making
Quick access to
specific data

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

Theme 4: The principles of GDPR.
Q4. Do you know about principles of GDPR? Frequency
 Lawfulness, fairness & transparency 8
 Purpose limitation & accuracy 15
 Integrity & confidentiality 22
 Accountability & data minimisation 5
8
15 22
5 Lawfulness, fairness &
transparency
Purpose limitation &
accuracy
Integrity &
confidentiality
Accountability & data
minimisation

Theme 5: The concern of health records databases in healthcare organisations.
Q5. What is the concern of health records databases according to you in
healthcare organisations?
Frequency
 Assess the health of public 10
 Assess pattern in illness 18
 Improve quality of care 12
 Enhance privacy & security of patient data 10
10
18
12
10 Assess the health of
public
Assess pattern in
illness
Improve quality of care
Enhance privacy &
security of patient data

Theme 6: The issues related to GDPR can be reduced in hospitals.
Q6. How can the issues related to GDPR can be reduced in hospitals? Frequency
 Understand responsibilities among employees 12
 Understand data estate 15
 Updation of data protection policies 10
 Provide regular training to staff 13
12
15 10
13 Understand
responsibilities among
employees
Understand data estate
Updation of data
protection policies
Provide regular training
to staff

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Theme 7: The improvement in security of health records.
Q7. How can the security of health records can be improve as per your
opinion?
Frequency
 Follow legislations 25
 Operationalize compliance 15
 Increase security & governance 10
25
15
10
Follow legislations
Operationalize
compliance
Increase security &
governance

Theme 8: The effectiveness of electronic health records to ensure safety of relevant
information.
Q8. Is the electronic health records are much effective to ensure safety of
relevant information?
Frequency
 Improve accuracy 20
 Improve quality of medical facilities 10
 Facilitate immediate and accurate decision making 15
 Reduce work load of staff 15
20
10 15
15 Improve accuracy
Improve quality of
medical facilities
Facilitate immediate
and accurate decision
making
Reduce work load of
staff

Theme 9: The measures for increasing security of health records in Royal London Hospital.
Q9. What measures can be applied in Royal London Hospital to increase
security of health records?
Frequency
 Remain aware of every aspect on network 10
 Updation of software 15
 Strict policies of privileged access 20
 Work with reliable partner 5
10
15
20
5 Remain aware of every
aspect on network
Updation of software
Strict policies of
privileged access
Work with reliable
partner

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

Theme 10: The effectiveness of benefits of GDPR for Royal London Hospital.
Q10. Is GDPR is much effective and beneficial for Royal London hospital? Frequency
 Agree 35
 Disagree 15
35
15
Agree
Disagree

Theme 11: The Protection of privacy data through GDPR.
Q11. What kind of privacy data can be protected by GDPR in your views? Frequency
 Health & genetic data 10
 Biometric data 15
 Web data 17
 Sexual orientation 8
10
15 17
8
Health & genetic data
Biometric data
Web data
Sexual orientation

Theme 12: The efficiency of electronic health record system to secure health records in Royal
London Hospital.
Q12. Is electronic health record system is efficient to secure health records
in Royal London Hospital?
Frequency
 Yes 43
 No 7
43
7
Yes
No

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Theme 13: The benefits achieved by implementing electronic health records in Royal London
Hospital.
Q13. What are the benefits achieved by implementing electronic health
records in Royal London Hospital?
Frequency
 Reduce drug errors 8
 Improve data accuracy 9
 Decrease duplication of tests 13
 Reduce delayed treatments 20
8
9
13
20 Reduce drug errors
Improve data accuracy
Decrease duplication of
tests
Reduce delayed
treatments

Theme 14: The advancements of electronic health records (EHRs).
Q14. What are the advancements of electronic health records (EHRs) are
observed by you?
Frequency
 Cloud based EHRs 12
 Improved patient portals 17
 Growth in Telehealth 10
 Mobile friendly EHRs 11
12
17
10
11
Cloud based EHRs
Improved patient
portals
Growth in Telehealth
Mobile friendly EHRs

Theme 15: The abilities that contains by electronic health records.
Q15. What are the abilities consist by electronic health records? Frequency
 Automatically share & update data 20
 Efficient storage & retrieval 7
 Aggregate patient data 13
 Easy standardization of services & patient services 10
20
7
13
10 Automatically share &
update data
Efficient storage &
retrieval
Aggregate patient data
Easy standardization of
services & patient
services

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

4.3 Analysis
Theme 1: The knowledge about concept of GDPR.
Interpretation – The GDPR stands for general data protection regulation having several
principles such as lawfulness, fairness & transparency, purpose limitation, data minimisation,
accuracy, storage limitation, integrity & confidentiality and accountability. It is essential for
every healthcare organisation to consider overall these principles in order to boost up safety of
health records in proper manner. Basically, General Data Protection Regulation provide support
to hospitals in terms of securing patients information in more appropriate way. From the above
graphical representation, it has been analysed that 38 respondents provide opinion that are aware
about concept of GDPR as they have heard about the same. Some of these people are using such
regulations at their work place in different organisations while conducting practices of
maintaining security of health records. At the other hand, rest of 12 have no idea regarding
concept of GDPR as they did not heard about this aspects and do not use the same anywhere.
Theme 2: The significance of maintaining health records.
Interpretation – The maintenance of health records can be considered as significant
because it is helpful to make immediate and accurate decision making for an individual when
they are not in conscious state. It is necessary for healthcare organisations to secure patient
information to avoid the misuse of that data by someone else which create extreme complex
problem for an individual. However, it will facilitate to fulfil certain legal requirements and
evaluate medical situation of sick people. From the above pie graph, it has been analysed that 15
respondents said that maintaining health records provide support to care professionals for
monitoring condition of sick people. Meanwhile, 25 go with opinion of evaluating patterns of
illness in people when some of infectious disease spread in whole community to make effective
practices for preventing the same. Moreover, rest of 10 individual give views to fulfil legal needs
by preserving health records by effective practice in hospitals.
Theme 3: The benefits of maintaining patient health records for staff members.
Interpretation – The benefits of healthcare records maintenance which can be achieved
by care professional consist to make more accurate information that helps facilitate appropriate
medical services delivered to sick people. It includes the criteria of recording, managing m
storing and processing of patient information in correct way which can be used for certain future
purposes. The above graphical representation states that 20 participants believe the preservation

of health records are beneficial in terms of reducing work load of care professionals. In addition
to this, 15 individuals provide opinion about boosting up accuracy of decision making for giving
more effective as well as efficient treatment to a person for their well being. On the other hand,
rest of 15 respondents go with benefit of achieving quick access of specific data from a bulk of
information easily. It will facilitate to make immediate decision making and take action in
contingency situations to make an individual feel relieved and comfortable as soon as possible.
Theme 4: The principles of GDPR.
Interpretation – The GDPR can be described as legal framework that sets guidelines in
order to collect and process personal data from individuals. It consist more effective as well as
efficient regulations which provide support to maintain privacy and security of information in
correct way. However, it is essential to consider overall principles of GDPR by care
professionals in order to improve safety of personal information. Meanwhile, 8 participants have
knowledge about principle of lawfulness, fairness and transparency at the time of securing data
in healthcare organisation. In addition to this, 15 individuals said that they have information
about principle of purpose of limitation as well as accuracy of stored data. Moreover, 22
respondents provide opinion they they are aware about principle of integrity and confidentiality
while making health records and maintaining the security of the same. On the other hand, rest of
5 candidates go with principle of accountability and data minimisation as they were aware about
it.
Theme 5: The concern of health records databases in healthcare organisations.
Interpretation – The concerns of health records in hospitals consist to improve
effectiveness of clinical practices which is welfare for patient health. It involves number of
aspects which are related to health records databases stored in hospitals in terms of increasing
accuracy of information which is essential to make appropriate decision making regarding
treatment of an individual. From the above graphical presentation, it has been evaluated that 10
respondents provide views to conduct assessment of public health in order to determine about
kind of illness and cause of the same. In addition to this, 18 individuals said that health records
are favourable to identify pattern of sickness among citizens for reducing the specific health
problem from spreading in whole community. Meanwhile, 12 participants go with opinion of
boosting up quality of care services which are suitable for reducing cases of occurring

complicated situations. Moreover, rest of the 10 candidates render views about enhancement of
privacy and security of patient data.
Theme 6: The issues related to GDPR can be reduced in hospitals.
Interpretation – The GDPR is helpful for healthcare organisations to follow desired
principles and regulations in order to improve privacy and safety of health records. But, it is also
responsible for creating issue which are related GDPR that may develop problems. It is
necessary for management of hospitals to put more effective as well as efficient efforts in terms
of reducing GDPR issues accordingly. The above graphical presentation has been analysed that
12 respondents believe that the staff members are required understand their roles and
responsibilities in terms of maintaining safety of health records as per GDPR regulations.
However, 15 individuals provide opinion about to focus on understanding data estate in respect
of increasing safety of health records. Meanwhile, 10 candidates believe to conduct proper
updation of policies and practices of organisation for protection of data. Moreover, rest of 13
people have an opinion to conduct effective trailing & learning programs for staff members in
order to make them much capable to reduce GDPR issues.
Theme 7: The improvement in security of health records.
Interpretation – The Health records safety is a very important aspect in healthcare
organisation which should be focussed in terms of taking effective actions for maintaining safety
of patients personal information. It consist the criteria of conducting overall clinical practices by
obeying desired legal norms & rules which facilitate to make sure privacy and security of health
records. From the above graph, it has been determined that 25 of participants render their
positive views for using legislations as they directs efforts of employees in correct direction
while ensuring safety of patients' information. In addition of this, 15 individuals have an opinion
of operationalize compliance as they believe to established fresh policies by updating them
through making advanced modifications in them to increase efficiency of operations regarding
safety of health records. At the other hand, rest of 10 candidates said that care homes are
required to increase security and governance which helps to make sure safety of health records.
Theme 8: The effectiveness of electronic health records to ensure safety of relevant
information.
Interpretation – The electronic health records are usually preferred by various health care
organisations in order to store, manage and process the desired information in correct way. It is

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

an effective systems which provide help to make sure props safety of health information and
facilitate easy access to specific data about particular patients easily. From the above
representation, it has been evaluated that 20 individuals render their positive views about making
policies and strategies which helps to boost up accuracy of information. In addition to this, the 10
people have their views regarding improvement of quality of medical facilities and services in
respect of increasing patient outcomes respectively. Meanwhile, it is observed that 15
respondents effectiveness of health records is responsible for facilitating immediate and accurate
decision making for treatment of sick persons. Moreover, 15 participants go with choice of
reducing work load of staff as they believe that employees get free by extra work of maintaining
records, storing and processing which can be easily done by electronic health records.
Theme 9: The measures for increasing security of health records in Royal London Hospital.
Interpretation – The measures for increasing security of health records is an important
task in every healthcare organisation which should be focussed to improve effectiveness of
relevant policies and practices. It is essential for hospitals to update their practices and methods
in terms of increasing safety of patients personal information. From the above graphical
presentation, it has been evaluated that 10 respondents said that employees and entire
management of hospitals should remain aware of every activity or aspect which is going on at
network through monitor the same. However, 15 people provide their opinion to attempt proper
updation of software which is used to maintain safety of health records and process the same
properly. In addition to this, 20 participants have their view about to establish more effective and
strict policies of privileged access to data of patients. Additionally, rest of 5 individuals provide
suggestions to healthcare organisation to work with reliable partner by ensuring about their
background and other related aspects.
Theme 10: The effectiveness of benefits of GDPR for Royal London Hospital.
Interpretation - The GDPR consist certain more effective as well as efficient principles
and regulations which provide help to improve safety of health records in Royal London
Hospital. It is beneficial to maintain proper security of personal information of patients which is
beneficial to improve accuracy of decision making regarding treatment of people. The above
graphical representation has been observed that 35 respondents agree with this opinion that
GDPR is much effective in respect of improving safety of patients personal information. At the
other hand, it is observed that rest of 15 individuals were not agree with effectiveness of GDPR

to increase security of health records databases. They feel that GDPR is responsible for
generating several related issues which are not favourable for hospitals.
Theme 11: The Protection of privacy data through GDPR.
Interpretation – The privacy of data is required to be secured in health care organisations
in order to maintain privacy of different types of data related to patients. However, GDPR
consist number of effective principles as well as regulations which should be followed by
hospital management in order to boost up safety of patients personal information in proper way.
From the given graphical presentation, it has been evaluated that 10 respondents said that GDPR
is much efficient to secure the health and genetic data of people. Meanwhile, 15 people have
their opinion in favour of biometric data which can be secured more effectively with the help of
GDPR regulations & principles. In addition to this, 17 participants provide their positive views
about web information to make it safe by GDPR rules in health care organisations. Moreover,
rest of 8 individuals states that GDPR regulations should be utilise by care professionals in
respect of sexual orientation related data.
Theme 12: The efficiency of electronic health record system to secure health records in Royal
London Hospital.
Interpretation – Electronic health records system can be described as an effective
technique which can be used to store, manage and process the health information. It is beneficial
to store bulk of information at same place and care workers can easily get access to specific
information of particular patients which reduce delayed treatment. From the above pie graph, it
has been analysed that 43 participants said that electronic health record system is very much
effective in respect of improving safety of relevant data in Royal London Hospital. They states
that electronic health record system is also suitable to share information between individuals and
care homes for specific purposes. At the other hand, rest of 7 individuals have negative opinion
about electronic health records in terms of securing health records databases in Royal London
Hospital.
Theme 13: The benefits achieved by implementing electronic health records in Royal London
Hospital.
Interpretation – The electronic health records systems is beneficial for care homes in
terms of sharing information of patient at the time of referring them to other hospital for further
treatment. It will plays an important role in terms of reducing delayed treatment practices which

facilitate to avoid chance of occurring complicated situations for people. However, 8 respondents
provide position about electronic health records in respect of reducing drug errors which are
helpful to improve patients outcomes respectively. In addition to this, 9 individuals states that
electronic health records provide support to increase accuracy of data which facilitate to make
more appropriate decision making of providing desired medication to particular patient. At the
other hand, 13 participants said that it is helpful decrease duplication of tests which is favourable
for gaining better outcomes of treatment practices. In contrary to this, 20 people render positive
views about electronic health records in terms of reducing delayed treatment which is suitable to
avoid complexities and make patient healthy as soon as possible.
Theme 14: The advancements of electronic health records (EHRs).
Interpretation – The advancements of electronic health records consist certain innovative
concepts which can be utilised by health care organisation in terms of boosting up safety of
patients personal information. It involves the criterion to attempt proper updation of this system
provide more effective and efficient applications or hospitals which facilitate to maintain privacy
and safety of health records databases in correct way. From the given pie graph, it has been
determined that 12 respondents provide views in favour of cloud based EHRs as it is more
appropriate to secure information. However, 17 people states to improve patient portals as they
are beneficial to update information by an individual as well as physicians while required. On the
other hand, 10 individuals have positive opinion regarding growth in Telehealth which is suitable
for patients to gain desired treatment and medication easily. Additionally, rest of 11 participants
are in favour of mobile friendly EHRs which is beneficial for both physician and patient.
Theme 15: The abilities that contains by electronic health records.
Interpretation – The electronic health records contains number of abilities which are
favourable to improve safety of information. It has several capabilities in which specific one or
two features are mostly liked by professionals for maintain privacy of patients personal data.
However, it is helpful to increase accuracy of decision making which facilitate to reduce chance
of occurring drug errors in health care organisation. From the above graphical representation, it
has been evaluated that 20 participants provide their views about feature of automatically share
and update data which is most useful for medical professionals. Meanwhile, 7 candidates
believes in ability of EHR regarding more efficiency storage as well as retrieval of specific data
of patient as per requirements. In contrary to this, 13 respondents provide positive views about to

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

render aggregate patients data in order conduct a particular investigation related to health
problems and their causes among the community. Additionally, rest of 10 people go with feature
of easy standardization of services and patient facilities.
4.4 Discussion
Concept of security and GDPR issues in health organizations
Security and GDPR issues are related to health records databases in care organisations
which should be focussed by management in proper manner. Meanwhile, it is essential to make
records of every single detail relevant to sick people because this information is very useful
when individuals become unconscious and care professionals are required to provide immediate
medication for improving their condition (Kaaniche and Laurent, 2017). In addition to this, it has
been analyzed that certain concepts & ideas to which organizations are conversant in can still
implement beneath the GDPR. However, it has been discussed that more serious infringements
will cause a fine of 20 million euros up to four percent of the company's worldwide revenue. It is
observed that there are number of GDPR issues such as Most stuff is changing, however not the
entire thing, A DPO should be designated, Many new requirements, The introduction of
mandatory Privacy Impact assessment (PIAs), Rights of Data Subjects Geographic application,
Notifying a data breach within 72 hours, Fines, Consent, Compliance obligations for controllers
to be increased and Direct compliance obligations for processor. The above-mentioned issues are
related to security and GDPR which are observed by studying the overall criterion of the same. It
is necessary for an organization to follow regulations under GDPR in order to conduct its
business in a proper manner (Birnbaum and et. al., 2018). However, Royal London Hospital is
required to make sure about the rights of people that it should be fulfilled in an incorrect way.
Moreover, some of the policies under GDPR are mandatory which must be obeyed by desired
companies.
Concern of health records databases in healthcare organizations
The maintenance of health information is beneficial to a number of legal purposes in the
future. It has been analysed that there are several advantages which can be gained by Royal
London Hospital by using effective health record system. Firstly, it will render up to date,
accurate and complete data related to sick people at the point of care. Secondly, it is helpful to
enable quick access to records of patients with respect to more efficient as well as coordinated
care. Thirdly, it is helpful to share electronic information with other care organizations,

physicians and patients in a safe manner. Meanwhile, care practitioners become capable of
carrying out a proper diagnosis of patients, decrease the chance of occurring drug errors and
facilitate more safe care. However, health records play an important role to boost up
communication & interaction between patient and care providers. In addition to this, it is
observed that they are helpful to enable secure and more reliable prescribing which facilitate to
increase patient outcomes (Behkami and Daim, 2016).
Considering the discussion, it has been determined that several concerns of health records
databases in hospitals or care homes which are given here. It contains assess the health of the
public, assess patterns of illness and injuries, improve the quality of care in hospitals,
enhance privacy and security of patient data and increase efficiency of organizations. At the
other hand, it has been discussed that there is a number of benefits in the context of patients
which can be achieved by establishing effective health records system. Initially, it is helpful to
make medical professionals capable to track the actual condition of patients over time with the
help of gathering and storing their relevant information. However, it will facilitate to gain quick
access to specific desired patient information anywhere at any time and overall data can be
stored at a single place. In the context of Royal London Hospital, effective health records system
with the proper database can support clinicians to provide appropriate treatment to sick people
which is much effective as well as better aligned to actual requirements of patients (Paul and
Das, 2017). Effective systems also facilitate patients to gain online prescriptions and remain in
touch with their physicians in order to reduce the chances of occurring further risky conditions.
People can gather appropriate information regarding efficient precautions to maintain their health
condition in an incorrect way.
The ways of reducing the GDPR issue in order to improve the security of health records
databases
Considering discussion regarding ways of reducing GDPR issues, it has been evaluated
that several issues can be developed for business organizations which are required to be sorted
out by implementing more effective as well as efficient practices in business. It involves number
of ways which can be used to decrease GDPR issues such as understand the responsibilities,
understand data estate, implement or update data protection policies & procedures, provide
training to employees, review frequently, increase discovery on customer data assets,
operationalize compliance, increase security and governance, monitor for compliance and prove

compliance. However, it consists of the fact to understand that data breaches can lead to a serious
problem for business which must be removed for the welfare of businesses. Basically, it is
essential for an organization to gain proper knowledge about regulation under GDPR and then
apply effective policies and processes in order to secure health records databases (Gupta, Tyagi
and Singh, 2017). Moreover, it involves the security provisions in place to save the particular
information. Meanwhile, proper understanding about own records facilitates to plan more
accurate improvements as the GDPR states to maintain data records inappropriate manner.
Furthermore, it has been analyzed that it is also beneficial to deploy and configure
technical solutions to enforce these data protection policies wherever policies in order to reduce
GDPR issues properly. However, it has been analyzed that workers play an important role in
respect of supporting to determine the potential issue as well as the prevention of low-level data
breaches. Moreover, it is very important for companies that they must compliance checks and
data audits on a regular basis with respect to making sure about the proper protection of personal
information held by the business. Meanwhile, it also consists of the criteria for setting up an
ability to monitor overall procedures involved that includes access to information, execution of
analytic jobs and safety implemented at different points (Ranjan, 2016).
The effectiveness of different health records systems to maintain the security of health records
It has been evaluated that an electronic health records (EHR) contains a number of more
effective as well as efficient features through it provides various benefits to healthcare
organizations in which few of them are discussed here. Firstly, it involves an appropriate
capability of EHR of automatically share and update data between various offices as well as care
institutions. Secondly, it is helpful for providing more effective as well as efficient storage of
patient information and retrieval of the same. Thirdly, it consists of the ability for sharing
multimedia information such as medical imaging results among different locations. It includes
benefits gathered because of effectiveness of health records like improve accuracy, increase the
quality of services, maintenance of records and reduce the burden of work (Connor-Green,
2016). However, it is necessary to convey correct information related to specific patient among
associated medical professionals so that they can perform with proper cooperation to attain better
outcomes. In addition to this, it will facilitate to reduce drug errors and other mistakes which are
responsible for increasing the quality of care facilities in Royal London Hospital. However,
electronic health records are very much effective to reduce these tasks from the work list of

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

medical professionals so that they can conduct other clinical practices in a more effective as well
as efficient manner.
The measures can healthcare organisations take for improving safety of health records
It has been analysed that previous data records of sick people plays an important role
when patient is not in conscious state then medical professionals can study previous medical
history of health problem as well as medications to provider further treatment for their welfare.
Basically, it is observed that health records are very significant in context of fulfilling several
legal requirements accordingly. However, it is essential for care professionals to understand and
realise their responsibility towards top securing health records by completing their duties in
appropriate way (Grigorakis and et. al., 2016). Meanwhile, it has been analysed that personal
data can only accessed by employee who need it for current task and remove their access after
completion of specific activity. In addition to to this, it is necessary to focus on cyber attacks and
put efforts to establish effective password system and other measures to avoid such problems for
securing heath records.

CHAPTER 5: CONCLUSION AND RECOMMENDATIONS
5.1 Conclusion
With the help of above discussion, it has been concluded that security and GDPR issues
are related to data protection in health care organisations which are required to be solved
immediately. It is observed that safety of health records databases is an important aspects which
should be fulfilled with the help of implementing effective policies and practices in hospitals.
However, GDPR contains number of regulations and principles which are required to be
followed by every care professionals in terms of securing personal information of sick people. In
addition to this, maintaining privacy and safety of databases so that it cannot be misused by
anyone else. It is essential for staff members of care homes to understand their responsibilities
towards maintenance of healthcare records databases while providing treatment to an individual.
Basically, it consist various kinds of GDPR issues such as Most stuff is changing,
however not the entire thing, A DPO should be designated, Many new requirements, The
introduction of mandatory Privacy Impact assessment (PIAs), Rights of Data Subjects,
Geographic application, Notifying a data breach within 72 hours, Fines, Consent, Compliance
obligations for controllers to be increased and Direct compliance obligations for processor.
Meanwhile, it consist concerns of health record like Assess the health of the public, Assess
patterns of illness & injuries, Improve the quality of care in hospitals, Enhance privacy &
security of patient data and Increase efficiency of organizations. In addition to this, it includes
ways to reduce GDPR issues including Understand the responsibilities, Understand data estate,
Implement or update data protection policies & procedures, Provide training to employees,
Review frequently, Increase Discovery on customer data assets, Operationalize compliance,
Increase security & governance, Monitor for compliance and Prove compliance. Moreover, it
consist effectiveness of health records systems to maintain security involving certain benefits
like Improve accuracy, Increase the quality of services, Maintenance of records and Reduce the
burden of work. At last but not the least, it involves some of effective measures that can be taken
by care homes for increasing safety of databases like Be aware of everything included in
network, Strengthen patch management and update the software, Be strict in terms of privileged
access, Train the team to report breaches and Work with reliable partner. It also consist

prevention of breaches with the help of encryption, pseudonominisation, malware protection and
increase cyber security.
Considering above discussion, it has been recommended that health care organisations
are required to strictly follow overall regulations mentioned in framework of GDPR in order to
improve security of data. It is necessary for medical professionals to realise their responsibility to
make sure about maintenance of privacy of patients information. However, they should ensure
that non desirable person will not get access to data of any sick person admitted in hospital. It is
suggested that care organisations should established strict policier and practices in order to boost
up safety of health records databases appropriately. In addition to this, it has been recommended
to given hospital that they should electronic health record system ensure regular updation of the
same in respect of increasing security of desired information. It is also suggested they should
obey legislations like Data protection Act and GDPR framework in context of ensuring
appropriate safety of health records.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

REFERENCES
Books and journals
Shu, I. N. and Jahankhani, H., 2017, November. The Impact of the new European General Data
Protection Regulation (GDPR) on the Information Governance Toolkit in Health and
Social care with special reference to Primary care in England. In 2017 Cybersecurity
and Cyberforensics Conference (CCC)(pp. 31-37). IEEE.
Chen, J. Q. and Benusa, A., 2017. HIPAA security compliance challenges: The case for small
healthcare providers. International Journal of Healthcare Management, 10(2), pp.135-
146.
Zeadally, S., Isaac, J. T. and Baig, Z., 2016. Security attacks and solutions in electronic health (e-
health) systems. Journal of medical systems, 40(12), p.263.
Jain, P., Gyanchandani, M. and Khare, N., 2017. Privacy and Security Concerns in Healthcare
Big Data: An Innovative Prescriptive. Journal of Information Assurance &
Security, 12(1).
Zerlang, J., 2017. GDPR: a milestone in convergence for cyber-security and
compliance. Network Security, 2017(6), pp.8-11.
Panjwani, M. and Jäntti, M., 2017, September. Data protection & security challenges in digital &
it services: a case study. In 2017 International Conference on Computer and
Applications (ICCA) (pp. 379-383). IEEE.
Rodrigues Jr, J.F. And et. al., 2016. On the convergence of nanotechnology and Big Data
analysis for computer-aided diagnosis. Nanomedicine, 11(8), pp.959-982.
Romanou, A., 2018. The necessity of the implementation of Privacy by Design in sectors where
data protection concerns arise. Computer law & security review, 34(1), pp.99-110.
Hunter, R.F. And et. al., 2018. Ethical issues in social media research for public health. American
journal of public health, 108(3), pp.343-348.
Bauder, R., Khoshgoftaar, T.M. and Seliya, N., 2017. A survey on the state of healthcare
upcoding fraud analysis and detection. Health Services and Outcomes Research
Methodology, 17(1), pp.31-55.
Flaumenhaft, Y. and Ben-Assuli, O., 2018. Personal health records, global policy and regulation
review. Health policy, 122(8), pp.815-826.
Kuchinke, W. and et. al., 2016. Development towards a learning health system—experiences
with the privacy protection model of the TRANSFoRm project. In Data Protection on
the Move (pp. 101-134). Springer, Dordrecht.
Bolognini, L. and Bistolfi, C., 2017. Pseudonymization and impacts of Big
(personal/anonymous) Data processing in the transition from the Directive 95/46/EC to
the new EU General Data Protection Regulation. Computer law & security
review, 33(2), pp.171-181.
McLoughlin, I.P., Garrety, K. and Wilson, R., 2017. The digitalization of healthcare: Electronic
records and the disruption of moral orders. Oxford University Press.
Bates, D.W. And et. al., 2018. Why policymakers should care about “big data” in
healthcare. Health Policy and Technology, 7(2), pp.211-216.
Pandey, M.K. and Subbiah, K., 2016, December. A novel storage architecture for facilitating
efficient analytics of health informatics Big Data in cloud. In 2016 IEEE International
Conference on Computer and Information Technology (CIT)(pp. 578-585). IEEE.
Mittelstadt, B.D. and Floridi, L. eds., 2016. The ethics of biomedical big data (Vol. 29). Springer.

Essén, A. and et. al., 2018. Patient access to electronic health records: Differences across ten
countries. Health policy and technology, 7(1), pp.44-56.
Elmes, G.A., 2016. 13 GIS in Public Healthcare Planning: The United States Perspective. GIS in
public health practice, p.205.
Price, W.N. and Cohen, I.G., 2019. Privacy in the age of medical big data. Nature
medicine, 25(1), p.37.
Kaaniche, N. and Laurent, M., 2017. Data security and privacy preservation in cloud storage
environments based on cryptographic mechanisms. Computer Communications, 111,
pp.120-141.
Birnbaum, D. and et. al., 2018. Revisiting public health informatics: patient privacy
concerns. International Journal of Health Governance, 23(2), pp.149-159.
Behkami, N. and Daim, T.U., 2016. Exploring technology adoption in the case of the Patient-
Centered Medical Home. Health Policy and Technology, 5(2), pp.166-188.
Paul, M. and Das, A., 2017. Health Informatics as a Service (HIaaS) for developing countries.
In Internet of Things and Big Data Technologies for Next Generation Healthcare (pp.
251-279). Springer, Cham.
Gupta, P.K., Tyagi, V. and Singh, S.K., 2017. Predictive Computing and Information Security.
Singapore: Springer Singapore.
Connor-Green, D.S., 2016. Blockchain in Healthcare Data. Intell. Prop. & Tech. LJ, 21, p.93.
Grigorakis, N. and et. al., 2016. Out of pocket payments and social health insurance for private
hospital care: evidence from Greece. Health Policy, 120(8), pp.948-959.
Ranjan, J., 2016. Big data applications in healthcare. In Big Data: Concepts, Methodologies,
Tools, and Applications (pp. 1247-1259). IGI Global.
Kumar, R., 2019. Research methodology: A step-by-step guide for beginners. Sage Publications
Limited.
Bresler, L. and Stake, R.E., 2017. Qualitative research methodology in music education.
In Critical Essays in Music Education (pp. 113-128). Routledge.
Ledford, J.R. and Gast, D.L., 2018. Single case research methodology: Applications in special
education and behavioral sciences. Routledge.
Humphries, B., 2017. Re-thinking social research: anti-discriminatory approaches in research
methodology. Routledge.
Wiek, A. and Lang, D.J., 2016. Transformational sustainability research methodology.
In Sustainability science (pp. 31-41). Springer, Dordrecht.
Rosskam, E., 2018. Using participatory action research methodology to improve worker health.
In Unhealthy Work(pp. 211-228). Routledge.
King, K.A. and Mackey, A., 2016. Research methodology in second language studies: Trends,
concerns, and new directions. The Modern Language Journal, 100(S1), pp.209-227.
Hickson, H., 2016. Becoming a critical narrativist: Using critical reflection and narrative inquiry
as research methodology. Qualitative social work, 15(3), pp.380-391.
Davies, P. and Francis, P., 2018. Doing criminological research. SAGE Publications Limited.
Denzin, N.K., 2017. The research act: A theoretical introduction to sociological methods.
Routledge.
Tight, M., 2016. Phenomenography: The development and application of an innovative research
design in higher education research. International Journal of Social Research
Methodology, 19(3), pp.319-338.

Chodorow, J., 2018. Dance/movement therapists in action: A working guide to research options.
Charles C Thomas Publisher.
Clandinin, D.J., Cave, M.T. and Berendonk, C., 2017. Narrative inquiry: a relational research
methodology for medical education. Medical education, 51(1), pp.89-96.
Colorafi, K.J. and Evans, B., 2016. Qualitative descriptive methods in health science
research. HERD: Health Environments Research & Design Journal, 9(4), pp.16-25.
Kao, H.Y. And et. al., 2016. Design and evaluation of hospital-based business intelligence
system (HBIS): A foundation for design science research methodology. Computers in
Human Behavior, 62, pp.495-505.
Online
Vats A., 2017. 10 Key Issues Of General Data Protection Regulation (GDPR). [Online].
Available through: <https://medium.com/@adityavats/10-key-issues-of-general-data-
protection-regulation-gdpr-d70e3875b59e>
Zerlang j., 2019. GDPR: a milestone in convergence for cyber-security and compliance.
[Online]. Available through:
<https://www.sciencedirect.com/science/article/pii/S1353485817300600>
Dixon J. and Richards C., 2018. On food security and alternative food networks: understanding
and performing food security in the context of urban bias. [Online]. Available through:
<https://link.springer.com/article/10.1007/s10460-015-9630-y>
Pacurariu A., 2019. Electronic healthcare databases in Europe: descriptive analysis of
characteristics and potential for use in medicines regulation. [Online]. Available
through: <https://bmjopen.bmj.com/content/8/9/e023090>
Cardon D., 2019. Healhcare Databases: Purpose, Strengths, Weaknesses. [Online]. Available
through: <https://www.healthcatalyst.com/insights/healthcare-database-purposes-
strengths-weaknesses>
Raeli A., 2018. How to avoid data breaches under the GDPR. [Online]. Available through:
<https://www.advantio.com/blog/how-to-avoid-data-breaches-under-the-gdpr>
Morrell J., 2019. Five Ways to Reduce GDPR’s Impact. [Online]. Available through:
<https://www.datameer.com/blog/reduce-gdpr-impact/>
Irwin L., 2019. GDPR compliance and information security: reducing data breach risks.
[Online]. Available through: <https://www.itgovernance.co.uk/blog/gdpr-compliance-
and-information-security-reducing-data-breach>
Yue X., 2018. Healthcare Data Gateways: Found Healthcare Intelligence on Blockchain with
Novel Privacy Risk Control. [Online]. Available through:
<https://link.springer.com/article/10.1007/s10916-016-0574-6>
Hiivala N., 2018. An analysis of dental patient safety incidents in a patient complaint and
healthcare supervisory database in Finland. [Online]. Available through:
<https://www.tandfonline.com/doi/abs/10.3109/00016357.2015.1042040>
Bujari A., 2018. Standards, Security and Business Models: Key Challenges for the IoT Scenario.
[Online]. Available through: <https://link.springer.com/article/10.1007/s11036-017-
0835-8>
Romanou A., 2019. The necessity of the implementation of Privacy by Design in sectors where
data protection concerns arise. [Online]. Available through:
<https://www.sciencedirect.com/science/article/pii/S0267364917302054>
Lee K., 2019. Electronic health record (EHR). [Online]. Available through:
<https://searchhealthit.techtarget.com/definition/electronic-health-record-EHR>

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Ahmed S., 2019. Montreal Accord on Patient-Reported Outcomes (PROs) use series – Paper 8:
patient-reported outcomes in electronic health records can inform clinical and policy
decisions. [Online]. Available through:
<https://www.sciencedirect.com/science/article/pii/S0895435617304079>
Goli-Malekabadi Z., Sargolzaei-Javan M. and Akbari M. K., 2019. An effective model for store
and retrieve big health data in cloud computing. [Online]. Available through:
<https://www.sciencedirect.com/science/article/pii/S0169260715301632>
Sajid A. and Abbas H., 2018. Data Privacy in Cloud-assisted Healthcare Systems: State of the
Art and Future Challenges. [Online]. Available through:
<https://link.springer.com/article/10.1007/s10916-016-0509-2>
Renton T. and Master S., 2019. The complexity of patient safety reporting systems in UK
dentistry. [Online]. Available through:
<https://www.nature.com/articles/sj.bdj.2016.782>
Sligo J., 2019. A literature review for large-scale health information system project planning,
implementation and evaluation. [Online]. Available through:
<https://www.sciencedirect.com/science/article/pii/S1386505616302003>
Toma M., 2018. Balancing measures or a balanced accounting of improvement impact: a
qualitative analysis of individual and focus group interviews with improvement experts
in Scotland. [Online]. Available through:
<https://qualitysafety.bmj.com/content/27/7/547?
rss=1&int_source=trendmd&int_medium=trendmd&int_campaign=trendmd>

APPENDIX
Questionnaire
Questionnaire
Name:
Age:
Gender:
Contact No.:
Q1. Do you have knowledge about concept of GDPR? Yes No
Q2. What is the significance of maintaining health records? Monitor patient condition Analyse pattern of disease Fulfil legal needs
Q3. What are the benefits of maintaining patient health records for staff members? Reduce work load Improve accuracy of decision making Quick access to specific data
Q4. DO you know about principles of GDPR? Lawfulness, fairness & transparency Purpose limitation & accuracy Integrity & confidentiality Accountability & data minimisation
Q5. What is the concern of health records databases according to you in healthcare
organisations? Assess the health of public Assess pattern in illness Improve quality of care Enhance privacy & security of patient data
Q6. How can the issues related to GDPR can be reduced in hospitals?

 Understand responsibilities among employees Understand data estate Updation of data protection policies Provide regular training to staff
Q7. How can the security of health records can be improve as per your opinion? Follow legislations Operationalize compliance Increase security & governance
Q8. Is the electronic health records are much effective to ensure safety of relevant
information? Improve accuracy Improve quality of medical facilities Facilitate immediate and accurate decision making Reduce work load of staff
Q9. What measures can be applied in Royal London Hospital to increase security of health
records? Remain aware of every aspect on network Updation of software Strict policies of privileged access Work with reliable partner
Q10. Is GDPR is much effective and beneficial for Royal London hospital? Agree Disagree
Q11. What kind of privacy data can be protected by GDPR in your views? Health & genetic data Biometric data Web data Sexual orientation
Q12. Is electronic health record system is efficient to secure health records in Royal London
Hospital? Yes

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

 No
Q13. What are the benefits achieved by implementing electronic health records in Royal
London Hospital? Reduce drug errors Improve data accuracy Decrease duplication of tests Reduce delayed treatments
Q14. What are the advancements of electronic health records (EHRs) are observed by you? Cloud based EHRs Improved patient portals Growth in Telehealth Mobile friendly EHRs
Q15. What are the abilities consist by electronic health records? Automatically share & update data Efficient storage & retrieval Aggregate patient data Easy standardization of services & patient services
Q16. Any suggestions for future research?