Strategic Information System Report: Healthcare ERP System
VerifiedAdded on 2021/06/17
|17
|5226
|35
Report
AI Summary
This report provides a comprehensive overview of Healthcare Enterprise Resource Planning (HERP) systems, exploring their strategic importance in the healthcare sector. It begins with an introduction to ERP systems and their evolution, highlighting their benefits in various industries, including healthcare. The report then delves into the specific requirements of HERP systems, including database, financial control, and resource management aspects. It emphasizes the importance of aligning HERP implementation with the organization's goals and objectives. The report further examines the technologies and applications used in HERP systems, such as integrated databases and enhanced reporting capabilities. The vendor selection process, including criteria like healthcare goals, functional requirements, technology, budget, and team composition, is also discussed. Finally, it touches upon the impact of ERP systems in other industries, such as manufacturing and construction. The report underscores the significance of HERP systems in improving healthcare quality, operational efficiency, and patient care, making it a valuable resource for students studying healthcare management and information systems.
Strategic Information System 1
Strategic Information System
Introduction
It is currently more than twenty years that the Enterprise Resource Planning (ERP)
system has been in use in the healthcare department. Consequently, this healthcare system
has shown an ultimate as well as a highly valued solution for many corporations starting form
healthcare, manufacturing to the disseminations ones (Wang, Kung, and Byrd, 2018, p. 5).
Certainly, the software application is a major success in a vast of ways to most of the
organizations that have placed it into use. Indeed, ERP is a technological software that
enables and improve the capacity of communication between different divisions under an
organization. Thus it supports the workforce to perform work in a better way, therefore,
enhancing productivity in the workplace (Angst, Wowak, Handley, and Kelley, 2017).
Accordingly, as a result of the proactive capability of the ERP application it was initially
related to the manufacturing company since the purpose of designing it was to resolve
problems which constrained the potential of production, nevertheless, currently the ERP is
supporting efficiency in a number of ways in different business sectors (Almajali, Masa'deh,
and Tarhini, 2016, p. 551). Therefore, because of its activeness, the ERP system is being
endorsed by a range of dissimilar organizations and healthcare is not an exception. Therefore,
ERP is a software application that comprises a sequence of modules which connect
information into a single program, which enables data storage and accessibility in a more
simplified. Certainly, this technology is designed to offer surveillance on data and enhance
the rate of information exchange within different departments in an organization.
Overview of the Healthcare Enterprise Resource Planning (ERP) System
Research has shown that ERP system is the ultimate answer to a range of industries thus
healthcare is not an exception. Actually, hospitals are in need of a more interrelated system
Strategic Information System
Introduction
It is currently more than twenty years that the Enterprise Resource Planning (ERP)
system has been in use in the healthcare department. Consequently, this healthcare system
has shown an ultimate as well as a highly valued solution for many corporations starting form
healthcare, manufacturing to the disseminations ones (Wang, Kung, and Byrd, 2018, p. 5).
Certainly, the software application is a major success in a vast of ways to most of the
organizations that have placed it into use. Indeed, ERP is a technological software that
enables and improve the capacity of communication between different divisions under an
organization. Thus it supports the workforce to perform work in a better way, therefore,
enhancing productivity in the workplace (Angst, Wowak, Handley, and Kelley, 2017).
Accordingly, as a result of the proactive capability of the ERP application it was initially
related to the manufacturing company since the purpose of designing it was to resolve
problems which constrained the potential of production, nevertheless, currently the ERP is
supporting efficiency in a number of ways in different business sectors (Almajali, Masa'deh,
and Tarhini, 2016, p. 551). Therefore, because of its activeness, the ERP system is being
endorsed by a range of dissimilar organizations and healthcare is not an exception. Therefore,
ERP is a software application that comprises a sequence of modules which connect
information into a single program, which enables data storage and accessibility in a more
simplified. Certainly, this technology is designed to offer surveillance on data and enhance
the rate of information exchange within different departments in an organization.
Overview of the Healthcare Enterprise Resource Planning (ERP) System
Research has shown that ERP system is the ultimate answer to a range of industries thus
healthcare is not an exception. Actually, hospitals are in need of a more interrelated system
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Strategic Information System 2
since the information that is conveyed from one department to another is quite essential and it
may not attain its core purpose it if fails to arrive in time to the desired destination. Distinct
from other business where loss is only measured in terms of money, the loss in the healthcare
sector is measured in terms of human lives. The healthcare sector is committed on increasing
healthcare quality as well as operational efficiency and at the same time making sure that it
cut down the expense through optimization of back-end functionalities (Eriksson, Holden,
Williamsson, and Dellve, 2016, p. 105). In order to increase on the returns, minimise
expenses and attain a seamless healthcare scale, it is vital that the back-end operations are
improved. Once the back-end operations are enhanced the efficiency of the business
operations such as inventory management, supply chain management, billing, patient
relationship management, finance and human resource management stand to improve (Garg,
and Agarwal, 2014, p. 404). For that reason, this success can only come true when the
business operations are optimized and technology-enabled using a successful Healthcare
Enterprise Resource Planning (HERP) execution.
Healthcare Enterprise Resource Planning (HERP) System Requirements
The healthcare is undergoing a steadfast revolution as a result of information
technology (IT) playing a significantly key part towards its delivery. Moreover, the
healthcare department expects an exceptional development in this sector as it implements
ERP system and specifically the Health Information Management System (HIMS) in addition
to setting up of intranets for the exchange of information as well as offering remote
diagnostic services through telemedicine. Recent research shows that the usage of computers
by practitioners has led to modifications as well as hospital expenses. Healthcare Enterprise
Resource Planning (HERP) is a class of the ERP that is designed to run the whole healthcare
operations by relating the entire activities that happen in the organizations. Some of these
activities include resource management, finance, decision support and human resource only
since the information that is conveyed from one department to another is quite essential and it
may not attain its core purpose it if fails to arrive in time to the desired destination. Distinct
from other business where loss is only measured in terms of money, the loss in the healthcare
sector is measured in terms of human lives. The healthcare sector is committed on increasing
healthcare quality as well as operational efficiency and at the same time making sure that it
cut down the expense through optimization of back-end functionalities (Eriksson, Holden,
Williamsson, and Dellve, 2016, p. 105). In order to increase on the returns, minimise
expenses and attain a seamless healthcare scale, it is vital that the back-end operations are
improved. Once the back-end operations are enhanced the efficiency of the business
operations such as inventory management, supply chain management, billing, patient
relationship management, finance and human resource management stand to improve (Garg,
and Agarwal, 2014, p. 404). For that reason, this success can only come true when the
business operations are optimized and technology-enabled using a successful Healthcare
Enterprise Resource Planning (HERP) execution.
Healthcare Enterprise Resource Planning (HERP) System Requirements
The healthcare is undergoing a steadfast revolution as a result of information
technology (IT) playing a significantly key part towards its delivery. Moreover, the
healthcare department expects an exceptional development in this sector as it implements
ERP system and specifically the Health Information Management System (HIMS) in addition
to setting up of intranets for the exchange of information as well as offering remote
diagnostic services through telemedicine. Recent research shows that the usage of computers
by practitioners has led to modifications as well as hospital expenses. Healthcare Enterprise
Resource Planning (HERP) is a class of the ERP that is designed to run the whole healthcare
operations by relating the entire activities that happen in the organizations. Some of these
activities include resource management, finance, decision support and human resource only
Strategic Information System 3
to mention a few (Almajali, Masa'deh, and Tarhini, 2016, p. 555). In the case of the
healthcare ERP system, it shall be classified into three class requirements. First, it entails
database requirements. The HERP system is tasked with the keeping of patient data for future
reference. Therefore, there has to be a special place to keep patients files and records to allow
for easy access and retrieval in future. As a result, there has to be a unification between the
patient data and the medical officer. In this case, there has to a common database that will be
used for storing these fundamental records. A normal enterprise will entail activities to do
with production, logistics, human resources, services, material management among many
others. Second, the execution of ERP system comes with the notion of an integrated financial
control such that all activities within the healthcare enterprise generate a suitable entry in the
record storage system. Lastly, but not least the healthcare ERP focus is how to manage the
enterprise resources by dealing with critical subject matters of capacity and priorities.
The most important point that should be noted is that before implementing a HERP
model, the health facility is supposed to agree on the guideline standards to aid in the
description as well as attainability of the vision of the state-of-art “digital” hospital. Indeed,
these directive principles act as the baseline for the HERP application. Nevertheless, it has to
be revised to make sure that it corresponds to the main target of the healthcare organization. I
the case of this HERP healthcare facility the following are the directive principles that are
supposed to be considered at the time of ERP implementation: The choosing of clinical as
well as healthcare information system and the system vendor has to support a “wireless”
filmless and paperless setting.
The system should automate to support all functionalities in the healthcare facility
such as human resources, finances, stocks, purchases, among others to make sure that
these practices are all integrated with the essential health information system.
to mention a few (Almajali, Masa'deh, and Tarhini, 2016, p. 555). In the case of the
healthcare ERP system, it shall be classified into three class requirements. First, it entails
database requirements. The HERP system is tasked with the keeping of patient data for future
reference. Therefore, there has to be a special place to keep patients files and records to allow
for easy access and retrieval in future. As a result, there has to be a unification between the
patient data and the medical officer. In this case, there has to a common database that will be
used for storing these fundamental records. A normal enterprise will entail activities to do
with production, logistics, human resources, services, material management among many
others. Second, the execution of ERP system comes with the notion of an integrated financial
control such that all activities within the healthcare enterprise generate a suitable entry in the
record storage system. Lastly, but not least the healthcare ERP focus is how to manage the
enterprise resources by dealing with critical subject matters of capacity and priorities.
The most important point that should be noted is that before implementing a HERP
model, the health facility is supposed to agree on the guideline standards to aid in the
description as well as attainability of the vision of the state-of-art “digital” hospital. Indeed,
these directive principles act as the baseline for the HERP application. Nevertheless, it has to
be revised to make sure that it corresponds to the main target of the healthcare organization. I
the case of this HERP healthcare facility the following are the directive principles that are
supposed to be considered at the time of ERP implementation: The choosing of clinical as
well as healthcare information system and the system vendor has to support a “wireless”
filmless and paperless setting.
The system should automate to support all functionalities in the healthcare facility
such as human resources, finances, stocks, purchases, among others to make sure that
these practices are all integrated with the essential health information system.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
Strategic Information System 4
Procedures and policies, the design of flow of work in addition to supporting
managerial and clinical information operations will be able to support the capability
of the facility to maintain focus service at the care level.
Actual data and workflow integration in between the entire operational parts will fall
into place and ensure that the system will not be tolerant to redundant process
The entire information technology decisions arrived at shall be in a position to
complement the healthcare mission statement and vision statement as well as its set
out ails and goals, which is to make health care become as digital as possible
(Seethamraju, 2015, p. 481).
Accordingly, the healthcare facility is supposed to look at the HERP system application
as an integral and vital part of its overall business strategy. It is a requirement that when ERP
technology is employed in an organization, it should be in a position to be applied in all facet
of the company (Petrov, Lakhno, and Korchenko, 2016, p. 123). In the case of healthcare
facility, the HERP should cover all the organization’s facets by integrating human resources,
technology, processes as well as cultural components. On the other hand, the healthcare
facility is not solely supposed to only implement essential ancillary and healthcare
information software package. Nonetheless, it has to expand the implementation. Thus the
software should be extended to the point that it covers the entire medical spectrum running all
the way from surgical equipment, patients’ beds to pagers as well as light system
applications. Therefore, it is a requirement the healthcare leverage the standard of the
industry as well as the regulations to help improve the link between the project shareholders
and external business partners. The healthcare organization is supposed to make sure that the
system is imperative to the design to see to it that it is capable of being integrated with the
forthcoming generation of products in addition to evolution changes in the industry.
Consequently, the system requirements are supposed to be flexible enough to suit both the
Procedures and policies, the design of flow of work in addition to supporting
managerial and clinical information operations will be able to support the capability
of the facility to maintain focus service at the care level.
Actual data and workflow integration in between the entire operational parts will fall
into place and ensure that the system will not be tolerant to redundant process
The entire information technology decisions arrived at shall be in a position to
complement the healthcare mission statement and vision statement as well as its set
out ails and goals, which is to make health care become as digital as possible
(Seethamraju, 2015, p. 481).
Accordingly, the healthcare facility is supposed to look at the HERP system application
as an integral and vital part of its overall business strategy. It is a requirement that when ERP
technology is employed in an organization, it should be in a position to be applied in all facet
of the company (Petrov, Lakhno, and Korchenko, 2016, p. 123). In the case of healthcare
facility, the HERP should cover all the organization’s facets by integrating human resources,
technology, processes as well as cultural components. On the other hand, the healthcare
facility is not solely supposed to only implement essential ancillary and healthcare
information software package. Nonetheless, it has to expand the implementation. Thus the
software should be extended to the point that it covers the entire medical spectrum running all
the way from surgical equipment, patients’ beds to pagers as well as light system
applications. Therefore, it is a requirement the healthcare leverage the standard of the
industry as well as the regulations to help improve the link between the project shareholders
and external business partners. The healthcare organization is supposed to make sure that the
system is imperative to the design to see to it that it is capable of being integrated with the
forthcoming generation of products in addition to evolution changes in the industry.
Consequently, the system requirements are supposed to be flexible enough to suit both the
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Strategic Information System 5
present as well as future changes because the healthcare sector requirements keep on
changing with the change in technology (Peng, and Gala, 2014, p. 26). Both business and
clinical operations, operation performance, and the safety of patients’ should be optimized by
crafting a state-of-art best quality “digital” complete hospital with the latest edge of
technology. The figure below displays expansive fundamental component requirements for
construction of a world-class HERP system.
Figure 1: A Healthcare Enterprise Resource Planning System Technologies and Applications
The HERP should make sure that it integrates all the departments within the
organization to allow physicians to have instantaneous access to patient’s medical
information from other practitioner’s offices, and emergency rooms. On the same note, the
enterprise resource planning (ERP) system should substitute the need for various interfaces
between two or more application inside the hospital. It should consist of an integrated
database for storage of different files and data records of the hospital and patient information
and heighten the reporting capacities in addition to standardization.
Software and Vendor Selection Process
present as well as future changes because the healthcare sector requirements keep on
changing with the change in technology (Peng, and Gala, 2014, p. 26). Both business and
clinical operations, operation performance, and the safety of patients’ should be optimized by
crafting a state-of-art best quality “digital” complete hospital with the latest edge of
technology. The figure below displays expansive fundamental component requirements for
construction of a world-class HERP system.
Figure 1: A Healthcare Enterprise Resource Planning System Technologies and Applications
The HERP should make sure that it integrates all the departments within the
organization to allow physicians to have instantaneous access to patient’s medical
information from other practitioner’s offices, and emergency rooms. On the same note, the
enterprise resource planning (ERP) system should substitute the need for various interfaces
between two or more application inside the hospital. It should consist of an integrated
database for storage of different files and data records of the hospital and patient information
and heighten the reporting capacities in addition to standardization.
Software and Vendor Selection Process
Strategic Information System 6
The process of buying an ERP system calls for some decision points as well as several
aspects that have to be considered before deciding to acquire the software model (Sanja,
2013, p. 404). In the case of the healthcare facility, HERP system selection process the
following criteria will be applied:
Healthcare goals and objectives: The key objective for adopting an ERP system is to
enhance the organization’s goals which are to foster an efficient service delivery to
patients who are the sole customers of the premise, security of data records and the
general operation management of the facility.
Functional hardware and software requirements: while it is true that a majority of
organizations share general operations, nonetheless, the organization’s industry
specification will dictate its details (Kerzner, and Kerzner, 2017). Corporations won
need acts as its compass direction in governing the elements that are most significant
to its operations. Therefore, the healthcare organization’s stakeholder should be keen
all the functions that must be met in an average business day. Also, it should target to
review all parts of the list despite even when the processes being done might be
external to the system.
Underlying technology and forthcoming scalability: Initially the underlying
technology of ERP system was not a necessity, the dominant requirement was only
software functionality when it came to choosing a novel system. Nevertheless,
technology changes rapidly, and that is not the case today. Thus, current choosing an
ERP system involves the latest technology in the market as it will offer a longer
operation period and will make a better investment.
Resources and budget: The ERP system comes with a variation regarding price. The
price depends on the complexity of the software application and functionality.
The process of buying an ERP system calls for some decision points as well as several
aspects that have to be considered before deciding to acquire the software model (Sanja,
2013, p. 404). In the case of the healthcare facility, HERP system selection process the
following criteria will be applied:
Healthcare goals and objectives: The key objective for adopting an ERP system is to
enhance the organization’s goals which are to foster an efficient service delivery to
patients who are the sole customers of the premise, security of data records and the
general operation management of the facility.
Functional hardware and software requirements: while it is true that a majority of
organizations share general operations, nonetheless, the organization’s industry
specification will dictate its details (Kerzner, and Kerzner, 2017). Corporations won
need acts as its compass direction in governing the elements that are most significant
to its operations. Therefore, the healthcare organization’s stakeholder should be keen
all the functions that must be met in an average business day. Also, it should target to
review all parts of the list despite even when the processes being done might be
external to the system.
Underlying technology and forthcoming scalability: Initially the underlying
technology of ERP system was not a necessity, the dominant requirement was only
software functionality when it came to choosing a novel system. Nevertheless,
technology changes rapidly, and that is not the case today. Thus, current choosing an
ERP system involves the latest technology in the market as it will offer a longer
operation period and will make a better investment.
Resources and budget: The ERP system comes with a variation regarding price. The
price depends on the complexity of the software application and functionality.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
Strategic Information System 7
Therefore, a healthcare organization should consider these aspects before deciding to
purchase the ERP system by considering its workload.
A team of trustees: The choice of individuals both inside and outside the
organizations play a major role towards the success of any project (Lyytinen, and
Newman, 2015, p. 78). Therefore the organizations have to be aware of the people
that will implement the system and those that will manage the project during
construction of the new system.
Process description: This the area that each person fears most, but it is not dangerous
at all. When demos and research are done, it tends to generate more queries and
answers. These tests and demonstrations are significant since they help to include all
the projects requirements that may have been left out at one point or another.
Companies that have Implemented Healthcare ERP Technology
Several organizations are using the ERP software, and some of these companies
include manufacturing, construction industrial services. Indeed, the use of ERP software has
improved communication among departments in the manufacturing sector. Communication is
an essential aspect of a manufacturing form that comprises several departments. Thus, an
ERP software helps to improve and foster effective communication amongst various
departments by linking the whole corporation into a single system (Li, Tryfonas, and Li,
2016, p. 343). In the construction industry, ERP system has made it possible to assimilate
data. The ERP software in the construction sector has played a significant role in operational
data and dynamic analysis of finances, which aid in providing executives with accurate and
precise calculated real-time information (Jacobs, Chase, and Lummus, 2014, p. 533). This
data is important as it helps the construction company to effectively rack simultaneous
operations and reports, which help it in managing deficiencies across different sections in an
efficient way. On the other hand, the use of ERP in the professional services include accurate
Therefore, a healthcare organization should consider these aspects before deciding to
purchase the ERP system by considering its workload.
A team of trustees: The choice of individuals both inside and outside the
organizations play a major role towards the success of any project (Lyytinen, and
Newman, 2015, p. 78). Therefore the organizations have to be aware of the people
that will implement the system and those that will manage the project during
construction of the new system.
Process description: This the area that each person fears most, but it is not dangerous
at all. When demos and research are done, it tends to generate more queries and
answers. These tests and demonstrations are significant since they help to include all
the projects requirements that may have been left out at one point or another.
Companies that have Implemented Healthcare ERP Technology
Several organizations are using the ERP software, and some of these companies
include manufacturing, construction industrial services. Indeed, the use of ERP software has
improved communication among departments in the manufacturing sector. Communication is
an essential aspect of a manufacturing form that comprises several departments. Thus, an
ERP software helps to improve and foster effective communication amongst various
departments by linking the whole corporation into a single system (Li, Tryfonas, and Li,
2016, p. 343). In the construction industry, ERP system has made it possible to assimilate
data. The ERP software in the construction sector has played a significant role in operational
data and dynamic analysis of finances, which aid in providing executives with accurate and
precise calculated real-time information (Jacobs, Chase, and Lummus, 2014, p. 533). This
data is important as it helps the construction company to effectively rack simultaneous
operations and reports, which help it in managing deficiencies across different sections in an
efficient way. On the other hand, the use of ERP in the professional services include accurate
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Strategic Information System 8
storage of expense records, workforce data, and inventory control. Consequently, this results
in more jovial customers and improved edge regarding competition.
Analysis and Evaluation of Healthcare ERP Efficiency
The significance of the HERP System
Most of the technological applications demand clinical information source which
entails longitudinal medical records of each patient served by the hospital service delivery
system (Shen, Chen, and Wang, 2016, p. 129). Accordingly, medical decisions which
enhance applications that can extract clinical data repository which offers evidence-based
information practice in the real-time to enable secure as well as effective patient care.
Provide high-quality practices: Since the growth of ERP systems is increasing at a
very fast speed, there is a constant urge to induce professionalism and best practices in the
healthcare sector. In this case, patient’s demands have increased unlike in the past times.
Currently, patients are demanding for the best services for their money. Thus it is high time
that healthcare organization strives to ensure that they meet these requirements by employing
the best enterprise application that can offer quality services.
Health Information Privacy and Security
Privacy is an underlying governing principle of the patient-practitioner relation for
efficient and effective healthcare delivery. Therefore, it is a requirement that patients share
their information with their doctors to enable correct diagnosis as well as the determination of
treatment, particularly to avert adversative drug interactions. Nonetheless, at times some
patients can refuse to disclose vital information in case of health problems like HIV and
psychiatric behavior since they believe that disclosing such information can lead to social
stigma and discrimination. Nevertheless, such cases are now a thing of the past because ERP
system serves various purposes such as diagnosis and treatment. A good example is how
storage of expense records, workforce data, and inventory control. Consequently, this results
in more jovial customers and improved edge regarding competition.
Analysis and Evaluation of Healthcare ERP Efficiency
The significance of the HERP System
Most of the technological applications demand clinical information source which
entails longitudinal medical records of each patient served by the hospital service delivery
system (Shen, Chen, and Wang, 2016, p. 129). Accordingly, medical decisions which
enhance applications that can extract clinical data repository which offers evidence-based
information practice in the real-time to enable secure as well as effective patient care.
Provide high-quality practices: Since the growth of ERP systems is increasing at a
very fast speed, there is a constant urge to induce professionalism and best practices in the
healthcare sector. In this case, patient’s demands have increased unlike in the past times.
Currently, patients are demanding for the best services for their money. Thus it is high time
that healthcare organization strives to ensure that they meet these requirements by employing
the best enterprise application that can offer quality services.
Health Information Privacy and Security
Privacy is an underlying governing principle of the patient-practitioner relation for
efficient and effective healthcare delivery. Therefore, it is a requirement that patients share
their information with their doctors to enable correct diagnosis as well as the determination of
treatment, particularly to avert adversative drug interactions. Nonetheless, at times some
patients can refuse to disclose vital information in case of health problems like HIV and
psychiatric behavior since they believe that disclosing such information can lead to social
stigma and discrimination. Nevertheless, such cases are now a thing of the past because ERP
system serves various purposes such as diagnosis and treatment. A good example is how
Strategic Information System 9
information has been used to enhance the efficiency of healthcare systems, drive public
policy deployment as well as federal administrative levels as well as subdividing
The failure in patients’ data privacy and security is as a result of data breaches which
has led to the loss and compromise of numerous individual identifiable healthcare
information. To counteract this problem of data breaches, it is essential to analyze to
understand the source of the security failures and then come up with a special approach to
address the matter (Islam, CH, Bilal, and Ilyas, 2017, p. 2). Accordingly, through analysis of
the different breaches that have taken place shed light to conclude that a majority of these
breaches may not have happened. The ability to secure an organization’s valuable and
vulnerable resources such as information and data is not only an appropriate practice it helps
the company not to run into outburst in terms of expenses that come with the response to data
breaches, embarrassment, negative image, ultimately of trust by clients (patients) as well as
healthcare givers. Most of the time, data breaches that take place may have been avoided by
the organization laying down a suitable plan and the right security design together with the
execution of appropriate security measures.
Potential Risks and Data Breaches in ERP Technologies
Threats to Information Privacy: Threats to patient privacy and information security
can be classified into two major groups. The first one is an organizational threat which is as a
result of the inappropriate access of patient information by either interior agents or by
practitioners abusing their entitled privileges or even from outside agents exploiting the
vulnerability of information systems (Saa et al., 2017). Second, is as a result of system threats
which arise from an agent I the form of information distribution chain exploiting the
disclosed information past the intended usage.
information has been used to enhance the efficiency of healthcare systems, drive public
policy deployment as well as federal administrative levels as well as subdividing
The failure in patients’ data privacy and security is as a result of data breaches which
has led to the loss and compromise of numerous individual identifiable healthcare
information. To counteract this problem of data breaches, it is essential to analyze to
understand the source of the security failures and then come up with a special approach to
address the matter (Islam, CH, Bilal, and Ilyas, 2017, p. 2). Accordingly, through analysis of
the different breaches that have taken place shed light to conclude that a majority of these
breaches may not have happened. The ability to secure an organization’s valuable and
vulnerable resources such as information and data is not only an appropriate practice it helps
the company not to run into outburst in terms of expenses that come with the response to data
breaches, embarrassment, negative image, ultimately of trust by clients (patients) as well as
healthcare givers. Most of the time, data breaches that take place may have been avoided by
the organization laying down a suitable plan and the right security design together with the
execution of appropriate security measures.
Potential Risks and Data Breaches in ERP Technologies
Threats to Information Privacy: Threats to patient privacy and information security
can be classified into two major groups. The first one is an organizational threat which is as a
result of the inappropriate access of patient information by either interior agents or by
practitioners abusing their entitled privileges or even from outside agents exploiting the
vulnerability of information systems (Saa et al., 2017). Second, is as a result of system threats
which arise from an agent I the form of information distribution chain exploiting the
disclosed information past the intended usage.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
Strategic Information System 10
Organizational Threats: This type of threat come in different forms like a health
practitioner accessing data with no any authorised need or an external attacker (hacker) which
is likely to infiltrate the healthcare information infrastructure with the intention to steal the
information or make it inoperable (Mozaffar, Cresswell, Lee, Williams, and Sheikh, 2016, p.
25). At the inception point, such organizational threat could be are characterized as
accessibility, motives, technical capacities, and resources. About the elements, dissimilar
threats pose different risk levels to the organization. Thus it demands different prevention and
alleviation approaches (Kshetri, 2014, p. 1137). For instance, motives can be in the form of
economic or noneconomic format. In case the motives are for insurers, journalists or
employers patient records can be of both economic as well as noneconomic significance. At
the same time, some can be accompanied with noneconomic motives such as for a person to
engage themselves in romantic relationships. In the current healthcare setting which has gone
far regarding technology such as the use ERP among other health information systems, the
most prevalent threats include
Insider curiosity: When an insider has the chance to access patient data they are
likely to interfere with a patient’s records due to the curiousness or because of their reasons
such as like a nurse accessing a colleague’s data to find out about their probability of having
sexually transmitted infections; or a medical practitioners accessing possibly embarrassing
health data regarding a celebrity and channelling into through media.
Disclosure by accident: A medical practitioner can unintentionally disclose a
patient’s information to others such as sending an email message to a wrong address of the
leaking of information as a result of peer-to-peer sharing of files.
Organizational Threats: This type of threat come in different forms like a health
practitioner accessing data with no any authorised need or an external attacker (hacker) which
is likely to infiltrate the healthcare information infrastructure with the intention to steal the
information or make it inoperable (Mozaffar, Cresswell, Lee, Williams, and Sheikh, 2016, p.
25). At the inception point, such organizational threat could be are characterized as
accessibility, motives, technical capacities, and resources. About the elements, dissimilar
threats pose different risk levels to the organization. Thus it demands different prevention and
alleviation approaches (Kshetri, 2014, p. 1137). For instance, motives can be in the form of
economic or noneconomic format. In case the motives are for insurers, journalists or
employers patient records can be of both economic as well as noneconomic significance. At
the same time, some can be accompanied with noneconomic motives such as for a person to
engage themselves in romantic relationships. In the current healthcare setting which has gone
far regarding technology such as the use ERP among other health information systems, the
most prevalent threats include
Insider curiosity: When an insider has the chance to access patient data they are
likely to interfere with a patient’s records due to the curiousness or because of their reasons
such as like a nurse accessing a colleague’s data to find out about their probability of having
sexually transmitted infections; or a medical practitioners accessing possibly embarrassing
health data regarding a celebrity and channelling into through media.
Disclosure by accident: A medical practitioner can unintentionally disclose a
patient’s information to others such as sending an email message to a wrong address of the
leaking of information as a result of peer-to-peer sharing of files.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Strategic Information System 11
Data breach by internal healthcare: People inside the healthcare department can
access a patient’s information and then circulate it to the outside individuals as a form of
taking revenge on the patient’s or for material gain.
Data breach by outsiders through physical intrusion: Such scenarios happen when
an individual from outside the facility gains access to the healthcare information system
structure using intimidation or forceful entry.
Systemic Threats
Privacy constraints not only stem from outside sources of information flow buts can
also result from the system faults due to maintenance issues.
Guidelines on how to Mitigate Risks Related to ERP Technologies
It is important that healthcare organizations strive to see to it that they enhance the
integrity, confidentiality, privacy, availability of data in health care. Indeed, these aspects are
essential when it comes to securing the patient information. Information is not a mystery, but
it is built on a sequential assessment of dangers and risks that are in existence in the present
health information systems such as ERP and electronic medical record systems (Laudon, and
Laudon, 2016). In accordance to the Federal laws that regulate a patient’s privacy and
security demands that both private and public health organizations should carry out a risk
assessment process as part of their security management and enhancement course (Eden,
Sedera, and Tan, 2014, p. 3). According to the risk assessment, health organizations should
select security controls which have to be executed on a constantly monitored to reduce the
risks and vulnerabilities to the least extent. The core goal of any healthcare organization is to
support risk management process to secure the company as well as its capacity to perform its
agenda and not only its Information Technology resources.
Action Plan to Highlight Health Care Data Breaches
Data breach by internal healthcare: People inside the healthcare department can
access a patient’s information and then circulate it to the outside individuals as a form of
taking revenge on the patient’s or for material gain.
Data breach by outsiders through physical intrusion: Such scenarios happen when
an individual from outside the facility gains access to the healthcare information system
structure using intimidation or forceful entry.
Systemic Threats
Privacy constraints not only stem from outside sources of information flow buts can
also result from the system faults due to maintenance issues.
Guidelines on how to Mitigate Risks Related to ERP Technologies
It is important that healthcare organizations strive to see to it that they enhance the
integrity, confidentiality, privacy, availability of data in health care. Indeed, these aspects are
essential when it comes to securing the patient information. Information is not a mystery, but
it is built on a sequential assessment of dangers and risks that are in existence in the present
health information systems such as ERP and electronic medical record systems (Laudon, and
Laudon, 2016). In accordance to the Federal laws that regulate a patient’s privacy and
security demands that both private and public health organizations should carry out a risk
assessment process as part of their security management and enhancement course (Eden,
Sedera, and Tan, 2014, p. 3). According to the risk assessment, health organizations should
select security controls which have to be executed on a constantly monitored to reduce the
risks and vulnerabilities to the least extent. The core goal of any healthcare organization is to
support risk management process to secure the company as well as its capacity to perform its
agenda and not only its Information Technology resources.
Action Plan to Highlight Health Care Data Breaches
Strategic Information System 12
It is beyond reasonable doubts that data breaches can and must be prevented using all
possible means. Since healthcare organizations have accepted to move to a “digital”
paradigm of service delivery, it should be ready to collect keep safe and responsibly share the
patient information to protect individual healthcare information (Escobar-Rodríguez, and
Bartual-Sopena, 2015, p. 130). On the same note, it should make sure that patient information
is not compromised by attackers among other malicious insiders or unintentionally accessed,
stolen or lost. Accordingly, despite the great concentration geared on response once data has
already been breached which is more expensive to organizations yet it only does little to
remediate the losses of the persons’ whom the breach of their information has been exposed
to fraud and theft. Subsequently, it is high time that all health care providers both private and
the public who are the custodians of patient data across the world to double their efforts in
fighting against data breach (Laudal, Bjaalid, and Mikkelsen, 2017, p 11). There is need to
understand the risks related to the gathering storing and sharing sensitive personal data as
well as the various ways through which data is breached in addition to available tools and
equipment to secure the data (Kaushik, and Raman, 2015, p 65). Therefore, an expertise
mechanism has to be devised to avoid such breaches, and they have to be addressed
sufficiently in case they happen. To make this process become a successful healthcare firms
are required to appreciate the reality that no single solution is suitable for all organizations.
Thus, information security should be tailored in accordance to the type (s) plus sensitivity for
data protection, the possible risks to the data the type of information system for the
organization, both software and hardware applications and their interconnectivity.
Similarly, it should be the responsibility of all business workforce3s in healthcare
facilities with electronic information systems to understand and be in the position to
implement a periodical system auditing as it is of great significance when it comes to security
control of information systems of any kind. The most vital thing in the case of privacy and
It is beyond reasonable doubts that data breaches can and must be prevented using all
possible means. Since healthcare organizations have accepted to move to a “digital”
paradigm of service delivery, it should be ready to collect keep safe and responsibly share the
patient information to protect individual healthcare information (Escobar-Rodríguez, and
Bartual-Sopena, 2015, p. 130). On the same note, it should make sure that patient information
is not compromised by attackers among other malicious insiders or unintentionally accessed,
stolen or lost. Accordingly, despite the great concentration geared on response once data has
already been breached which is more expensive to organizations yet it only does little to
remediate the losses of the persons’ whom the breach of their information has been exposed
to fraud and theft. Subsequently, it is high time that all health care providers both private and
the public who are the custodians of patient data across the world to double their efforts in
fighting against data breach (Laudal, Bjaalid, and Mikkelsen, 2017, p 11). There is need to
understand the risks related to the gathering storing and sharing sensitive personal data as
well as the various ways through which data is breached in addition to available tools and
equipment to secure the data (Kaushik, and Raman, 2015, p 65). Therefore, an expertise
mechanism has to be devised to avoid such breaches, and they have to be addressed
sufficiently in case they happen. To make this process become a successful healthcare firms
are required to appreciate the reality that no single solution is suitable for all organizations.
Thus, information security should be tailored in accordance to the type (s) plus sensitivity for
data protection, the possible risks to the data the type of information system for the
organization, both software and hardware applications and their interconnectivity.
Similarly, it should be the responsibility of all business workforce3s in healthcare
facilities with electronic information systems to understand and be in the position to
implement a periodical system auditing as it is of great significance when it comes to security
control of information systems of any kind. The most vital thing in the case of privacy and
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
1 out of 17
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.