Security Strategies of Electronic Health Record Systems

Author

Benjamin Gerke, Walden University

Date of Conferral

2022

Degree

Doctor of Information Technology (D.I.T.)

School

Information Systems and Technology

Advisor

Charlie Shao

Abstract

Users of electronic health record (EHR) systems lack data security mechanisms and are at risk of patient data breaches. Grounded in routine activities theory, the purpose of this qualitative case study was to explore strategies information technology security managers in the health care industry use to minimize electronic health record data breaches. The participants were nine information security managers of large, medium, and small health care organizations in the Midwest United States. Data collection included semistructured interviews and organizational documents. Through methodological triangulation, three themes emerged: (a) requirements based on government and organizational regulations, (b) implementation of best practice industry-standard security measures, and (c) emerging interoperability with a security and privacy program. A key recommendation is for information security managers to understand the motivations and triggers of positive behavior change that minimizes organizations' external and internal data breaches. The implications for positive social change include the potential to enhance the security presence and reputation of the health care organizations.

Recommended Citation

Gerke, Benjamin, "Security Strategies of Electronic Health Record Systems" (2022). Walden Dissertations and Doctoral Studies. 12691.
https://scholarworks.waldenu.edu/dissertations/12691