19 May 2003 Developing and theoretically justifying innovative organizational practices in health information assurance
Author Affiliations +
Abstract
This paper justifies and explains current efforts in the Military Health System (MHS) to enhance information assurance in light of the sociological debate between “Normal Accident” (NAT) and “High Reliability” (HRT) theorists. NAT argues that complex systems such as enterprise health information systems display multiple, interdependent interactions among diverse parts that potentially manifest unfamiliar, unplanned, or unexpected sequences that operators may not perceive or immediately understand, especially during emergencies. If the system functions rapidly with few breaks in time, space or process development, the effects of single failures ramify before operators understand or gain control of the incident thus producing catastrophic accidents. HRT counters that organizations with strong leadership support, continuous training, redundant safety features and “cultures of high reliability” contain the effects of component failures even in complex, tightly coupled systems. Building highly integrated, enterprise-wide computerized health information management systems risks creating the conditions for catastrophic breaches of data security as argued by NAT. The data security regulations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) implicitly depend on the premises of High Reliability Theorists. Limitations in HRT thus have implications for both safe program design and compliance efforts. MHS and other health care organizations should consider both NAT and HRT when designing and deploying enterprise-wide computerized health information systems.
© (2003) COPYRIGHT Society of Photo-Optical Instrumentation Engineers (SPIE). Downloading of the abstract is permitted for personal use only.
Jeff R. Collmann, "Developing and theoretically justifying innovative organizational practices in health information assurance", Proc. SPIE 5033, Medical Imaging 2003: PACS and Integrated Medical Information Systems: Design and Evaluation, (19 May 2003); doi: 10.1117/12.480454; https://doi.org/10.1117/12.480454
PROCEEDINGS
10 PAGES


SHARE
KEYWORDS
Information assurance

Defense and security

Computing systems

Computer security

Medicine

Information security

Reliability

Back to Top