Key Challenges to Enabling IT in Healthcare

摘要

Information processing in healthcare demands reliable, relevant, systematic, integrated, and managed data throughout care delivery. This leads, even with IT, to increased and time-consuming activities and can cause potentially dangerous situations for the patient as important data may not be available when needed, which in turn can lead to wrong diagnostic or therapeutic decisions. Consequently, hospital IT executives must balance many competing priorities. These endeavours require, in addition to the appropriate utilisation of given IT resources, a far-sighted alignment of IT issues with objectives, and a thorough understanding of uncertainties and legal obligations. This approach to integrated IT governance, IT risk management, and IT compliance (IT GRC) in the hospital Environment is the subject of the work presented here. This investigation is associated with a survey that has been conducted in 2009 and allows therefore drawing conclusions on the progress of IT GRC management in Swiss hospitals over the last 5 years. The findings revealed that IT GRC in healthcare is still all too often seen as the realm and sole responsibility of the CIO and the IT department. The findings proved that IT GRC has not been utilized sufficiently by the executive management of many hospitals, especially the public ones. The findings revealed the reasons for a less pervasive spread of managed IT GRC can be structured into four main categories representing the greatest barriers to a successful convergence of integrated IT GRC.